www.booking.caminhadas.info Open in urlscan Pro
207.180.245.227 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.booking.caminhadas.info/
Submission: On August 31 via automatic, source certstream-suspicious (August 31st 2023, 10:50:49 am UTC) — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 41 HTTP transactions. The main IP is 207.180.245.227, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is www.booking.caminhadas.info.
TLS certificate: Issued by R3 on August 31st 2023. Valid for: 3 months.

This is the only time www.booking.caminhadas.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	207.180.245.227 207.180.245.227	51167 (CONTABO) (CONTABO)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
18	2600:9000:223... 2600:9000:223f:b000:1c:d826:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	108.138.7.83 108.138.7.83	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223f:5c00:1c:d826:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
41	8

5 207.180.245.227 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: www.ecobooking.com.br

www.booking.caminhadas.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ecobooking.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:223f:b000:1c:d826:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

aff.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-83.fra56.r.cloudfront.net

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:5c00:1c:d826:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	bstatic.com aff.bstatic.com — Cisco Umbrella Rank: 52078 cf.bstatic.com — Cisco Umbrella Rank: 14789	127 KB
4	ecobooking.com.br www.ecobooking.com.br	15 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6457	671 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	671 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	246 KB
2	booking.com www.booking.com — Cisco Umbrella Rank: 9371	39 KB
1	caminhadas.info www.booking.caminhadas.info	295 B
41	8

	Domain	Requested by
21	cf.bstatic.com	www.booking.com cf.bstatic.com
4	www.ecobooking.com.br	www.booking.caminhadas.info www.ecobooking.com.br
3	www.google.de	www.ecobooking.com.br
3	www.google.com	www.ecobooking.com.br
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	www.googletagmanager.com	www.ecobooking.com.br www.googletagmanager.com
2	www.booking.com	aff.bstatic.com cf.bstatic.com
1	aff.bstatic.com	www.ecobooking.com.br
1	www.booking.caminhadas.info
41	9

This site contains no links.

Subject Issuer	Validity	Valid
booking.caminhadas.info R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.ecobooking.com.br Sectigo RSA Domain Validation Secure Server CA	`2022-11-13` - `2023-11-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.bstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-21` - `2023-10-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-12` - `2024-05-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.booking.caminhadas.info/
Frame ID: 27AB0A0492790D2D5F558F89222B094D
Requests: 1 HTTP requests in this frame

Frame: https://www.ecobooking.com.br/Booking/index.php
Frame ID: CADE8196308FAFCC1A4B214093F9C965
Requests: 17 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&
Frame ID: 41232366822D9CDA02C4F0F118340BCB
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

booking.caminhadas.info

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

41
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

434 kB
Transfer

1165 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.booking.caminhadas.info/ 223 B
295 B 176ms
42ms Document
text/html 207.180.245.227
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.booking.caminhadas.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.180.245.227 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: www.ecobooking.com.br
Software: nginx / PleskLin
Resource Hash: e4b88506942c09795a6a97ac5a8c3fc7c82fbad446fab92ad3b199f83b8524d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Thu, 31 Aug 2023 10:50:44 GMT
etag: W/"df-5a7fda90bde26"
last-modified: Sat, 13 Jun 2020 21:13:08 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 index.php Show response
www.ecobooking.com.br/Booking/ Frame CADE 10 KB
3 KB 416ms
74ms Document
text/html 207.180.245.227
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecobooking.com.br/Booking/index.php

Requested by

Host: www.booking.caminhadas.info
URL: https://www.booking.caminhadas.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.180.245.227 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

www.ecobooking.com.br

Software

nginx / PHP/7.4.33 PleskLin

Resource Hash

82a2d637455a552a4c904cff99bf0f100f08cd8f8bc6f0b9b075d3f0a6915783

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.booking.caminhadas.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=ISO-8859-1
date: Thu, 31 Aug 2023 10:50:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-powered-by: PHP/7.4.33 PleskLin

GET
H2 200 pimH_css_1.css
www.ecobooking.com.br/css/ Frame CADE 27 KB
5 KB 45ms
44ms Stylesheet
text/css 207.180.245.227
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecobooking.com.br/css/pimH_css_1.css

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.180.245.227 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

www.ecobooking.com.br

Software

nginx / PleskLin

Resource Hash

64d8dd0719b02886cf0f762ebad628776981ef8b31fcbe49edab2bb2d43f47ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/Booking/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 10:50:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Tue, 15 Sep 2020 01:33:32 GMT
server: nginx
etag: W/"5f6019ec-6b5e"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 dhtmlgoodies_calendar.css
www.ecobooking.com.br/css/ Frame CADE 2 KB
722 B 46ms
45ms Stylesheet
text/css 207.180.245.227
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecobooking.com.br/css/dhtmlgoodies_calendar.css?random=20051112

