urlscan.io logo urlscan.io
SecurityTrails logo

account.c.booking.com Open in urlscan Pro
5.57.17.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://account.c.booking.com/
Effective URL: https://account.c.booking.com/
Submission: On June 05 via manual from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 5.57.17.14, located in Amsterdam, Netherlands and belongs to BOOKING-BV Booking.com, NL. The main domain is account.c.booking.com.
TLS certificate: Issued by DigiCert ECC Secure Server CA on October 22nd 2019. Valid for: a year.
This is the only time account.c.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 5.57.17.14 43996 (BOOKING-B...)
5 2600:9000:218... 16509 (AMAZON-02)
1 151.101.114.110 54113 (FASTLY)
2 35.186.220.184 15169 (GOOGLE)
1 5.57.17.159 43996 (BOOKING-B...)
14 5
6    5.57.17.14 (Amsterdam, Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
account.c.booking.com
account.booking.com
5    2600:9000:2182:7a00:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)
q-cf.bstatic.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
client.perimeterx.net
2    35.186.220.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxikkul2rm.px-cloud.net
1    5.57.17.159 (Amsterdam, Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
csp-receiver.booking.com
Domain Requested by
5 q-cf.bstatic.com account.c.booking.com
3 account.booking.com account.c.booking.com
q-cf.bstatic.com
3 account.c.booking.com 1 redirects account.c.booking.com
2 collector-pxikkul2rm.px-cloud.net client.perimeterx.net
1 csp-receiver.booking.com client.perimeterx.net
1 client.perimeterx.net account.c.booking.com
14 6

This site contains links to these domains. Also see Links.

Domain
www.booking.com
secure.booking.com
Subject Issuer Validity Valid
*.booking.com
DigiCert ECC Secure Server CA		 2019-10-22 -
2020-10-26		 a year crt.sh
q-cf.bstatic.com
DigiCert SHA2 Secure Server CA		 2020-06-05 -
2021-02-11		 8 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-29 -
2021-05-07		 a year crt.sh
*.px-cloud.net
Let's Encrypt Authority X3		 2020-05-26 -
2020-08-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://account.c.booking.com/
Frame ID: 4C9AFA52D17053E571F29FEEC6255623
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://account.c.booking.com/ HTTP 301
    https://account.c.booking.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

14
Requests

86 %
HTTPS

20 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

278 kB
Transfer

1206 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://account.c.booking.com/ HTTP 301
    https://account.c.booking.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
account.c.booking.com/
Redirect Chain
  • http://account.c.booking.com/
  • https://account.c.booking.com/
97 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.c.booking.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.57.17.14 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
Software
nginx /
Resource Hash
23479e8c20a2d6781fb4e3cd54fca7edb62068cade703117f5b3292ec9a8fb61
Security Headers
Name Value
Content-Security-Policy report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=e3007ff5b403001b&a=page_Index&p=accounts-portal; frame-ancestors https://*.booking.com 'self';
X-Xss-Protection 1; mode=block

Request headers

Host
account.c.booking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Fri, 05 Jun 2020 18:11:55 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
vary
Accept-Encoding
set-cookie
_pxhd=52d0500ff2d08959f14972b85eddeae784ebf79c17d7071db3b0e5f1dc337136:099bfd81-a758-11ea-b6f8-09fd8a4132f9; Expires=Sat, 05-Jun-21 18:11:54 GMT; Path=/ bkng_ap_sso_session=e30; domain=account.c.booking.com; path=/; expires=Wed, 04-Jun-2025 18:11:55 GMT; secure; HttpOnly bkng_ap=U2FsdGVkX19FtIPmr3p7LH6P9cCUS1cmT%2F1nr0eKObnZP%2BpuSv3BAMnSYnOzHGJ6ExHE1kufkF3I%0AmhvUbiAZEA%3D%3D%0A; domain=account.c.booking.com; path=/; secure; HttpOnly bkng_sso_session=e30; domain=.booking.com; path=/; expires=Wed, 04-Jun-2025 18:11:55 GMT; secure; HttpOnly
content-security-policy
report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=e3007ff5b403001b&a=page_Index&p=accounts-portal; frame-ancestors https://*.booking.com 'self';
content-security-policy-report-only
default-src *.bstatic.com bstatic.com 'self'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'nonce-mpql2tyhZQRqa4n'; report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=41&pid=e3007ff5b403001b&a=page_Index&p=accounts-portal; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com vars.hotjar.com 'self'; img-src 'self' data: www.booking.com account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net collector-pxikkul2rm.px-cloud.net b.px-cdn.net collector-pxikkul2rm.perimeterx.net collector-a.perimeterx.net www.gstatic.com; object-src 'none'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com client.perimeterx.net static.hotjar.com script.hotjar.com 'self' 'nonce-mpql2tyhZQRqa4n' 'report-sample'; connect-src saa.booking.com www.google-analytics.com collector-pxikkul2rm.perimeterx.net b.perimeterx.net collector-pxikkul2rm.pxchk.net collector-pxikkul2rm.px-cdn.net b.px-cdn.net collector-pxikkul2rm.px-cloud.net vc.hotjar.io in.hotjar.com 'self' 'report-sample'; base-uri 'none';
content-encoding
gzip
x-xss-protection
1; mode=block

