news.booking.com Open in urlscan Pro
3.67.147.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://andes.andes-tec.cl/safecracking/eaves?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Effective URL:
https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Submission: On November 03 via api (November 3rd 2024, 7:03:21 am UTC) from US — Scanned from US

Summary HTTP 88 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 88 HTTP transactions. The main IP is 3.67.147.171, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is news.booking.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 23rd 2024. Valid for: a year.

This is the only time news.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	108.167.149.245 108.167.149.245	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 1	5.42.102.161 5.42.102.161	210644 (AEZA-AS) (AEZA-AS)
2	3.67.147.171 3.67.147.171	16509 (AMAZON-02) (AMAZON-02)
51	2600:9000:28a... 2600:9000:28a6:6400:15:cfc2:9880:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a05:d014:dd2... 2a05:d014:dd2:c301:bd5d:e1bb:7ad9:1a09	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::5f	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c17::8a	15169 (GOOGLE) (GOOGLE)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
2	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	2a05:d014:dd2... 2a05:d014:dd2:c300:f02b:3f62:8172:77ae	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
2	142.251.16.101 142.251.16.101	15169 (GOOGLE) (GOOGLE)
88	15

4 108.167.149.245 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: shared10.hostgator.cl

andes.andes-tec.cl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.42.102.161 (Paris, France) 1 redirects

ASN210644 (AEZA-AS, GB)
PTR: superb-alarm.aeza.network

enwars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.147.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-147-171.eu-central-1.compute.amazonaws.com

news.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2600:9000:28a6:6400:15:cfc2:9880:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.presspage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d014:dd2:c301:bd5d:e1bb:7ad9:1a09 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

manager.presspage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::8a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:dd2:c300:f02b:3f62:8172:77ae (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

api.presspage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.101 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	presspage.com content.presspage.com — Cisco Umbrella Rank: 91263 manager.presspage.com — Cisco Umbrella Rank: 190338 api.presspage.com — Cisco Umbrella Rank: 200209 Failed	2 MB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	141 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
4	andes-tec.cl 1 redirects andes.andes-tec.cl	2 KB
2	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1472	27 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	77 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498 booking-privacy.my.onetrust.com Failed	455 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	2 KB
2	booking.com news.booking.com	51 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	96 KB
1	enwars.com 1 redirects enwars.com	233 B
88	12

	Domain	Requested by
51	content.presspage.com	news.booking.com content.presspage.com
12	cdn.cookielaw.org	news.booking.com cdn.cookielaw.org
4	www.google-analytics.com	news.booking.com www.google-analytics.com www.googletagmanager.com
4	andes.andes-tec.cl	1 redirects andes.andes-tec.cl
2	platform.twitter.com	andes.andes-tec.cl platform.twitter.com
2	connect.facebook.net	andes.andes-tec.cl connect.facebook.net
2	geolocation.onetrust.com	cdn.cookielaw.org
2	fonts.googleapis.com	content.presspage.com
2	cdn.jsdelivr.net	content.presspage.com
2	manager.presspage.com	news.booking.com
2	news.booking.com	content.presspage.com
1	www.googletagmanager.com	www.google-analytics.com
1	api.presspage.com	content.presspage.com
1	enwars.com	1 redirects
0	booking-privacy.my.onetrust.com Failed	cdn.cookielaw.org
88	15

This site contains links to these domains. Also see Links.

Domain
www.booking.com
capsulenz.com
www.destinationnsw.com.au
curlytales.com
www.moneycontrol.com
www.countryliving.com
www.travelpulse.com
www.glasgowtimes.co.uk
www.elliott.org
www.timeout.com
www.timesnownews.com
www.stuff.co.nz
www.traveltalkmag.com.au
eu.usatoday.com
www.forbes.com
www.nationalgeographic.com
www.travelweekly.com
www.remixmagazine.com
www.mirror.co.uk
www.nzherald.co.nz
eglobaltravelmedia.com.au
travelnoire.com
www.hotelnewsresource.com
nl.linkedin.com
www.facebook.com
www.instagram.com
www.tiktok.com
www.linkedin.com

Subject Issuer	Validity	Valid
andes.andes-tec.cl R11	`2024-10-06` - `2025-01-04`	3 months	crt.sh
news.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
*.presspage.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-20` - `2025-09-14`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-24` - `2025-07-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Frame ID: 5C3BDD0BF67B8E4A27590AA29F21A0CB
Requests: 87 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fnews.booking.com
Frame ID: 376692AE21654E7C0A9981E6FB16B518
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booking.com: Press

Page URL History Show full URLs

https://andes.andes-tec.cl/safecracking/eaves?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN HTTP 301
https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN Page URL
https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN Page URL
https://enwars.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN HTTP 302
https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN Page URL
https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

88
Requests

98 %
HTTPS

60 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

2643 kB
Transfer

8102 kB
Size

13
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.booking.com/

Search URL Search Domain Scan URL

URL: https://capsulenz.com/do/intergenerational-travel/
Title: THIS Is The Secret To Having A Great Holiday…opens in new window

Search URL Search Domain Scan URL

URL: https://www.destinationnsw.com.au/newsroom/sydney-named-one-of-the-world-s-most-sustainable-cities
Title: Sydney named one of the world's most sustainable citiesopens in new window

Search URL Search Domain Scan URL

URL: https://curlytales.com/80-of-indian-travellers-are-embracing-solo-travel-here-are-the-most-ideal-locations/
Title: 80% Of Indian Travellers Are Embracing Solo Travel; Here Are The Most Ideal Locationsopens in new window

Search URL Search Domain Scan URL

URL: https://www.moneycontrol.com/travel/tourism-ministry-working-on-visa-on-arrival-to-promote-india-as-a-global-destination-gajendra-singh-shekhawat-article-12843884.html
Title: Tourism ministry working on visa-on-arrival to promote India as a global destination: Gajendra Singh Shekhawatopens in new window

Search URL Search Domain Scan URL

URL: https://www.countryliving.com/uk/travel-ideas/abroad/g62600650/best-places-to-see-northern-lights/
Title: The world's best places to see the Northern Lightsopens in new window

Search URL Search Domain Scan URL

URL: https://www.travelpulse.com/news/features/spending-kids-inheritance-and-boys-ii-zen-trips-are-the-trends-to-watch-in-2025
Title: Spending Kids Inheritance and Boys II Zen Trips Are The Trends to Watch in 2025opens in new window

Search URL Search Domain Scan URL

URL: https://www.glasgowtimes.co.uk/news/national/uk-today/24655470.holiday-time-booking-com-shares-2025-travel-predictions/
Title: Holiday time? Booking.com shares 2025 travel predictionsopens in new window

Search URL Search Domain Scan URL

URL: https://www.travelpulse.com/news/features/four-award-winning-female-travelers-share-their-favorite-solo-travel-destinations
Title: Four Award-Winning Female Travelers Share Their Favorite Solo Travel Destinationsopens in new window

Search URL Search Domain Scan URL

URL: https://www.elliott.org/destinations/how-do-you-define-sustainability-in-gothenburg-sweden-its-everywhere/#google_vignette
Title: How do you define sustainability? In Gothenburg, Sweden, it’s everywhereopens in new window

Search URL Search Domain Scan URL

URL: https://www.timeout.com/australia/hotels/secluded-retreat-in-noosa-hinterland
Title: Secluded Retreat in Noosa Hinterlandopens in new window

Search URL Search Domain Scan URL

URL: https://www.timesnownews.com/travel/news/india-emerges-as-the-new-hot-spot-for-global-travellers-article-114107868
Title: India Emerges As The New Hot Spot For Global Travellersopens in new window

Search URL Search Domain Scan URL

URL: https://www.stuff.co.nz/travel/350443788/would-you-travel-13-family-members-kiwi-family-tried-it-vietnam
Title: Would you travel with 13 family members? These Kiwis tried it in Vietnamopens in new window

Search URL Search Domain Scan URL

URL: https://www.traveltalkmag.com.au/b-corp-certification-gains-momentum-in-travel-industry/
Title: B Corp certification gains momentum in travel industryopens in new window

Search URL Search Domain Scan URL

URL: https://eu.usatoday.com/story/travel/2024/10/07/climate-change-overtourism-tourist-taxes-travel/75512123007/
Title: Many destinations are raising tourist taxes, but are they accomplishing their goal?opens in new window

Search URL Search Domain Scan URL

URL: https://www.forbes.com/sites/christopherelliott/2024/10/05/how-this-swedish-city-became-one-of-the-worlds-most-sustainable-places/
Title: How This Swedish City Became One Of The World’s Most Sustainable Placesopens in new window

Search URL Search Domain Scan URL

URL: https://www.nationalgeographic.com/travel/article/experience-worlds-most-remote-destinations
Title: 6 of the world's most remote destinations to test your inner adventureropens in new window

Search URL Search Domain Scan URL

URL: https://www.travelweekly.com/Thought-Leadership/Spain-The-Importance-of-Sustainability-in-Selling-Travel/366758
Title: The Importance of Sustainability in Selling Travelopens in new window

Search URL Search Domain Scan URL

URL: https://www.remixmagazine.com/lifestyle/how-to-spend-the-perfect-labour-weekend-in-queenstown-with-friends/
Title: How to spend the perfect Labour Weekend in Queenstown with friendsopens in new window

Search URL Search Domain Scan URL

URL: https://www.mirror.co.uk/3am/celebrity-news/huge-american-rapper-opening-up-33779058
Title: Huge American rapper opening up lavish mansion for fans to stay in at a bargain priceopens in new window

Search URL Search Domain Scan URL

URL: https://www.nzherald.co.nz/rotorua-daily-post/news/school-holidays-rotorua-third-on-list-for-kiwis-to-visit-mount-maunganui-fourth-in-trending-destinations/V2G6PJFV75EADPLTTSMPFSZM54/
Title: School holidays: Rotorua third on list for Kiwis to visit, Mount Maunganui fourth in ‘trending destinations’opens in new window

Search URL Search Domain Scan URL

URL: https://eglobaltravelmedia.com.au/2024/09/28/balinese-resort-unveils-new-sleep-package-for-sweet-dreams/
Title: Balinese Resort Unveils New Sleep Package for Sweet Dreamsopens in new window

Search URL Search Domain Scan URL

URL: https://travelnoire.com/kid-vacations
Title: What Your Kids Really Want To Do on Vacationopens in new window

Search URL Search Domain Scan URL

URL: https://www.hotelnewsresource.com/article133371.html
Title: Journey to Net Zero: Challenges and Solutions in Hotel Sustainabilityopens in new window

Search URL Search Domain Scan URL

URL: http://nl.linkedin.com/company/booking.com
Title: Visit our LinkedIn page (opens in new window)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bookingcom/
Title: Visit our Facebook page (opens in new window)

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bookingcom/?hl=en
Title: (opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@bookingcom?lang=en
Title: (opens in new window)

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/booking.com/
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://andes.andes-tec.cl/safecracking/eaves?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN HTTP 301
https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN Page URL
https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN Page URL
https://enwars.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN HTTP 302
https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN Page URL
https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://andes.andes-tec.cl/safecracking/eaves?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN HTTP 301
https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Request Chain 2

https://enwars.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN HTTP 302
https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
andes.andes-tec.cl/safecracking/eaves/
Redirect Chain

https://andes.andes-tec.cl/safecracking/eaves?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

4 KB
2 KB

80ms
79ms

Document
text/html

108.167.149.245
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.149.245 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: shared10.hostgator.cl
Software: Apache /
Resource Hash: 15c330082151e3b92144c3fb764eec2d1687f57b9a272e715bb0a0a9dc1132d9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 1672
content-type: text/html; charset=UTF-8
date: Sun, 03 Nov 2024 07:03:14 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-length: 290
content-type: text/html; charset=iso-8859-1
date: Sun, 03 Nov 2024 07:03:14 GMT
location: https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
server: Apache

GET
H2 200 / Show response
andes.andes-tec.cl/safecracking/eaves/ 96 B
143 B 406ms
405ms Document
text/html 108.167.149.245
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Requested by: Host: andes.andes-tec.cl
URL: https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.149.245 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: shared10.hostgator.cl
Software: Apache /
Resource Hash: 461da126968e85497d7329b284859f6e9ec4540705f380e06b575e0edcb1a2e5

Request headers

Referer: https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 114
content-type: text/html; charset=UTF-8
date: Sun, 03 Nov 2024 07:03:14 GMT
server: Apache
vary: Accept-Encoding

GET
H2

200

/ Show response
news.booking.com/
Redirect Chain

https://enwars.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

126 KB
25 KB

698ms
290ms

Document
text/html

3.67.147.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.67.147.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-147-171.eu-central-1.compute.amazonaws.com

Software

Resource Hash

4b0e052e49b8090be1bc010aae7417725ea7e4dfa0fea4991addc6e0b8706a88

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .booking.com .presspage.com; connect-src 'self' .presspage.com https://region1.google-analytics.com .cookielaw.org .onetrust.com .doubleclick.net https://www.google-analytics.com .nr-data.net .booking.com https://.hotjar.com https://.hotjar.io; font-src 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://.typekit.net .presspage.com https://content.presspage.com .booking.com data:; frame-src 'self' .hotjar.com https://cdn.embedly.com https://.twitter.com https://syndication.twitter.com https://.facebook.com https://.google.com https://.youtube.com https://.pinterest.com https://.fls.doubleclick.net https://.doubleclick.net .booking.com; img-src 'self' .presspage.com https://.url2png.com .twimg.com .bstatic.com https://.vimeocdn.com .ytimg.com https://i.embed.ly https://www.googletagmanager.com https://content.presspage.com https://static.licdn.com https://.linkedin.com https://.twitter.com https://syndication.twitter.com https://.pinterest.com https://t.co https://bat.bing.com https://www.google-analytics.com https://stats.g.doubleclick.net https://.google.com https://.google.nl .booking.com data:; script-src 'self' 'unsafe-inline' .presspage.com .cookielaw.org https://geolocation.onetrust.com .hotjar.com https://content.presspage.com https://.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://js-agent.newrelic.com https://.facebook.net https://.linkedin.com https://.google.com https://bam.nr-data.net https://.pinterest.com https://.google-analytics.com https://.googleadservices.com https://.bing.com https://.ads-twitter.com https://.googletagmanager.com https://googleads.g.doubleclick.net .booking.com; style-src 'self' 'unsafe-inline' .presspage.com .jsdelivr.net https://fonts.googleapis.com https://.twitter.com https://maxcdn.bootstrapcdn.com https://.typekit.net https://syndication.twitter.com https://.twimg.com https://content.presspage.com .booking.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' *.booking.com *.presspage.com; connect-src 'self' *.presspage.com https://region1.google-analytics.com *.cookielaw.org *.onetrust.com *.doubleclick.net https://www.google-analytics.com *.nr-data.net *.booking.com https://*.hotjar.com https://*.hotjar.io; font-src 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://*.typekit.net *.presspage.com https://content.presspage.com *.booking.com data:; frame-src 'self' *.hotjar.com https://cdn.embedly.com https://*.twitter.com https://syndication.twitter.com https://*.facebook.com https://*.google.com https://*.youtube.com https://*.pinterest.com https://*.fls.doubleclick.net https://*.doubleclick.net *.booking.com; img-src 'self' *.presspage.com https://*.url2png.com *.twimg.com *.bstatic.com https://*.vimeocdn.com *.ytimg.com https://i.embed.ly https://www.googletagmanager.com https://content.presspage.com https://static.licdn.com https://*.linkedin.com https://*.twitter.com https://syndication.twitter.com https://*.pinterest.com https://t.co https://bat.bing.com https://www.google-analytics.com https://stats.g.doubleclick.net https://*.google.com https://*.google.nl *.booking.com data:; script-src 'self' 'unsafe-inline' *.presspage.com *.cookielaw.org https://geolocation.onetrust.com *.hotjar.com https://content.presspage.com https://*.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://js-agent.newrelic.com https://*.facebook.net https://*.linkedin.com https://*.google.com https://bam.nr-data.net https://*.pinterest.com https://*.google-analytics.com https://*.googleadservices.com https://*.bing.com https://*.ads-twitter.com https://*.googletagmanager.com https://googleads.g.doubleclick.net *.booking.com; style-src 'self' 'unsafe-inline' *.presspage.com *.jsdelivr.net https://fonts.googleapis.com https://*.twitter.com https://maxcdn.bootstrapcdn.com https://*.typekit.net https://syndication.twitter.com https://*.twimg.com https://content.presspage.com *.booking.com
content-type: text/html; charset=UTF-8
date: Sun, 03 Nov 2024 07:03:16 GMT
expires: Sun, 03 Nov 2024 07:32:23 GMT
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
last-modified: Sun, 03 Nov 2024 07:02:23 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 03 Nov 2024 07:03:15 GMT
Location: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Server: nginx/1.26.1

GET
H2 200 favicon.ico
andes.andes-tec.cl/ 1 B
73 B 60ms
59ms Other
text/html 108.167.149.245
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://andes.andes-tec.cl/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.149.245 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: shared10.hostgator.cl
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Response headers

content-length: 21
content-encoding: gzip
date: Sun, 03 Nov 2024 07:03:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Apache

GET
H2 200 modules.min_v21.css
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/ 128 KB
27 KB 254ms
69ms Stylesheet
text/css 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/modules.min_v21.css

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05a65a6a57bbabf00017beca88e6f94745c9ff8438edc8ff7df31a44fa5f3838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
etag: W/"4d72d3041ba47ae72d8c66bddefbc0d1"
age: 1499
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Uzms4J77hc3JxoyFUJv1X_0ZyqmXo5GsF6BVETuoFXC0jyxQ_rw2tg==
date: Sun, 03 Nov 2024 06:38:18 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 jquery-min.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/ 87 KB
32 KB 336ms
152ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/jquery-min.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age: 67859
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: hik22Hkkel91ManVJyfXZERi-a6UA6RB3TIhSIk52JgJ4hyWLRouRA==
date: Sat, 02 Nov 2024 12:12:18 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 plugins_v4.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/ 34 KB
11 KB 373ms
189ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/plugins_v4.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bbc4ed2659f3ef8b9303fbfed2529077332277b5e6be563e32b19026a3b1d001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"83611ebe0b1483565c6f5f1d64c95f54"
age: 5120
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: T-fdP-2x38YD6WVNoOAXXH-00p30R39LXF4Cm5tyVXnIvfLpPbxnNw==
date: Sun, 03 Nov 2024 05:37:57 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cookie.min.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/ 2 KB
1 KB 373ms
190ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/cookie.min.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7e06879de9b9038485d6c5188d0a9e7c903ee23486fa2aa9d63f24ebae1effc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
etag: W/"890702ae897ccf4792b2cb32fd8246b1"
age: 76240
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: BTcrrGJYTj7qodAAEg820SWZ-l1HphMEO--wdGXaDLyH7GAsqxf8eA==
date: Sat, 02 Nov 2024 09:52:37 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/ 5 KB
2 KB 125ms
50ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/OtAutoBlock.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9939a9bee9ae4b72742cf599502a31beed5e8634c8ce254ac957fda9c7b13438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: 78m6XRhDvYlOKe6QSG+rlA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCCBFC19B4AB59
age: 33448
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Mon, 04 Nov 2024 07:03:16 GMT
date: Sun, 03 Nov 2024 07:03:16 GMT
content-type: application/javascript
last-modified: Tue, 03 Sep 2024 09:38:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 3696f4ed-701e-002a-1b4c-26e6cf000000
cf-ray: 8dca80e9af6a7449-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2044
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 119ms
45ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCFAE4A54821C4
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 419
x-content-type-options: nosniff
date: Sun, 03 Nov 2024 07:03:16 GMT
content-type: application/javascript
last-modified: Sat, 02 Nov 2024 02:18:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: e6162d8b-a01e-00e4-3b43-2d8080000000
cf-ray: 8dca80e9af6b7449-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7212
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ppcookieintegration.js Show response
content.presspage.com/templates/219/685/784587/ 2 KB
1 KB 61ms
61ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/ppcookieintegration.js?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

98447f99e2bdf1965ed9a6a5a89d75ab580dc3f3d33c9fc09f2fd7190878b7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
x-amz-meta-client-id: 685
etag: W/"28746ab023879d131b52ad79fcc2fc9b"
x-amz-version-id: 3uLp6JVfdfyKd38.TdGYQyPTmGw.JG2u
age: 399525
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: v4HLx2KUOr-Own54ZzCY6T6mtdv_hYPYTJ98Jtl9Jq4J_9PFAPzHLA==
date: Tue, 29 Oct 2024 16:04:33 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Wed, 08 May 2024 14:24:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-onetrust-integration.js Show response
content.presspage.com/templates/219/685/784587/ 443 B
1 KB 61ms
60ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-onetrust-integration.js?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