Redirect headers

content-length
0
location
https://account.c.booking.com/
error_catcher
account.booking.com/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.booking.com/error_catcher
Requested by
Host: account.c.booking.com
URL: https://account.c.booking.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.57.17.14 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
Software
nginx /
Resource Hash
cd4f42cc325fbfb0485d3878c56fa4d0c0d831b3fd6e69c626c8322758f0c60b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.booking.com 'self'; report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=e3007ff58a1e0071&a=error_catcher&p=accounts-portal;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://*.booking.com 'self'; report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=e3007ff58a1e0071&a=error_catcher&p=accounts-portal;
content-encoding
gzip
content-security-policy-report-only
report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=41&pid=e3007ff58a1e0071&a=error_catcher&p=accounts-portal; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com vars.hotjar.com 'self'; img-src 'self' data: www.booking.com account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net collector-pxikkul2rm.px-cloud.net b.px-cdn.net collector-pxikkul2rm.perimeterx.net collector-a.perimeterx.net www.gstatic.com; base-uri 'none'; connect-src saa.booking.com www.google-analytics.com collector-pxikkul2rm.perimeterx.net b.perimeterx.net collector-pxikkul2rm.pxchk.net collector-pxikkul2rm.px-cdn.net b.px-cdn.net collector-pxikkul2rm.px-cloud.net vc.hotjar.io in.hotjar.com 'self' 'report-sample'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com client.perimeterx.net static.hotjar.com script.hotjar.com 'self' 'nonce-jYS9Q4tH6yVgqgD' 'report-sample'; object-src 'none'; default-src *.bstatic.com bstatic.com 'self'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'nonce-jYS9Q4tH6yVgqgD';
server
nginx
date
Fri, 05 Jun 2020 18:11:55 GMT
vary
Accept-Encoding, User-Agent
content-type
application/x-javascript
content-length
8238
x-xss-protection
1; mode=block
3_890ccfed7d5004b2e1bd.css
q-cf.bstatic.com/psb/accountsportal/assets/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://q-cf.bstatic.com/psb/accountsportal/assets/3_890ccfed7d5004b2e1bd.css
Requested by
Host: account.c.booking.com
URL: https://account.c.booking.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7a00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dc33fe01a5a60bb8d8eb616dcfab8c19450523a7ce55749b967cd2407d9b5656
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 13:44:03 GMT
content-encoding
br
age
102472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-meta-x-deployment-hash
0f0d1726873c475e706e8bd94436adf56348fbe4
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
access-control-allow-origin
*
x-amz-expiration
expiry-date="Fri, 02 Oct 2020 13:28:19 GMT", rule-id=""
last-modified
Thu, 04 Jun 2020 13:28:19 GMT
server
nginx
etag
W/"798319a1e1ba546e4774562ed0594fde"
vary
Accept-Encoding
content-type
text/css
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-C1
timing-allow-origin
*
x-amz-cf-id
hBfOV50L4JECjfy5QRL47h-5YuLoTjYy7vJUk5Fe2v_QygtdrryJRg==
expires
Sat, 04 Jul 2020 13:44:03 GMT
runtime~Index_cb45a068ad3b30f5acad.js
q-cf.bstatic.com/psb/accountsportal/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q-cf.bstatic.com/psb/accountsportal/assets/runtime~Index_cb45a068ad3b30f5acad.js
Requested by
Host: account.c.booking.com
URL: https://account.c.booking.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7a00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7d94226796322a81bf6f68df1a4f6a8fd60e1102668db8de105fbe1297345c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 13:44:03 GMT
content-encoding
br
age
102471
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-meta-x-deployment-hash
0f0d1726873c475e706e8bd94436adf56348fbe4
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