91d475df95a13f2a95a797b265f689a231d58f05c40d1f251e56d9ea82106c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "d8aecf7606174b2630600cd9f59ccf57"
x-amz-version-id: 9hPlOEY4qhzCPjUtIK7xw0jw7K2HLVt4
age: 399525
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: 7wsx95pGzdLT64jeGeZq4C9YOtWNheHMgj7u31oOqJrfm925xyC7bQ==
date: Tue, 29 Oct 2024 16:04:33 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 14:24:28 GMT
x-amz-meta-template-id: 784587
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
vary: Origin
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 443
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-vt-core-v3:latest.min.css
content.presspage.com/vanilla-template/ 369 KB
47 KB 305ms
122ms Stylesheet
text/css 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.css?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e049dcefc9390e7c8f8bcc2c090183ed556dd941f6b6a559a3ca09b472e67b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
x-amz-version-id: QWRfkFnVet10RgVkSwDKxaZOPE5Q1gLp
etag: W/"9a2c33c9131f3900fa104d12d273ffcf"
age: 212753
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: lAYjiU1YzziP3o7Cgw3Wsa0BWrrxaOAHyRVR6kAB4aIFFVJ1Q_IMIA==
date: Thu, 31 Oct 2024 19:57:24 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Tue, 24 Sep 2024 13:23:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-booking-settings.min.css
content.presspage.com/templates/219/685/784587/ 22 KB
5 KB 324ms
141ms Stylesheet
text/css 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd381dee23980bbf1843495a2723edc81adf7a3a13cf888f3b9f9cae7ee31cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
x-amz-meta-client-id: 685
x-amz-version-id: 28hCOtot274qri.P949Kx0JKFCaQLRYW
etag: W/"e8e08c6db5b8944a75ca5a38ccf8a855"
age: 399524
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: XkjQ3i-oKtucW7axJtFul9wWtWoGMt53mcMHsGdS1YQg15QSBGWMAg==
date: Tue, 29 Oct 2024 16:04:33 GMT
content-type: text/css
vary: accept-encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Wed, 05 Jun 2024 12:37:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-booking-settings.min.js Show response
content.presspage.com/templates/219/685/784587/ 10 KB
4 KB 62ms
61ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.js?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fdcd6a3c237da227932e17729d84e3fb548efd01a8233765370970a024b13419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
x-amz-meta-client-id: 685
etag: W/"a1b5466367e9dcf3cce2720b78df0c01"
x-amz-version-id: eYhLsVF7dyhnojq_4PHLs3O8X1NGj6Nr
age: 399525
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: QMhN78jyhU4vdn9Zr0DCKB9vSn5NezqA6ctUMnYH1aemiedr2BOkCw==
date: Tue, 29 Oct 2024 16:04:33 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Wed, 05 Jun 2024 12:37:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-booking-locale-global-us.min.js Show response
content.presspage.com/templates/219/685/784587/ 3 KB
2 KB 64ms
63ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-booking-locale-global-us.min.js?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fdfc9343fa42ebdc2647c0e00f07542644f5c8d1b02058f04ee76fb617bac761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
x-amz-meta-client-id: 685
etag: W/"5e60124fbe47241780a8ee2318509a72"
x-amz-version-id: iaoV1v1_z3vBZnKbzCERWf5BBj9r4Vx5
age: 442824
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: lFWbNWpc8H9qXUYHp3DKS7ODWfezSfZZr_xYMWiJ0DVynCwrrHUdvQ==
date: Tue, 29 Oct 2024 04:02:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Thu, 30 May 2024 12:48:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-vt-core-v3:latest.min.js Show response
content.presspage.com/vanilla-template/ 18 KB
5 KB 63ms
63ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.js?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2f61510b69aea56c0200a96089fe33e2751ecba1b6cfa4d5f85c11ea2d953bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
x-amz-version-id: eL4PSV.PXiA61OtX1FIwKYPSE5sldeAf
etag: W/"934600648fec6aa3652d7675e1cdd3ba"
age: 483740
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 7JS1K5axPEab6LUDSi20FYmgfL-f_O4c-LCAeNMXoLUp3Ic1FumzpA==
date: Mon, 28 Oct 2024 16:40:58 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 24 Sep 2024 13:23:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 blank.gif
manager.presspage.com/images/ 49 B
250 B 458ms
144ms Image
image/gif 2a05:d014:dd2:c301:bd5d:e1bb:7ad9:1a09
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manager.presspage.com/images/blank.gif
Requested by: Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d014:dd2:c301:bd5d:e1bb:7ad9:1a09 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

cache-control: max-age=3600, public
etag: "6721f206-31"
expires: Sun, 03 Nov 2024 08:03:17 GMT
accept-ranges: bytes
content-length: 49
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: image/gif
last-modified: Wed, 30 Oct 2024 08:44:54 GMT

GET
H2 200 modules.min.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/ 25 KB
8 KB 117ms
116ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/modules.min.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cd3c00afc865a5b01a328a22d1c84058efd7e76fe3b1eb79bb7669a1f9e2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"f944b9c4be7e09c7aca915407564ffbb"
age: 74679
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: jWHg75VoC__MN2bdYCNz1bLWwNGCf2Fp_xL22dy5FJzp9JQhzrPyoQ==
date: Sat, 02 Nov 2024 10:18:38 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 db9be2d3-b529-44d8-a87e-5b8c48e22eeb.json Show response
cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/ 6 KB
3 KB 114ms
52ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/db9be2d3-b529-44d8-a87e-5b8c48e22eeb.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed06b6ff7398644229001c37d986b3fbcf9bc6111f14641bb7e79f41efe2b6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: Tb3r2WRMCdtPYuL739rVGQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCCBFC19B719AB
age: 33449
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Mon, 04 Nov 2024 07:03:17 GMT
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: application/json
last-modified: Tue, 03 Sep 2024 09:38:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 7b767800-d01e-00af-634c-26b11a000000
cf-ray: 8dca80ec0ec28dba-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1997
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 flag-icons.min.css
cdn.jsdelivr.net/gh/lipis/flag-icons@6.6.6/css/ 27 KB
2 KB 148ms
31ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/lipis/flag-icons@6.6.6/css/flag-icons.min.css

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.css?5629202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5de11e2e3c7322ba096d84edbf8adac8c9a8c2022af224f1c6bdc25d658ad5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://content.presspage.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"6b06-ORz8HGhNFX0/RE7iSGg/nKhGlV0"
age: 3346897
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230101-FRA, cache-mia-kmia1760049-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1746
x-jsd-version: 6.6.6

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
2 KB 207ms
74ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Roboto:wght@400;700&display=swap

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?5629202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b82e567b32dbc17ba3c07a30656c9ae21f7cdf3511d24e5ac95dd9257ff73156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://content.presspage.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 07:03:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 03 Nov 2024 07:03:17 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 118ms
50ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://news.booking.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8dca80eccfd75c5f-MIA
access-control-allow-origin: *
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 c800_booking.comenhancestravelplanningwithnewaipoweredfeaturesforeasiersmarterdecisions.jpg
content.presspage.com/uploads/685/1f08bb82-7488-4f95-949e-c42ac72ad425/ 104 KB
105 KB 67ms
66ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/1f08bb82-7488-4f95-949e-c42ac72ad425/c800_booking.comenhancestravelplanningwithnewaipoweredfeaturesforeasiersmarterdecisions.jpg?79549

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de0d683956b0c1984ee72042647828918f24852cf1e745e8b2aa78b9bd25c463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "9a1a012f20dc58b4b383897b8b382429"
x-amz-version-id: HIRF7toB44lj9msE6LNAkV0xsU3RKpGW
age: 340927
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: Gb1yy6EXBiNjJipRaSE9D5ecMSOTLuLqAchq8Xbw8qt-GIAoFCb3fQ==
date: Wed, 30 Oct 2024 08:21:11 GMT
content-type: image/jpeg
last-modified: Tue, 29 Oct 2024 13:23:41 GMT
vary: Origin
x-amz-meta-height: 472
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 106352
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_sustainabilityprogramforaccommodationpartners3.jpg
content.presspage.com/uploads/685/1a9d71ea-8c3c-46f8-86ff-87572608eaa9/ 109 KB
110 KB 65ms
64ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/1a9d71ea-8c3c-46f8-86ff-87572608eaa9/c800_sustainabilityprogramforaccommodationpartners3.jpg?92069

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

62c045ad232f63a02d0316089fda58d7a7e7a330d5095f072ab0981b4777bb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "a76e9ff51e93e9a7ae7da2074bcd52b2"
x-amz-version-id: IlLrLb0TZEzzJQ.LGf.SCuXPo25TMIFo
age: 495300
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: kYEseTUhXCV81A0xiBPKHgq6IsdgXEm4lQWhUi0Az4e8yXmxn4FpFw==
date: Mon, 28 Oct 2024 13:28:18 GMT
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 11:28:17 GMT
vary: Origin
x-amz-meta-height: 362
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 111373
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_booking.comholidayhomeoutlookexpertsandtodd2.jpg
content.presspage.com/uploads/685/ad9b4f7d-2670-4461-9b75-83b7063ed29c/ 76 KB
77 KB 134ms
134ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/ad9b4f7d-2670-4461-9b75-83b7063ed29c/c800_booking.comholidayhomeoutlookexpertsandtodd2.jpg?95981

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d720a8e0f3d3a28a7346812dbf4ea5c1bcdfaa77b968ff7d27d607d6c9b08af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "a21f6720fed95ed6c2f7a41cfd32757a"
x-amz-version-id: tvTzIzxLam1rVNM9ypu.RgGFOG6P67W8
age: 405986
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: Zlrgn_lUqJ5m1vRULMrKYLkvXuzlH5hHEe15i21kGwlgRo3c3BlBiw==
date: Tue, 29 Oct 2024 14:16:52 GMT
content-type: image/jpeg
last-modified: Mon, 23 Sep 2024 10:41:27 GMT
vary: Origin
x-amz-meta-height: 287
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 78234
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_tromsonorway-credits-booking.comcopygettyimages-159597813.jpg
content.presspage.com/uploads/685/8f069b23-34c5-44c9-81bc-3b947bfbe140/ 133 KB
134 KB 191ms
191ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/8f069b23-34c5-44c9-81bc-3b947bfbe140/c800_tromsonorway-credits-booking.comcopygettyimages-159597813.jpg?75849

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b78b55f701e2ed6c9f0b5742387689551628063c39b4300d5f1b4b8c6579539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "ccde8da2c21da93b299001383cac4236"
x-amz-version-id: EWSRL3k9pTxEEMYJnM6bpkqf1tzf29Q_
age: 305530
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: MLmRrXlvpMRglnDqgSG_x5c3W44quf393mEEHkg0sP4_ni2ggNSeiA==
date: Wed, 30 Oct 2024 18:11:08 GMT
content-type: image/jpeg
last-modified: Mon, 14 Oct 2024 09:37:08 GMT
vary: Origin
x-amz-meta-height: 329
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 136349
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_shoppingforproduceingrocerystore-leadimage.jpg
content.presspage.com/uploads/685/8468f853-ca03-4568-a9c2-cbe69e8102b2/ 105 KB
106 KB 157ms
157ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/8468f853-ca03-4568-a9c2-cbe69e8102b2/c800_shoppingforproduceingrocerystore-leadimage.jpg?79371

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3c22847f17b7533b7aea11f3378b22e808ad7719b3fac5551018018154824c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "e3829f56b45513b31f70f0693e173c72"
x-amz-version-id: CN89L6tNEXJ96tX5DLbTtSnCnosSBJrq
age: 305531
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: 7Hd75DqAMcZ9CV-a_scEl4TfPDR9Xbngb7I9Mje9Ql07fs0QMqH0nA==
date: Wed, 30 Oct 2024 18:11:07 GMT
content-type: image/jpeg
last-modified: Mon, 07 Oct 2024 08:28:50 GMT
vary: Origin
x-amz-meta-height: 297
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 107939
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_internationalcoffeeday.jpg
content.presspage.com/uploads/685/7a2d3856-e8dd-48a3-8b6c-dc8825c88c11/ 85 KB
85 KB 181ms
181ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/7a2d3856-e8dd-48a3-8b6c-dc8825c88c11/c800_internationalcoffeeday.jpg?50424

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

69a7f7e3df023cbb78c479e37f83c063a2de91bcca7b2af348535169ceb087c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "3457e5e074a0317f0f8ddf68a761d6c1"
x-amz-version-id: 9iIIOE4pZk0siPYN3FOG5_WZhmD.U60u
age: 913876
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: _BMJt--Rg9lQQgEu2utmpq64WY1XsFgQ6ZdzDvrD9jrnb1glL2TbAA==
date: Wed, 23 Oct 2024 17:12:02 GMT
content-type: image/jpeg
last-modified: Thu, 05 Sep 2024 14:31:21 GMT
vary: Origin
x-amz-meta-height: 335
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 86636
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp_iconfont.woff
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/fonts/pp_iconfont/fonts/ 27 KB
28 KB 192ms
70ms Font
binary/octet-stream 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/fonts/pp_iconfont/fonts/pp_iconfont.woff

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/modules.min_v21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e1cb499a9f98e88ff46f57371fd3e6dc5b4b873523a0fed081325dd32686c636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://news.booking.com
Referer: https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/modules.min_v21.css

Response headers

access-control-max-age: 3000
etag: "a473e92dd3cf7a4394d5c9082989cf5d"
age: 67513
access-control-allow-methods: GET
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: a6n4LaXDu5UMe9hGnfcAujyeXvk8zjf7WUkSBRuAGqf9cfqbt5u3pQ==
date: Sat, 02 Nov 2024 12:18:05 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 30 Oct 2024 08:50:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3ae11a9b839883207a82a478aa43a33a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27580
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-icons.ttf
content.presspage.com/templates/50/2372/465298/ 456 KB
244 KB 247ms
124ms Font
font/ttf 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/50/2372/465298/pp-icons.ttf?yprlij

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?5629202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://news.booking.com
Referer: https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?5629202

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: JhXUiRW2CfKNeVf3aK7o5lm8_v7msCrx
etag: W/"ff34ce45bb9343306fa032539cf2416d"
age: 45773
access-control-allow-methods: GET
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 0r7oKVwkjptjwCsz9uxLWM0KlxwiIR2Zw3obiuIJAlMxm7GfSiRL_Q==
date: Sat, 02 Nov 2024 18:20:25 GMT
content-type: font/ttf
vary: accept-encoding
last-modified: Tue, 05 Mar 2024 10:27:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3ae11a9b839883207a82a478aa43a33a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 booking_logo--white.svg
content.presspage.com/templates/50/2962/744836/ 8 KB
4 KB 185ms
184ms Image
image/svg+xml 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/templates/50/2962/744836/booking_logo--white.svg?1

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

93af691b38b1e92c465c2caf67d0eb843b57c51dd2c50ce8509b3fbb504d1f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"c96f081503685a634a214f711504ee55"
x-amz-version-id: ZX7Wxj3m55ftK4lNlay47ImN6A64Kky7
age: 84772
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: rxtOR2dvM-QrmCsr_6sZWR2I2vC7quddflLfzGi71d0Ey3lksEW13A==
date: Sat, 02 Nov 2024 20:03:20 GMT
content-type: image/svg+xml
vary: accept-encoding, Origin
last-modified: Tue, 05 Mar 2024 10:28:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 booking_logo--blue.svg
content.presspage.com/templates/50/2962/744836/ 8 KB
4 KB 186ms
185ms Image
image/svg+xml 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/templates/50/2962/744836/booking_logo--blue.svg?1

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

98220a088c7193dcb97447e7d9bb6b94d289d121f4eadc418832c5242702a54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
etag: W/"c34097669b28d5ad8e42fd5f70870e54"
x-amz-version-id: UA0sZqdzfNTb4tbeDV1GmaQi6fnGrzbf
age: 79691
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: WvCq60K3hb4vmTsYr6dNV1MByAD4y5kQ5-9lLELqv8rMJj8TeLkCXg==
date: Sat, 02 Nov 2024 08:55:06 GMT
content-type: image/svg+xml
vary: accept-encoding, Origin
last-modified: Tue, 05 Mar 2024 10:28:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202408.1.0/ 453 KB
110 KB 43ms
43ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b56e45e770416d91dd83f5a7375794aee5667293cd54219b3d4c17997e885f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: cSmNeMyDkvSieWRwSFHuAQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 50848
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=464200
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 03:34:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 6b6641f2-401e-0066-1c0b-2421d0000000
cf-ray: 8dca80ed49377449-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

POST track-visits
api.presspage.com/statistics/v0/ 0
0

GET
H2 200 c1920_destinationsperfectforthespiritualseekers.jpg
content.presspage.com/uploads/685/1691002b-5939-4ee7-af2b-802b9ab53af3/ 268 KB
269 KB 155ms
154ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/1691002b-5939-4ee7-af2b-802b9ab53af3/c1920_destinationsperfectforthespiritualseekers.jpg?65211

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "d67f958faa606bac00a1617a3ff48b49"
x-amz-version-id: Z3OCEDnvAyMzMjfY5tg3lfj8.L0hKTA.
age: 124368
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: udRf4GVmM11nFVFrbfzsJ7BXvXyRHHD81maixKfoDbnfzpGvamh8NA==
date: Fri, 01 Nov 2024 20:30:30 GMT
content-type: image/jpeg
last-modified: Mon, 07 Oct 2024 10:02:45 GMT
vary: Origin
x-amz-meta-height: 831
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 1920
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 274801
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/0191998d-4ea0-7a35-bbae-232aa21682f6/ 56 KB
14 KB 50ms
50ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/0191998d-4ea0-7a35-bbae-232aa21682f6/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e92755cb795e343e5aaba649a11bc52d2a46a72912baac420cbd1f8b2e290d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: B0dDPkFyjhrmi8ObAg9UBA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCCBFC1BE47FCF
age: 64265
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Mon, 04 Nov 2024 07:03:17 GMT
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: application/json
last-modified: Tue, 03 Sep 2024 09:38:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 9d349605-701e-006e-794c-263aa3000000
cf-ray: 8dca80edefae8dba-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14461
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 c1920_ux-noctur-ism-generic-credits-booking.comcopygettyimages-961007550.jpg
content.presspage.com/uploads/685/8513e1a7-56ff-4a6c-a002-809338792afb/ 358 KB
359 KB 85ms
85ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/8513e1a7-56ff-4a6c-a002-809338792afb/c1920_ux-noctur-ism-generic-credits-booking.comcopygettyimages-961007550.jpg?94470

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "62628c54fc70f65a8cfd727f4480fc08"
x-amz-version-id: znkgsWD_TBdJLkCDjrkspD2d5DkM0tCu
age: 424378
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: LT0XJfw4TIHWcPdKGBjcMvSaZdvJgnTIYOhor3axdfqmlDmRzR6OpQ==
date: Tue, 29 Oct 2024 09:10:20 GMT
content-type: image/jpeg
last-modified: Mon, 14 Oct 2024 10:20:39 GMT
vary: Origin
x-amz-meta-height: 746
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 1920
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 366335
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c1920_halloween-2.jpg
content.presspage.com/uploads/685/084403fb-be87-4226-9e2b-253e049e1819/ 523 KB
524 KB 75ms
74ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/084403fb-be87-4226-9e2b-253e049e1819/c1920_halloween-2.jpg?90523

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "bb15025e3eb0f3971c02e2d9ea5e3c23"
x-amz-version-id: 3OqiY6Nb_g8QfJPEYQwHtNnxQwbDoSSK
age: 251728
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: MpGeaYvHfaVxmeC2bv1-0i7fEWFB2ztFlqh-FwHZLrLNNQmBLsdijQ==
date: Thu, 31 Oct 2024 09:07:50 GMT
content-type: image/jpeg
last-modified: Thu, 05 Sep 2024 14:40:40 GMT
vary: Origin
x-amz-meta-height: 640
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 1920
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 535627
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/ 24 KB
4 KB 45ms
44ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 53994
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=24745
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 03:34:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 61f73f22-801e-003f-4068-032456000000
cf-ray: 8dca80ee5fe18dba-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 Primary Request / Show response
news.booking.com/ 126 KB
25 KB 316ms
314ms Document
text/html 3.67.147.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/templates/219/685/784587/ppcookieintegration.js?5629202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.67.147.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-147-171.eu-central-1.compute.amazonaws.com