access-control-allow-origin
*
x-amz-expiration
expiry-date="Fri, 02 Oct 2020 13:28:19 GMT", rule-id=""
last-modified
Thu, 04 Jun 2020 13:28:19 GMT
server
nginx
etag
W/"82295cbf4c91f145f7e3bafa7c6cbf3d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-C1
timing-allow-origin
*
x-amz-cf-id
C3R2hroQLJHoeF6lnmDxjleLEstqjNOahYMMpAWpmt9BlKpFJna0IA==
expires
Sat, 04 Jul 2020 13:44:03 GMT
0_f4a6f93e4ee26b84e4e9.js
q-cf.bstatic.com/psb/accountsportal/assets/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q-cf.bstatic.com/psb/accountsportal/assets/0_f4a6f93e4ee26b84e4e9.js
Requested by
Host: account.c.booking.com
URL: https://account.c.booking.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7a00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ed07ef6b879ee36afa9c2fc266ce5e6ca0a4a7a2ce6827ef2fc2e56cdc2d8f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 13:44:03 GMT
content-encoding
br
age
102472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-meta-x-deployment-hash
0f0d1726873c475e706e8bd94436adf56348fbe4
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
access-control-allow-origin
*
x-amz-expiration
expiry-date="Fri, 02 Oct 2020 13:28:19 GMT", rule-id=""
last-modified
Thu, 04 Jun 2020 13:28:19 GMT
server
nginx
etag
W/"22083abc5444cc72ecc74608f9352432"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-C1
timing-allow-origin
*
x-amz-cf-id
NhkfZ0dOVBeuHDMZOgXSdcQJ58vV1KUIF2r-cnaAJNXeKMe8bOUt6A==
expires
Sat, 04 Jul 2020 13:44:03 GMT
1_bc204a7f31b72c9296c9.js
q-cf.bstatic.com/psb/accountsportal/assets/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q-cf.bstatic.com/psb/accountsportal/assets/1_bc204a7f31b72c9296c9.js
Requested by
Host: account.c.booking.com
URL: https://account.c.booking.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7a00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
36f7b5595d5047665a10514ff081903450a914cfdf983d87f2f71728ece3b8f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 13:44:03 GMT
content-encoding
br
age
102472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-meta-x-deployment-hash
0f0d1726873c475e706e8bd94436adf56348fbe4
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
access-control-allow-origin
*
x-amz-expiration
expiry-date="Fri, 02 Oct 2020 13:28:19 GMT", rule-id=""
last-modified
Thu, 04 Jun 2020 13:28:19 GMT
server
nginx
etag
W/"d8897156ab18b8c94b50a3a45ca72fc2"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-C1
timing-allow-origin
*
x-amz-cf-id
64lKJ0R4XBupIQGGQsw5wj5eAuGbGCO81igxyFOhtyxzvYGucgF99g==
expires
Sat, 04 Jul 2020 13:44:03 GMT
3_9861565cc74c56e8c2eb.js
q-cf.bstatic.com/psb/accountsportal/assets/ 		772 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q-cf.bstatic.com/psb/accountsportal/assets/3_9861565cc74c56e8c2eb.js
Requested by
Host: account.c.booking.com
URL: https://account.c.booking.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7a00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ee541b34beab89a8c3c91c87c5e87ca3910a5cd5c30e8a08a5cadf52545c660f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 13:44:03 GMT
content-encoding
br
age
102470
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-meta-x-deployment-hash
0f0d1726873c475e706e8bd94436adf56348fbe4
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
access-control-allow-origin
*
x-amz-expiration
expiry-date="Fri, 02 Oct 2020 13:28:19 GMT", rule-id=""
last-modified
Thu, 04 Jun 2020 13:28:19 GMT
server
nginx
etag
W/"94e5c2684ac6377e4a079c63610ca6f6"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-C1
timing-allow-origin
*
x-amz-cf-id
i6XrVR0wFwzEIlQ1Jo4wcT_So8Wzi4GK9lgGI7kxhr90DdCFn7aYsQ==
expires
Sat, 04 Jul 2020 13:44:03 GMT
fvtrpw.gif
account.booking.com/_/ 		35 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.booking.com/_/fvtrpw.gif
Requested by
Host: account.c.booking.com