Software

Resource Hash

606619a675fce949cbd5a79ddd1eddf8d2a57f9fa5fd724b3c0f2cd69efa1f24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .booking.com .presspage.com; connect-src 'self' .presspage.com https://region1.google-analytics.com .cookielaw.org .onetrust.com .doubleclick.net https://www.google-analytics.com .nr-data.net .booking.com https://.hotjar.com https://.hotjar.io; font-src 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://.typekit.net .presspage.com https://content.presspage.com .booking.com data:; frame-src 'self' .hotjar.com https://cdn.embedly.com https://.twitter.com https://syndication.twitter.com https://.facebook.com https://.google.com https://.youtube.com https://.pinterest.com https://.fls.doubleclick.net https://.doubleclick.net .booking.com; img-src 'self' .presspage.com https://.url2png.com .twimg.com .bstatic.com https://.vimeocdn.com .ytimg.com https://i.embed.ly https://www.googletagmanager.com https://content.presspage.com https://static.licdn.com https://.linkedin.com https://.twitter.com https://syndication.twitter.com https://.pinterest.com https://t.co https://bat.bing.com https://www.google-analytics.com https://stats.g.doubleclick.net https://.google.com https://.google.nl .booking.com data:; script-src 'self' 'unsafe-inline' .presspage.com .cookielaw.org https://geolocation.onetrust.com .hotjar.com https://content.presspage.com https://.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://js-agent.newrelic.com https://.facebook.net https://.linkedin.com https://.google.com https://bam.nr-data.net https://.pinterest.com https://.google-analytics.com https://.googleadservices.com https://.bing.com https://.ads-twitter.com https://.googletagmanager.com https://googleads.g.doubleclick.net .booking.com; style-src 'self' 'unsafe-inline' .presspage.com .jsdelivr.net https://fonts.googleapis.com https://.twitter.com https://maxcdn.bootstrapcdn.com https://.typekit.net https://syndication.twitter.com https://.twimg.com https://content.presspage.com .booking.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' *.booking.com *.presspage.com; connect-src 'self' *.presspage.com https://region1.google-analytics.com *.cookielaw.org *.onetrust.com *.doubleclick.net https://www.google-analytics.com *.nr-data.net *.booking.com https://*.hotjar.com https://*.hotjar.io; font-src 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://*.typekit.net *.presspage.com https://content.presspage.com *.booking.com data:; frame-src 'self' *.hotjar.com https://cdn.embedly.com https://*.twitter.com https://syndication.twitter.com https://*.facebook.com https://*.google.com https://*.youtube.com https://*.pinterest.com https://*.fls.doubleclick.net https://*.doubleclick.net *.booking.com; img-src 'self' *.presspage.com https://*.url2png.com *.twimg.com *.bstatic.com https://*.vimeocdn.com *.ytimg.com https://i.embed.ly https://www.googletagmanager.com https://content.presspage.com https://static.licdn.com https://*.linkedin.com https://*.twitter.com https://syndication.twitter.com https://*.pinterest.com https://t.co https://bat.bing.com https://www.google-analytics.com https://stats.g.doubleclick.net https://*.google.com https://*.google.nl *.booking.com data:; script-src 'self' 'unsafe-inline' *.presspage.com *.cookielaw.org https://geolocation.onetrust.com *.hotjar.com https://content.presspage.com https://*.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://js-agent.newrelic.com https://*.facebook.net https://*.linkedin.com https://*.google.com https://bam.nr-data.net https://*.pinterest.com https://*.google-analytics.com https://*.googleadservices.com https://*.bing.com https://*.ads-twitter.com https://*.googletagmanager.com https://googleads.g.doubleclick.net *.booking.com; style-src 'self' 'unsafe-inline' *.presspage.com *.jsdelivr.net https://fonts.googleapis.com https://*.twitter.com https://maxcdn.bootstrapcdn.com https://*.typekit.net https://syndication.twitter.com https://*.twimg.com https://content.presspage.com *.booking.com
content-type: text/html; charset=UTF-8
date: Sun, 03 Nov 2024 07:03:17 GMT
expires: Sun, 03 Nov 2024 07:32:23 GMT
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
last-modified: Sun, 03 Nov 2024 07:02:23 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST consentreceipts
booking-privacy.my.onetrust.com/request/v1/ 0
0

GET
H2 200 modules.min_v21.css
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/ 128 KB
0 2ms
2ms Stylesheet
text/css 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/modules.min_v21.css

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05a65a6a57bbabf00017beca88e6f94745c9ff8438edc8ff7df31a44fa5f3838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
etag: W/"4d72d3041ba47ae72d8c66bddefbc0d1"
age: 1499
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Uzms4J77hc3JxoyFUJv1X_0ZyqmXo5GsF6BVETuoFXC0jyxQ_rw2tg==
date: Sun, 03 Nov 2024 06:38:18 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:04 GMT
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 jquery-min.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/ 87 KB
476 B 74ms
59ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/jquery-min.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age: 67860
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: yv1ato7dizybG3iYB9knO5dE5D4UgPgB_mD_pimNMvxoi1DUzWsNQA==
date: Sat, 02 Nov 2024 12:12:18 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 08:50:11 GMT
vary: accept-encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 plugins_v4.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/ 34 KB
0 6ms
6ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/plugins_v4.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bbc4ed2659f3ef8b9303fbfed2529077332277b5e6be563e32b19026a3b1d001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"83611ebe0b1483565c6f5f1d64c95f54"
age: 5120
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: T-fdP-2x38YD6WVNoOAXXH-00p30R39LXF4Cm5tyVXnIvfLpPbxnNw==
date: Sun, 03 Nov 2024 05:37:57 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:12 GMT
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cookie.min.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/ 2 KB
477 B 76ms
62ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/cookie.min.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7e06879de9b9038485d6c5188d0a9e7c903ee23486fa2aa9d63f24ebae1effc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
etag: W/"890702ae897ccf4792b2cb32fd8246b1"
age: 76241
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 5w7ICW9PjVuAKSR4oQCyT2H73P9e4AfuPZ8ls4QQW26FEOtoJ3jaCw==
date: Sat, 02 Nov 2024 09:52:37 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 08:50:12 GMT
vary: accept-encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/ 5 KB
0 6ms
6ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/OtAutoBlock.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9939a9bee9ae4b72742cf599502a31beed5e8634c8ce254ac957fda9c7b13438

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: 78m6XRhDvYlOKe6QSG+rlA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCCBFC19B4AB59
age: 33448
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Mon, 04 Nov 2024 07:03:16 GMT
date: Sun, 03 Nov 2024 07:03:16 GMT
content-type: application/javascript
last-modified: Tue, 03 Sep 2024 09:38:00 GMT
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 3696f4ed-701e-002a-1b4c-26e6cf000000
cf-ray: 8dca80e9af6a7449-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2044
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
0 6ms
6ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCFAE4A54821C4
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 419
x-content-type-options: nosniff
date: Sun, 03 Nov 2024 07:03:16 GMT
content-type: application/javascript
last-modified: Sat, 02 Nov 2024 02:18:31 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: e6162d8b-a01e-00e4-3b43-2d8080000000
cf-ray: 8dca80e9af6b7449-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7212
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ppcookieintegration.js Show response
content.presspage.com/templates/219/685/784587/ 2 KB
0 0ms
0ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/ppcookieintegration.js?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

98447f99e2bdf1965ed9a6a5a89d75ab580dc3f3d33c9fc09f2fd7190878b7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
x-amz-meta-client-id: 685
etag: W/"28746ab023879d131b52ad79fcc2fc9b"
x-amz-version-id: 3uLp6JVfdfyKd38.TdGYQyPTmGw.JG2u
age: 399525
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: v4HLx2KUOr-Own54ZzCY6T6mtdv_hYPYTJ98Jtl9Jq4J_9PFAPzHLA==
date: Tue, 29 Oct 2024 16:04:33 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Wed, 08 May 2024 14:24:28 GMT
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-onetrust-integration.js Show response
content.presspage.com/templates/219/685/784587/ 443 B
0 0ms
0ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-onetrust-integration.js?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

91d475df95a13f2a95a797b265f689a231d58f05c40d1f251e56d9ea82106c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "d8aecf7606174b2630600cd9f59ccf57"
x-amz-version-id: 9hPlOEY4qhzCPjUtIK7xw0jw7K2HLVt4
age: 399525
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: 7wsx95pGzdLT64jeGeZq4C9YOtWNheHMgj7u31oOqJrfm925xyC7bQ==
date: Tue, 29 Oct 2024 16:04:33 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 14:24:28 GMT
x-amz-meta-template-id: 784587
x-frame-options: SAMEORIGIN
vary: Origin
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 443
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-vt-core-v3:latest.min.css
content.presspage.com/vanilla-template/ 369 KB
0 6ms
6ms Stylesheet
text/css 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.css?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e049dcefc9390e7c8f8bcc2c090183ed556dd941f6b6a559a3ca09b472e67b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
x-amz-version-id: QWRfkFnVet10RgVkSwDKxaZOPE5Q1gLp
etag: W/"9a2c33c9131f3900fa104d12d273ffcf"
age: 212753
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: lAYjiU1YzziP3o7Cgw3Wsa0BWrrxaOAHyRVR6kAB4aIFFVJ1Q_IMIA==
date: Thu, 31 Oct 2024 19:57:24 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Tue, 24 Sep 2024 13:23:03 GMT
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-booking-settings.min.css
content.presspage.com/templates/219/685/784587/ 22 KB
0 7ms
7ms Stylesheet
text/css 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd381dee23980bbf1843495a2723edc81adf7a3a13cf888f3b9f9cae7ee31cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
x-amz-meta-client-id: 685
x-amz-version-id: 28hCOtot274qri.P949Kx0JKFCaQLRYW
etag: W/"e8e08c6db5b8944a75ca5a38ccf8a855"
age: 399524
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: XkjQ3i-oKtucW7axJtFul9wWtWoGMt53mcMHsGdS1YQg15QSBGWMAg==
date: Tue, 29 Oct 2024 16:04:33 GMT
content-type: text/css
vary: accept-encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Wed, 05 Jun 2024 12:37:33 GMT
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-booking-settings.min.js Show response
content.presspage.com/templates/219/685/784587/ 10 KB
0 0ms
0ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.js?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fdcd6a3c237da227932e17729d84e3fb548efd01a8233765370970a024b13419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
x-amz-meta-client-id: 685
etag: W/"a1b5466367e9dcf3cce2720b78df0c01"
x-amz-version-id: eYhLsVF7dyhnojq_4PHLs3O8X1NGj6Nr
age: 399525
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: QMhN78jyhU4vdn9Zr0DCKB9vSn5NezqA6ctUMnYH1aemiedr2BOkCw==
date: Tue, 29 Oct 2024 16:04:33 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Wed, 05 Jun 2024 12:37:33 GMT
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-booking-locale-global-us.min.js Show response
content.presspage.com/templates/219/685/784587/ 3 KB
0 1ms
1ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-booking-locale-global-us.min.js?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fdfc9343fa42ebdc2647c0e00f07542644f5c8d1b02058f04ee76fb617bac761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
x-amz-meta-client-id: 685
etag: W/"5e60124fbe47241780a8ee2318509a72"
x-amz-version-id: iaoV1v1_z3vBZnKbzCERWf5BBj9r4Vx5
age: 442824
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: lFWbNWpc8H9qXUYHp3DKS7ODWfezSfZZr_xYMWiJ0DVynCwrrHUdvQ==
date: Tue, 29 Oct 2024 04:02:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Thu, 30 May 2024 12:48:19 GMT
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-vt-core-v3:latest.min.js Show response
content.presspage.com/vanilla-template/ 18 KB
0 1ms
1ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.js?5629202