URL: https://account.c.booking.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.57.17.14 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.booking.com 'self'; report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=51087ff55e920030&a=phishing_pixel&p=accounts-portal;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 18:11:55 GMT
server
nginx
content-security-policy-report-only
default-src *.bstatic.com bstatic.com 'self'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'nonce-mhUeYzJ9N9Z644F'; report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=41&pid=51087ff55e920030&a=phishing_pixel&p=accounts-portal; connect-src saa.booking.com www.google-analytics.com collector-pxikkul2rm.perimeterx.net b.perimeterx.net collector-pxikkul2rm.pxchk.net collector-pxikkul2rm.px-cdn.net b.px-cdn.net collector-pxikkul2rm.px-cloud.net vc.hotjar.io in.hotjar.com 'self' 'report-sample'; base-uri 'none'; object-src 'none'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com client.perimeterx.net static.hotjar.com script.hotjar.com 'self' 'nonce-mhUeYzJ9N9Z644F' 'report-sample'; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com vars.hotjar.com 'self'; img-src 'self' data: www.booking.com account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net collector-pxikkul2rm.px-cloud.net b.px-cdn.net collector-pxikkul2rm.perimeterx.net collector-a.perimeterx.net www.gstatic.com;
content-type
image/gif
content-disposition
attachment; filename=etnht.gif
transfer-encoding
chunked
content-security-policy
frame-ancestors https://*.booking.com 'self'; report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=51087ff55e920030&a=phishing_pixel&p=accounts-portal;
x-xss-protection
1; mode=block
etnht.gif
account.booking.com/_/ 		35 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.booking.com/_/etnht.gif
Requested by
Host: q-cf.bstatic.com
URL: https://q-cf.bstatic.com/psb/accountsportal/assets/3_9861565cc74c56e8c2eb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.57.17.14 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.booking.com 'self'; report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=51087ff50707014c&a=phishing_pixel&p=accounts-portal;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://q-cf.bstatic.com/psb/accountsportal/assets/3_890ccfed7d5004b2e1bd.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 18:11:55 GMT
server
nginx
content-security-policy-report-only
connect-src saa.booking.com www.google-analytics.com collector-pxikkul2rm.perimeterx.net b.perimeterx.net collector-pxikkul2rm.pxchk.net collector-pxikkul2rm.px-cdn.net b.px-cdn.net collector-pxikkul2rm.px-cloud.net vc.hotjar.io in.hotjar.com 'self' 'report-sample'; report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=41&pid=51087ff50707014c&a=phishing_pixel&p=accounts-portal; base-uri 'none'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'nonce-Y0pFsryIwWLFMBc'; default-src *.bstatic.com bstatic.com 'self'; object-src 'none'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com client.perimeterx.net static.hotjar.com script.hotjar.com 'self' 'nonce-Y0pFsryIwWLFMBc' 'report-sample'; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com vars.hotjar.com 'self'; img-src 'self' data: www.booking.com account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net collector-pxikkul2rm.px-cloud.net b.px-cdn.net collector-pxikkul2rm.perimeterx.net collector-a.perimeterx.net www.gstatic.com;
content-type
image/gif
content-disposition
attachment; filename=etnht.gif
transfer-encoding
chunked
content-security-policy
frame-ancestors https://*.booking.com 'self'; report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=51087ff50707014c&a=phishing_pixel&p=accounts-portal;
x-xss-protection
1; mode=block
main.min.js
client.perimeterx.net/PXikKuL2RM/ 		155 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.perimeterx.net/PXikKuL2RM/main.min.js
Requested by
Host: account.c.booking.com
URL: https://account.c.booking.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
334ed5e5c22e2504c40de126e025e5c2659be7e36f2e95c95b28492bec55bdcc

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 18:11:55 GMT
content-encoding
gzip
age
167
x-cache
HIT
status
200
content-length
64268
x-served-by
cache-hhn4071-HHN
access-control-allow-origin
*
x-timer
S1591380716.785063,VS0,VE0
etag
W/"26a94-kE1KkH+r0lzDd6fMOgE191jQsHE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=600
accept-ranges
bytes
x-cache-hits
5
collector
collector-pxikkul2rm.px-cloud.net/api/v2/ 		775 B
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxikkul2rm.px-cloud.net/api/v2/collector
Requested by
Host: client.perimeterx.net
URL: https://client.perimeterx.net/PXikKuL2RM/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
85127fe9af70441b67ce6260e533c96d4f12120164f6e65887f866a829c244d5

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 05 Jun 2020 18:11:55 GMT
via
1.1 google
status
200
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://account.c.booking.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
775
collector
collector-pxikkul2rm.px-cloud.net/api/v2/ 		520 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxikkul2rm.px-cloud.net/api/v2/collector
Requested by
Host: client.perimeterx.net
URL: https://client.perimeterx.net/PXikKuL2RM/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
0df12028362dc49eb403ab3a70787cb21b71072b1d35e4338ce9fa7d29e4b795

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 05 Jun 2020 18:11:56 GMT
via
1.1 google
status
200
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://account.c.booking.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
520
navigation_times
account.c.booking.com/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://account.c.booking.com/navigation_times?sid=&pid=e3007ff5b403001b&nts=0,0,1591380714517,0,0,0,0,1591380714660,1591380714661,1591380714661,1591380714661,1591380714796,1591380714688,1591380714797,1591380715134,1591380715146,1591380715137,1591380715748,1591380715748,1591380715748,1591380715752,1591380715752,1591380715752,0&first=&cdn=cf&dc=4&bo=3&lang=en-us&ref_action=Index&aid=304142&stype=&route=&ua=&ch=&lt=
Requested by
Host: account.c.booking.com
URL: https://account.c.booking.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.57.17.14 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=e3007ff65d1502db&a=navigation_times&p=accounts-portal; frame-ancestors https://*.booking.com 'self';
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.c.booking.com/
X-Booking-CSRF
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=e3007ff65d1502db&a=navigation_times&p=accounts-portal; frame-ancestors https://*.booking.com 'self';
content-security-policy-report-only
report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=41&pid=e3007ff65d1502db&a=navigation_times&p=accounts-portal; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com vars.hotjar.com 'self'; img-src 'self' data: www.booking.com account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net collector-pxikkul2rm.px-cloud.net b.px-cdn.net collector-pxikkul2rm.perimeterx.net collector-a.perimeterx.net www.gstatic.com; object-src 'none'; connect-src saa.booking.com www.google-analytics.com collector-pxikkul2rm.perimeterx.net b.perimeterx.net collector-pxikkul2rm.pxchk.net collector-pxikkul2rm.px-cdn.net b.px-cdn.net collector-pxikkul2rm.px-cloud.net vc.hotjar.io in.hotjar.com 'self' 'report-sample'; base-uri 'none'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com client.perimeterx.net static.hotjar.com script.hotjar.com 'self' 'nonce-if3OGYc6FJLfuBR' 'report-sample'; default-src *.bstatic.com bstatic.com 'self'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'nonce-if3OGYc6FJLfuBR';
server
nginx
date
Fri, 05 Jun 2020 18:11:56 GMT
content-length
0
x-xss-protection
1; mode=block
content-type
image/jpeg
csp_violation
csp-receiver.booking.com/ 		2 B
191 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-receiver.booking.com/csp_violation?type=report&tag=41&pid=e3007ff5b403001b&a=page_Index&p=accounts-portal
Requested by
Host: client.perimeterx.net
URL: https://client.perimeterx.net/PXikKuL2RM/main.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.57.17.159 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.c.booking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 05 Jun 2020 18:11:57 GMT
transfer-encoding
chunked
server
nginx
x-xss-protection
1; mode=block
content-type
application/json; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| E_ function| onBookingError object| booking object| booking_extra object| B object| webpackJsonp object| __core-js_shared__ object| core object| transportHooks object| regeneratorRuntime function| handleSocialProviderResult string| _pxAppId string| _pxParam1 object| PXikKuL2RM object| PX undefined| _ikKuL2RMhandler

4 Cookies

Domain/Path Name / Value
.booking.com/ Name: bkng_sso_session
Value: e30
.account.c.booking.com/ Name: bkng_ap
Value: U2FsdGVkX19FtIPmr3p7LH6P9cCUS1cmT%2F1nr0eKObnZP%2BpuSv3BAMnSYnOzHGJ6ExHE1kufkF3I%0AmhvUbiAZEA%3D%3D%0A
.account.c.booking.com/ Name: bkng_ap_sso_session
Value: e30
account.c.booking.com/ Name: _pxhd
Value: 52d0500ff2d08959f14972b85eddeae784ebf79c17d7071db3b0e5f1dc337136:099bfd81-a758-11ea-b6f8-09fd8a4132f9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy report-uri https://csp-receiver.booking.com/csp_violation?type=block&tag=42&pid=e3007ff5b403001b&a=page_Index&p=accounts-portal; frame-ancestors https://*.booking.com 'self';
X-Xss-Protection 1; mode=block