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2f61510b69aea56c0200a96089fe33e2751ecba1b6cfa4d5f85c11ea2d953bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
x-amz-version-id: eL4PSV.PXiA61OtX1FIwKYPSE5sldeAf
etag: W/"934600648fec6aa3652d7675e1cdd3ba"
age: 483740
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 7JS1K5axPEab6LUDSi20FYmgfL-f_O4c-LCAeNMXoLUp3Ic1FumzpA==
date: Mon, 28 Oct 2024 16:40:58 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 24 Sep 2024 13:23:03 GMT
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 blank.gif
manager.presspage.com/images/ 49 B
0 8ms
8ms Image
image/gif 2a05:d014:dd2:c301:bd5d:e1bb:7ad9:1a09
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manager.presspage.com/images/blank.gif
Requested by: Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d014:dd2:c301:bd5d:e1bb:7ad9:1a09 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

cache-control: max-age=3600, public
etag: "6721f206-31"
expires: Sun, 03 Nov 2024 08:03:17 GMT
accept-ranges: bytes
content-length: 49
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: image/gif
last-modified: Wed, 30 Oct 2024 08:44:54 GMT

GET
H2 200 modules.min.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/ 25 KB
476 B 73ms
63ms Script
application/javascript 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/modules.min.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cd3c00afc865a5b01a328a22d1c84058efd7e76fe3b1eb79bb7669a1f9e2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"f944b9c4be7e09c7aca915407564ffbb"
age: 74680
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: V_ZtVpXdnE1KCYaiXIsW8PjCYbo2e0oxswlDQzoTiBn6Ot9_-o5lSA==
date: Sat, 02 Nov 2024 10:18:38 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 08:50:12 GMT
vary: accept-encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 186ms
60ms Script
text/javascript 2607:f8b0:4004:c17::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
age: 1248
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 08:42:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 06:42:30 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 db9be2d3-b529-44d8-a87e-5b8c48e22eeb.json Show response
cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/ 6 KB
0 0ms
0ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/db9be2d3-b529-44d8-a87e-5b8c48e22eeb.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed06b6ff7398644229001c37d986b3fbcf9bc6111f14641bb7e79f41efe2b6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: Tb3r2WRMCdtPYuL739rVGQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCCBFC19B719AB
age: 33449
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Mon, 04 Nov 2024 07:03:17 GMT
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: application/json
last-modified: Tue, 03 Sep 2024 09:38:00 GMT
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 7b767800-d01e-00af-634c-26b11a000000
cf-ray: 8dca80ec0ec28dba-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1997
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 flag-icons.min.css
cdn.jsdelivr.net/gh/lipis/flag-icons@6.6.6/css/ 27 KB
0 0ms
0ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/lipis/flag-icons@6.6.6/css/flag-icons.min.css

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.css?5629202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5de11e2e3c7322ba096d84edbf8adac8c9a8c2022af224f1c6bdc25d658ad5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://content.presspage.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"6b06-ORz8HGhNFX0/RE7iSGg/nKhGlV0"
age: 3346897
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230101-FRA, cache-mia-kmia1760049-MIA
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1746
x-jsd-version: 6.6.6

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
0 0ms
0ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Roboto:wght@400;700&display=swap

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?5629202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b82e567b32dbc17ba3c07a30656c9ae21f7cdf3511d24e5ac95dd9257ff73156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://content.presspage.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 07:03:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 03 Nov 2024 07:03:17 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
149 B 46ms
45ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://news.booking.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8dca80f13a3f5c5f-MIA
access-control-allow-origin: *
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 pp-icons.ttf
content.presspage.com/templates/50/2372/465298/ 456 KB
0 247ms
124ms Font
font/ttf 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/50/2372/465298/pp-icons.ttf?yprlij

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?5629202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://news.booking.com
Referer: https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?5629202

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: JhXUiRW2CfKNeVf3aK7o5lm8_v7msCrx
etag: W/"ff34ce45bb9343306fa032539cf2416d"
age: 45773
access-control-allow-methods: GET
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 0r7oKVwkjptjwCsz9uxLWM0KlxwiIR2Zw3obiuIJAlMxm7GfSiRL_Q==
date: Sat, 02 Nov 2024 18:20:25 GMT
content-type: font/ttf
vary: accept-encoding
last-modified: Tue, 05 Mar 2024 10:27:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3ae11a9b839883207a82a478aa43a33a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_booking.comenhancestravelplanningwithnewaipoweredfeaturesforeasiersmarterdecisions.jpg
content.presspage.com/uploads/685/1f08bb82-7488-4f95-949e-c42ac72ad425/ 104 KB
0 67ms
66ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/1f08bb82-7488-4f95-949e-c42ac72ad425/c800_booking.comenhancestravelplanningwithnewaipoweredfeaturesforeasiersmarterdecisions.jpg?79549

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de0d683956b0c1984ee72042647828918f24852cf1e745e8b2aa78b9bd25c463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "9a1a012f20dc58b4b383897b8b382429"
x-amz-version-id: HIRF7toB44lj9msE6LNAkV0xsU3RKpGW
age: 340927
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: Gb1yy6EXBiNjJipRaSE9D5ecMSOTLuLqAchq8Xbw8qt-GIAoFCb3fQ==
date: Wed, 30 Oct 2024 08:21:11 GMT
content-type: image/jpeg
last-modified: Tue, 29 Oct 2024 13:23:41 GMT
vary: Origin
x-amz-meta-height: 472
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 106352
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_sustainabilityprogramforaccommodationpartners3.jpg
content.presspage.com/uploads/685/1a9d71ea-8c3c-46f8-86ff-87572608eaa9/ 109 KB
0 65ms
64ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/1a9d71ea-8c3c-46f8-86ff-87572608eaa9/c800_sustainabilityprogramforaccommodationpartners3.jpg?92069

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

62c045ad232f63a02d0316089fda58d7a7e7a330d5095f072ab0981b4777bb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "a76e9ff51e93e9a7ae7da2074bcd52b2"
x-amz-version-id: IlLrLb0TZEzzJQ.LGf.SCuXPo25TMIFo
age: 495300
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: kYEseTUhXCV81A0xiBPKHgq6IsdgXEm4lQWhUi0Az4e8yXmxn4FpFw==
date: Mon, 28 Oct 2024 13:28:18 GMT
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 11:28:17 GMT
vary: Origin
x-amz-meta-height: 362
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 111373
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_booking.comholidayhomeoutlookexpertsandtodd2.jpg
content.presspage.com/uploads/685/ad9b4f7d-2670-4461-9b75-83b7063ed29c/ 76 KB
0 134ms
134ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/ad9b4f7d-2670-4461-9b75-83b7063ed29c/c800_booking.comholidayhomeoutlookexpertsandtodd2.jpg?95981

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d720a8e0f3d3a28a7346812dbf4ea5c1bcdfaa77b968ff7d27d607d6c9b08af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "a21f6720fed95ed6c2f7a41cfd32757a"
x-amz-version-id: tvTzIzxLam1rVNM9ypu.RgGFOG6P67W8
age: 405986
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: Zlrgn_lUqJ5m1vRULMrKYLkvXuzlH5hHEe15i21kGwlgRo3c3BlBiw==
date: Tue, 29 Oct 2024 14:16:52 GMT
content-type: image/jpeg
last-modified: Mon, 23 Sep 2024 10:41:27 GMT
vary: Origin
x-amz-meta-height: 287
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 78234
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_tromsonorway-credits-booking.comcopygettyimages-159597813.jpg
content.presspage.com/uploads/685/8f069b23-34c5-44c9-81bc-3b947bfbe140/ 133 KB
0 191ms
191ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/8f069b23-34c5-44c9-81bc-3b947bfbe140/c800_tromsonorway-credits-booking.comcopygettyimages-159597813.jpg?75849

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b78b55f701e2ed6c9f0b5742387689551628063c39b4300d5f1b4b8c6579539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "ccde8da2c21da93b299001383cac4236"
x-amz-version-id: EWSRL3k9pTxEEMYJnM6bpkqf1tzf29Q_
age: 305530
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: MLmRrXlvpMRglnDqgSG_x5c3W44quf393mEEHkg0sP4_ni2ggNSeiA==
date: Wed, 30 Oct 2024 18:11:08 GMT
content-type: image/jpeg
last-modified: Mon, 14 Oct 2024 09:37:08 GMT
vary: Origin
x-amz-meta-height: 329
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 136349
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_shoppingforproduceingrocerystore-leadimage.jpg
content.presspage.com/uploads/685/8468f853-ca03-4568-a9c2-cbe69e8102b2/ 105 KB
0 157ms
157ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/8468f853-ca03-4568-a9c2-cbe69e8102b2/c800_shoppingforproduceingrocerystore-leadimage.jpg?79371

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3c22847f17b7533b7aea11f3378b22e808ad7719b3fac5551018018154824c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "e3829f56b45513b31f70f0693e173c72"
x-amz-version-id: CN89L6tNEXJ96tX5DLbTtSnCnosSBJrq
age: 305531
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: 7Hd75DqAMcZ9CV-a_scEl4TfPDR9Xbngb7I9Mje9Ql07fs0QMqH0nA==
date: Wed, 30 Oct 2024 18:11:07 GMT
content-type: image/jpeg
last-modified: Mon, 07 Oct 2024 08:28:50 GMT
vary: Origin
x-amz-meta-height: 297
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 107939
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_internationalcoffeeday.jpg
content.presspage.com/uploads/685/7a2d3856-e8dd-48a3-8b6c-dc8825c88c11/ 85 KB
0 181ms
181ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/7a2d3856-e8dd-48a3-8b6c-dc8825c88c11/c800_internationalcoffeeday.jpg?50424

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

69a7f7e3df023cbb78c479e37f83c063a2de91bcca7b2af348535169ceb087c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "3457e5e074a0317f0f8ddf68a761d6c1"
x-amz-version-id: 9iIIOE4pZk0siPYN3FOG5_WZhmD.U60u
age: 913876
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: _BMJt--Rg9lQQgEu2utmpq64WY1XsFgQ6ZdzDvrD9jrnb1glL2TbAA==
date: Wed, 23 Oct 2024 17:12:02 GMT
content-type: image/jpeg
last-modified: Thu, 05 Sep 2024 14:31:21 GMT
vary: Origin
x-amz-meta-height: 335
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 86636
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 304 pp_iconfont.woff
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/fonts/pp_iconfont/fonts/ 27 KB
534 B 62ms
62ms Font
binary/octet-stream 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/fonts/pp_iconfont/fonts/pp_iconfont.woff

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/modules.min_v21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://news.booking.com
If-None-Match: "a473e92dd3cf7a4394d5c9082989cf5d"
Referer: https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/modules.min_v21.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since: Wed, 30 Oct 2024 08:50:04 GMT

Response headers

access-control-max-age: 3000
etag: "a473e92dd3cf7a4394d5c9082989cf5d"
age: 67513
access-control-allow-methods: GET
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: g5IlpPBntpNlMdZpCnsFl0lAEGsBWNjnxSzSOS23PcVbuCFrl9vF_Q==
date: Sat, 02 Nov 2024 12:18:05 GMT
last-modified: Wed, 30 Oct 2024 08:50:04 GMT
vary: accept-encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3ae11a9b839883207a82a478aa43a33a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 booking_logo--white.svg
content.presspage.com/templates/50/2962/744836/ 8 KB
0 185ms
184ms Image
image/svg+xml 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/templates/50/2962/744836/booking_logo--white.svg?1

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.js?5629202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

93af691b38b1e92c465c2caf67d0eb843b57c51dd2c50ce8509b3fbb504d1f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"c96f081503685a634a214f711504ee55"
x-amz-version-id: ZX7Wxj3m55ftK4lNlay47ImN6A64Kky7
age: 84772
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: rxtOR2dvM-QrmCsr_6sZWR2I2vC7quddflLfzGi71d0Ey3lksEW13A==
date: Sat, 02 Nov 2024 20:03:20 GMT
content-type: image/svg+xml
vary: accept-encoding, Origin
last-modified: Tue, 05 Mar 2024 10:28:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 booking_logo--blue.svg
content.presspage.com/templates/50/2962/744836/ 8 KB
0 186ms
185ms Image
image/svg+xml 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/templates/50/2962/744836/booking_logo--blue.svg?1

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.js?5629202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

98220a088c7193dcb97447e7d9bb6b94d289d121f4eadc418832c5242702a54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
etag: W/"c34097669b28d5ad8e42fd5f70870e54"
x-amz-version-id: UA0sZqdzfNTb4tbeDV1GmaQi6fnGrzbf
age: 79691
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: WvCq60K3hb4vmTsYr6dNV1MByAD4y5kQ5-9lLELqv8rMJj8TeLkCXg==
date: Sat, 02 Nov 2024 08:55:06 GMT
content-type: image/svg+xml
vary: accept-encoding, Origin
last-modified: Tue, 05 Mar 2024 10:28:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 159ms
55ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: andes.andes-tec.cl
URL: https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

0c1ff74524dde59e6d0012a8926a48142678a43c46c051cff4abc5e698512cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: aJKdmKQNVDBnpl3uBoSUAw==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "95c3e20549a9a5e51aae2d1563c7e853"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 07:08:17 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 03 Nov 2024 07:03:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: cc3ce002bc2524c729e6d5dad6811018
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4410, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: fEPmdMHqYTkAelhKxFggvXNr4SblQVC9ukIekx0kedsJcRdc6YuS7uOpKwVNYYfMvbGuJhAq7Djwx6zik9TKsw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1685
origin-agent-cluster: ?1

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 188ms
58ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: andes.andes-tec.cl
URL: https://andes.andes-tec.cl/safecracking/eaves/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods: GET
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Sun, 03 Nov 2024 07:03:18 GMT
last-modified: Mon, 11 Dec 2023 17:20:28 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kiad7000138-IAD
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27597
x-amz-server-side-encryption: AES256

POST
H2 200 track-visits Show response
api.presspage.com/statistics/v0/ 31 B
563 B 188ms
187ms XHR
application/json 2a05:d014:dd2:c300:f02b:3f62:8172:77ae
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.presspage.com/statistics/v0/track-visits

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/jquery-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:dd2:c300:f02b:3f62:8172:77ae Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

658dcf097cb005f827fdb5c0813ebd21deed4578bef5b587d56585fa5a9ba8cc

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

Referer: https://news.booking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: "max-age=31536000; includeSubDomains"
cache-control: no-cache, private
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
date: Sun, 03 Nov 2024 07:03:18 GMT
x-xss-protection: "1; mode=block"
content-type: application/json
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,FINGER-PRINT,X-AUTH-TOKEN,X-AUTH-NEWSROOM-TOKEN,accounts,Link,x-auth-content-language

GET
H2 200 c1920_destinationsperfectforthespiritualseekers.jpg
content.presspage.com/uploads/685/1691002b-5939-4ee7-af2b-802b9ab53af3/ 268 KB
0 155ms
154ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/1691002b-5939-4ee7-af2b-802b9ab53af3/c1920_destinationsperfectforthespiritualseekers.jpg?65211

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a6b030fd6227311ce7f3951718f850c6c40e8a44f68286c43a5aaff09d2e5e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "d67f958faa606bac00a1617a3ff48b49"
x-amz-version-id: Z3OCEDnvAyMzMjfY5tg3lfj8.L0hKTA.
age: 124368
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: udRf4GVmM11nFVFrbfzsJ7BXvXyRHHD81maixKfoDbnfzpGvamh8NA==
date: Fri, 01 Nov 2024 20:30:30 GMT
content-type: image/jpeg
last-modified: Mon, 07 Oct 2024 10:02:45 GMT
vary: Origin
x-amz-meta-height: 831
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 1920
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 274801
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202408.1.0/ 453 KB
0 43ms
43ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b56e45e770416d91dd83f5a7375794aee5667293cd54219b3d4c17997e885f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: cSmNeMyDkvSieWRwSFHuAQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 50848
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=464200
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 03:34:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 6b6641f2-401e-0066-1c0b-2421d0000000
cf-ray: 8dca80ed49377449-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/0191998d-4ea0-7a35-bbae-232aa21682f6/ 56 KB
0 0ms
0ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/0191998d-4ea0-7a35-bbae-232aa21682f6/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e92755cb795e343e5aaba649a11bc52d2a46a72912baac420cbd1f8b2e290d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: B0dDPkFyjhrmi8ObAg9UBA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCCBFC1BE47FCF
age: 64265
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Mon, 04 Nov 2024 07:03:17 GMT
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: application/json
last-modified: Tue, 03 Sep 2024 09:38:03 GMT
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 9d349605-701e-006e-794c-263aa3000000
cf-ray: 8dca80edefae8dba-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14461
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/ 24 KB
0 0ms
0ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 53994
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=24745
date: Sun, 03 Nov 2024 07:03:17 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 03:34:14 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 61f73f22-801e-003f-4068-032456000000
cf-ray: 8dca80ee5fe18dba-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 c1920_ux-noctur-ism-generic-credits-booking.comcopygettyimages-961007550.jpg
content.presspage.com/uploads/685/8513e1a7-56ff-4a6c-a002-809338792afb/ 358 KB
0 85ms
85ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/8513e1a7-56ff-4a6c-a002-809338792afb/c1920_ux-noctur-ism-generic-credits-booking.comcopygettyimages-961007550.jpg?94470

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a30306fe2280e21473a57fc1a5bd2e75ad62cddf52362ea1924d11ca93ac726b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "62628c54fc70f65a8cfd727f4480fc08"
x-amz-version-id: znkgsWD_TBdJLkCDjrkspD2d5DkM0tCu
age: 424378
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: LT0XJfw4TIHWcPdKGBjcMvSaZdvJgnTIYOhor3axdfqmlDmRzR6OpQ==
date: Tue, 29 Oct 2024 09:10:20 GMT
content-type: image/jpeg
last-modified: Mon, 14 Oct 2024 10:20:39 GMT
vary: Origin
x-amz-meta-height: 746
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 1920
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 366335
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c1920_halloween-2.jpg
content.presspage.com/uploads/685/084403fb-be87-4226-9e2b-253e049e1819/ 523 KB
0 75ms
74ms Image
image/jpeg 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/084403fb-be87-4226-9e2b-253e049e1819/c1920_halloween-2.jpg?90523

Requested by

Host: news.booking.com
URL: https://news.booking.com/?fnMKOW=EuYebxxN&RVlcDvHGg=SluLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ae1ae5020b9e4d665c4d71042bd9aab6cebab9ce242f036dc77d0cb56af22c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "bb15025e3eb0f3971c02e2d9ea5e3c23"
x-amz-version-id: 3OqiY6Nb_g8QfJPEYQwHtNnxQwbDoSSK
age: 251728
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: MpGeaYvHfaVxmeC2bv1-0i7fEWFB2ztFlqh-FwHZLrLNNQmBLsdijQ==
date: Thu, 31 Oct 2024 09:07:50 GMT
content-type: image/jpeg
last-modified: Thu, 05 Sep 2024 14:40:40 GMT
vary: Origin
x-amz-meta-height: 640
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 1920
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 535627
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 257 KB
75 KB 58ms
58ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=66475e9e0704bdf75466ef28ed6ebe78

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

f85b2dfb9a7a14fb964d49b1463b4e79a2f1fe87b851f5b60c04cea2bbbb3125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://news.booking.com
Referer: https://news.booking.com/

Response headers

content-md5: vYNHjDa82+VsXQ1BvSMkbg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "77df35eeeb99526c285029877fd4463f"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Mon, 03 Nov 2025 06:13:14 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 03 Nov 2024 07:03:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: f10ee82ec2c6a27195faf14c11b0ca64
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1825, tp=5, tpl=0, uplat=2, ullat=-1
x-fb-debug: 6gfe4ifUFIqLsmdanm7aHTOlTpQAXt+/z1+LPOpX8pAj9sRfH9TJF8oI21/J6DrG+/tXaJlghHug6Hha++pj1w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 76890
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
435 B 69ms
68ms XHR
text/plain 2607:f8b0:4004:c17::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=662309743&t=pageview&_s=1&dl=https%3A%2F%2Fnews.booking.com%2F%3FfnMKOW%3DEuYebxxN%26RVlcDvHGg%3DSluLN&ul=en-us&de=UTF-8&dt=Booking.com%3A%20Press&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1742020035&gjid=439055541&cid=889552585.1730617398&tid=UA-68209358-3&_gid=633211555.1730617398&_r=1&_slc=1&z=96600604

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6bf99c7f859d17b87ead209c7d4cb91c6845e3cfebdf70a580475b85edadb7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://news.booking.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 07:03:18 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://news.booking.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 3766 0
0 183ms
61ms Document
text/html 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fnews.booking.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://news.booking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105429
content-type: text/html; charset=utf-8
date: Sun, 03 Nov 2024 07:03:18 GMT
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified: Mon, 11 Dec 2023 17:19:49 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT
x-served-by: cache-iad-kiad7000080-IAD

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
96 KB 193ms
73ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-36NWME0N9L&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6161d8d47c3268b6464561ef24e79aaf0f120084d5625a6505c7566916d5f9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 03 Nov 2024 07:03:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 07:03:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97247
x-xss-protection: 0
server: Google Tag Manager

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 62ms
62ms Fetch
text/plain 142.251.16.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-36NWME0N9L&gtm=45je4au0v9107310415za200&_p=1730617398265&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&gdid=dYWJhMj&ul=en-us&sr=1600x1200&cid=889552585.1730617398&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fnews.booking.com%2F%3FfnMKOW%3DEuYebxxN%26RVlcDvHGg%3DSluLN&dt=Booking.com%3A%20Press&sid=1730617398&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1118
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-36NWME0N9L&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f101.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://news.booking.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 07:03:18 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 685.ico
content.presspage.com/favicon/ 25 KB
26 KB 60ms
60ms Other
image/x-icon 2600:9000:28a6:6400:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/favicon/685.ico?2120994218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28a6:6400:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d6f4604e2dfc6ff3a84f6de028c4c4f65401aa33a819f1eefb558e1e578e6671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "95a945b185cdeef4d80192b8441447a6"
x-amz-version-id: H9HuX1pvrB3scjeMdwiLJhwKw3JOtTim
age: 399522
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Client favicon
x-amz-cf-id: 6qVXH-G1iUSFj8U54PvInybqCZr7ZBaMyaXfCIOCbD9rk4mVilJ5Vw==
date: Tue, 29 Oct 2024 16:04:37 GMT
content-type: image/x-icon
last-modified: Wed, 07 Apr 2021 12:11:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-amz-replication-status: REPLICA
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55b66a36d5da2f3d3d3c37cd04ab0080.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 25971
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 53ms
53ms Image
image/gif 142.251.16.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=662309743&t=timing&_s=2&dl=https%3A%2F%2Fnews.booking.com%2F%3FfnMKOW%3DEuYebxxN%26RVlcDvHGg%3DSluLN&ul=en-us&de=UTF-8&dt=Booking.com%3A%20Press&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1120&pdt=7&dns=0&rrt=3&srt=313&tcp=0&dit=463&clt=466&_gst=423&_gbt=679&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=889552585.1730617398&tid=UA-68209358-3&_gid=633211555.1730617398&z=1237124879

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

age: 48640
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 17:32:38 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.presspage.com
URL: https://api.presspage.com/statistics/v0/track-visits

Domain: booking-privacy.my.onetrust.com
URL: https://booking-privacy.my.onetrust.com/request/v1/consentreceipts

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
andes.andes-tec.cl/	1970-01-21 00:43:37	Name: d Value: -600
andes.andes-tec.cl/	1970-01-21 00:43:37	Name: n Value: Pacific/Honolulu
andes.andes-tec.cl/	1970-01-21 00:43:37	Name: sp Value: Linux%20x86_64
andes.andes-tec.cl/	1970-01-21 00:43:37	Name: su Value: Mozilla/5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/130.0.0.0%20Safari/537.36
andes.andes-tec.cl/	1970-01-21 00:43:37	Name: iu Value: Mozilla/5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/130.0.0.0%20Safari/537.36
andes.andes-tec.cl/	1970-01-21 00:43:37	Name: wd Value: false
news.booking.com/	1969-12-31 23:59:59	Name: PPSESSION Value: 6b9khv1fnl1ort7q4on8mbfurb
.news.booking.com/	1970-01-21 09:29:13	Name: cookie_control Value: accepted
.news.booking.com/	1970-01-21 09:29:13	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Nov+02+2024+21%3A03%3A18+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202408.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=0936efa3-dd49-45ad-802d-67faed1115a2&interactionCount=1&isAnonUser=1&landingPath=https%3A%2F%2Fnews.booking.com%2F%3FfnMKOW%3DEuYebxxN%26RVlcDvHGg%3DSluLN&groups=C0001%3A1%2CC0002%3A1%2CC0004%3A1
.booking.com/	1970-01-21 10:19:37	Name: _ga Value: GA1.2.889552585.1730617398
.booking.com/	1970-01-21 00:45:03	Name: _gid Value: GA1.2.633211555.1730617398
.booking.com/	1970-01-21 00:43:37	Name: _gat Value: 1
.booking.com/	1970-01-21 10:19:37	Name: _ga_36NWME0N9L Value: GS1.2.1730617398.1.0.1730617398.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andes.andes-tec.cl
api.presspage.com
booking-privacy.my.onetrust.com
cdn.cookielaw.org
cdn.jsdelivr.net
connect.facebook.net
content.presspage.com
enwars.com
fonts.googleapis.com
geolocation.onetrust.com
manager.presspage.com
news.booking.com
platform.twitter.com
www.google-analytics.com
www.googletagmanager.com
api.presspage.com
booking-privacy.my.onetrust.com
108.167.149.245
142.251.16.101
146.75.28.157
2600:9000:28a6:6400:15:cfc2:9880:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:562a
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c17::8a
2607:f8b0:4004:c19::61
2a04:4e42:200::485
2a05:d014:dd2:c300:f02b:3f62:8172:77ae
2a05:d014:dd2:c301:bd5d:e1bb:7ad9:1a09
3.67.147.171
31.13.66.19
5.42.102.161
05a65a6a57bbabf00017beca88e6f94745c9ff8438edc8ff7df31a44fa5f3838
0c1ff74524dde59e6d0012a8926a48142678a43c46c051cff4abc5e698512cce
15c330082151e3b92144c3fb764eec2d1687f57b9a272e715bb0a0a9dc1132d9
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f61510b69aea56c0200a96089fe33e2751ecba1b6cfa4d5f85c11ea2d953bf5
3b78b55f701e2ed6c9f0b5742387689551628063c39b4300d5f1b4b8c6579539
3e049dcefc9390e7c8f8bcc2c090183ed556dd941f6b6a559a3ca09b472e67b4
461da126968e85497d7329b284859f6e9ec4540705f380e06b575e0edcb1a2e5
4b0e052e49b8090be1bc010aae7417725ea7e4dfa0fea4991addc6e0b8706a88
50cd3c00afc865a5b01a328a22d1c84058efd7e76fe3b1eb79bb7669a1f9e2eb
5de11e2e3c7322ba096d84edbf8adac8c9a8c2022af224f1c6bdc25d658ad5a7
5e92755cb795e343e5aaba649a11bc52d2a46a72912baac420cbd1f8b2e290d6
606619a675fce949cbd5a79ddd1eddf8d2a57f9fa5fd724b3c0f2cd69efa1f24
6161d8d47c3268b6464561ef24e79aaf0f120084d5625a6505c7566916d5f9d9
62c045ad232f63a02d0316089fda58d7a7e7a330d5095f072ab0981b4777bb90
658dcf097cb005f827fdb5c0813ebd21deed4578bef5b587d56585fa5a9ba8cc
69a7f7e3df023cbb78c479e37f83c063a2de91bcca7b2af348535169ceb087c1
6bf99c7f859d17b87ead209c7d4cb91c6845e3cfebdf70a580475b85edadb7f1
6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91d475df95a13f2a95a797b265f689a231d58f05c40d1f251e56d9ea82106c85
93af691b38b1e92c465c2caf67d0eb843b57c51dd2c50ce8509b3fbb504d1f34
98220a088c7193dcb97447e7d9bb6b94d289d121f4eadc418832c5242702a54f
98447f99e2bdf1965ed9a6a5a89d75ab580dc3f3d33c9fc09f2fd7190878b7ec
9939a9bee9ae4b72742cf599502a31beed5e8634c8ce254ac957fda9c7b13438
a30306fe2280e21473a57fc1a5bd2e75ad62cddf52362ea1924d11ca93ac726b
a6b030fd6227311ce7f3951718f850c6c40e8a44f68286c43a5aaff09d2e5e16
ae1ae5020b9e4d665c4d71042bd9aab6cebab9ce242f036dc77d0cb56af22c1f
b82e567b32dbc17ba3c07a30656c9ae21f7cdf3511d24e5ac95dd9257ff73156
bbc4ed2659f3ef8b9303fbfed2529077332277b5e6be563e32b19026a3b1d001
c6b56e45e770416d91dd83f5a7375794aee5667293cd54219b3d4c17997e885f
c7e06879de9b9038485d6c5188d0a9e7c903ee23486fa2aa9d63f24ebae1effc
d3c22847f17b7533b7aea11f3378b22e808ad7719b3fac5551018018154824c6
d6f4604e2dfc6ff3a84f6de028c4c4f65401aa33a819f1eefb558e1e578e6671
d720a8e0f3d3a28a7346812dbf4ea5c1bcdfaa77b968ff7d27d607d6c9b08af9
de0d683956b0c1984ee72042647828918f24852cf1e745e8b2aa78b9bd25c463
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1cb499a9f98e88ff46f57371fd3e6dc5b4b873523a0fed081325dd32686c636
ed06b6ff7398644229001c37d986b3fbcf9bc6111f14641bb7e79f41efe2b6e8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f85b2dfb9a7a14fb964d49b1463b4e79a2f1fe87b851f5b60c04cea2bbbb3125
fd381dee23980bbf1843495a2723edc81adf7a3a13cf888f3b9f9cae7ee31cc6
fdcd6a3c237da227932e17729d84e3fb548efd01a8233765370970a024b13419
fdfc9343fa42ebdc2647c0e00f07542644f5c8d1b02058f04ee76fb617bac761

news.booking.com Open in urlscan Pro 3.67.147.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

98 %HTTPS

60 %IPv6

12 Domains

15 Subdomains

15 IPs

3 Countries

2643 kBTransfer

8102 kBSize

13 Cookies

29 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

news.booking.com Open in urlscan Pro
3.67.147.171 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

98 %
HTTPS

60 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

2643 kB
Transfer

8102 kB
Size

13
Cookies

88 HTTP transactions
0 data transactions