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.180.245.227 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

www.ecobooking.com.br

Software

nginx / PleskLin

Resource Hash

38f8806984f0d1c580b1d16a4349f82afaf9060804a717d7e66daeadb3efb730

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/Booking/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 10:50:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Sat, 30 Mar 2013 15:29:54 GMT
server: nginx
etag: W/"515704f2-8d7"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 dhtmlgoodies_calendar.js Show response
www.ecobooking.com.br/javascript/ Frame CADE 38 KB
7 KB 48ms
47ms Script
application/javascript 207.180.245.227
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecobooking.com.br/javascript/dhtmlgoodies_calendar.js?random=20060118

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.180.245.227 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

www.ecobooking.com.br

Software

nginx / PleskLin

Resource Hash

836916d5a8b6f6482d1aa0b56ade01fb7664417a1620e23cebdbb018e1fc29ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/Booking/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 10:50:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Tue, 31 Oct 2017 15:13:22 GMT
server: nginx
etag: W/"59f89312-981c"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame CADE 269 KB
89 KB 124ms
71ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P80GCGC7TS

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5628293c1c5d824869ce43478cd749afa5cd651f672266d128dc485b9dde1583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 10:50:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90893
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 31 Aug 2023 10:50:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame CADE 186 KB
68 KB 84ms
35ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1065629214

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a97772645a6fa1d78d11c444cdd9c92b59f37b8bf9a56a6d9a1b419849a27a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 10:50:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69597
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 31 Aug 2023 10:50:45 GMT

GET
H2 200 flexiproduct.js Show response
aff.bstatic.com/static/affiliate_base/js/ Frame CADE 6 KB
3 KB 128ms
18ms Script
application/javascript 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1693479045305

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:37:13 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 2409212
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Jun 2022 03:41:28 GMT
server: nginx
etag: W/"62a6b1e8-1849"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: IbNNc_1qYrcBRnPaB3Bc9tvSJDc1FwwFu-i4mz09aLE0ifJaR8YTJA==
expires: Sat, 02 Sep 2023 13:37:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame CADE 269 KB
89 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P80GCGC7TS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1065629214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c782660a9b5bb7de462d00b4d8ff031c4f5f2b6cb0f90c49beb24b81ee4940c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 10:50:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 31 Aug 2023 10:50:45 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065629214/ Frame CADE 3 KB
2 KB 115ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065629214/?random=1693479045442&cv=11&fst=1693479045442&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ecobooking.com.br%2FBooking%2Findex.php&ref=https%3A%2F%2Fwww.booking.caminhadas.info%2F&hn=www.googleadservices.com&frm=2&tiba=EcoBooking%2F-pt_br&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1065629214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b0e9be1bec7d3576267eb9c315f61be0d6e97698b5ba483dac7ce9da3ebd41a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 10:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065629214/ Frame CADE 3 KB
2 KB 113ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065629214/?random=1693479045451&cv=11&fst=1693479045451&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ecobooking.com.br%2FBooking%2Findex.php&ref=https%3A%2F%2Fwww.booking.caminhadas.info%2F&hn=www.googleadservices.com&frm=2&tiba=EcoBooking%2F-pt_br&value=1&uamb=0&uaw=0&data=event%3D%40booking%3Bevent_category%3DChamada-217.114.218.19%3Bevent_label%3D217.114.218.19%20-%20&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1065629214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

635d5333b77da7aad295127771f27c58a5bda6eec056d0c751b4dd639cd65adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 10:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1390
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065629214/ Frame CADE 3 KB
1 KB 106ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065629214/?random=1693479045454&cv=11&fst=1693479045454&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ecobooking.com.br%2FBooking%2Findex.php&ref=https%3A%2F%2Fwww.booking.caminhadas.info%2F&hn=www.googleadservices.com&frm=2&tiba=EcoBooking%2F-pt_br&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1065629214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba6d1297ef8c2ad25591e5dd8102515a3b11c957551e2e5341dc5e4e666e4e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 10:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flexiproduct.html Show response
www.booking.com/ Frame 4123 105 KB
38 KB 674ms
600ms Document
text/html 108.138.7.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Requested by

Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1693479045305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-83.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5544d6b2ce76219d233c409157d71c781f8028b36d2793bcb6949b8074d14b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ecobooking.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 36913
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 10:50:46 GMT
nel: {"max_age":604800,"report_to":"default"}
report-to: {"max_age":604800,"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}]}
server: nginx
strict-transport-security: max-age=300; includeSubDomains
vary: User-Agent, Accept-Encoding
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-id: 4LWguYz9x4cFAcyzFJ7xQSJmtOqTk1X1Z8onKK-hgheHbHfy4PonJA==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
www.google.com/pagead/1p-user-list/1065629214/ Frame CADE 42 B
455 B 91ms
34ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1065629214/?random=1693479045442&cv=11&fst=1693476000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ecobooking.com.br%2FBooking%2Findex.php&ref=https%3A%2F%2Fwww.booking.caminhadas.info%2F&frm=2&tiba=EcoBooking%2F-pt_br&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2410103180&rmt_tld=0&ipr=y

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 10:50:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1065629214/ Frame CADE 42 B
455 B 89ms
32ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1065629214/?random=1693479045442&cv=11&fst=1693476000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ecobooking.com.br%2FBooking%2Findex.php&ref=https%3A%2F%2Fwww.booking.caminhadas.info%2F&frm=2&tiba=EcoBooking%2F-pt_br&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2410103180&rmt_tld=1&ipr=y

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 10:50:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1065629214/ Frame CADE 42 B
108 B 90ms
34ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1065629214/?random=1693479045454&cv=11&fst=1693476000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ecobooking.com.br%2FBooking%2Findex.php&ref=https%3A%2F%2Fwww.booking.caminhadas.info%2F&frm=2&tiba=EcoBooking%2F-pt_br&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2926184890&rmt_tld=0&ipr=y

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 10:50:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1065629214/ Frame CADE 42 B
108 B 91ms
35ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1065629214/?random=1693479045454&cv=11&fst=1693476000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ecobooking.com.br%2FBooking%2Findex.php&ref=https%3A%2F%2Fwww.booking.caminhadas.info%2F&frm=2&tiba=EcoBooking%2F-pt_br&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2926184890&rmt_tld=1&ipr=y

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 10:50:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1065629214/ Frame CADE 42 B
108 B 87ms
35ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1065629214/?random=1693479045451&cv=11&fst=1693476000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ecobooking.com.br%2FBooking%2Findex.php&ref=https%3A%2F%2Fwww.booking.caminhadas.info%2F&frm=2&tiba=EcoBooking%2F-pt_br&value=1&data=event%3D%40booking%3Bevent_category%3DChamada-217.114.218.19%3Bevent_label%3D217.114.218.19%20-%20&fmt=3&is_vtc=1&random=353365823&rmt_tld=0&ipr=y

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 10:50:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1065629214/ Frame CADE 42 B
108 B 86ms
33ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1065629214/?random=1693479045451&cv=11&fst=1693476000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ecobooking.com.br%2FBooking%2Findex.php&ref=https%3A%2F%2Fwww.booking.caminhadas.info%2F&frm=2&tiba=EcoBooking%2F-pt_br&value=1&data=event%3D%40booking%3Bevent_category%3DChamada-217.114.218.19%3Bevent_label%3D217.114.218.19%20-%20&fmt=3&is_vtc=1&random=353365823&rmt_tld=1&ipr=y

Requested by

Host: www.ecobooking.com.br
URL: https://www.ecobooking.com.br/Booking/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ecobooking.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 10:50:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 82b674edb949dddf78e02d76e8593771bf2e85d5.css
cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/ Frame 4123 1 KB
1015 B 24ms
22ms Stylesheet
text/css 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 08:19:05 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 786701
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 10:23:33 GMT
server: nginx
etag: W/"5eda1d25-51a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: _xZpkFN2id3f9Nvn9DnTvqB7kLDabGtBxWOUXo00M_2FrYdZWMDJPA==
expires: Thu, 21 Sep 2023 08:19:05 GMT

GET
H2 200 f6d29e089da85314827d24b5e412d273b710cf84.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/ Frame 4123 11 KB
3 KB 23ms
22ms Stylesheet
text/css 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/f6d29e089da85314827d24b5e412d273b710cf84.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:37:13 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 2409213
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 10:23:33 GMT
server: nginx
etag: W/"5eda1d25-2ae3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: Koz7HPWlY-FpoqfX2J3nSsRf0NXuPhofB82xi5_xHr0vkqggWHZCOA==
expires: Sat, 02 Sep 2023 13:37:13 GMT

GET
H2 200 19d26ccbecea13a40501b1a204f92d7797638c6b.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/ Frame 4123 13 KB
3 KB 24ms
23ms Stylesheet
text/css 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/19d26ccbecea13a40501b1a204f92d7797638c6b.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 19:02:37 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 488889
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jun 2022 06:07:04 GMT
server: nginx
etag: W/"62ba9a88-33d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: bWQzM0xFrgdw6aCDqnAux3K0Q-99e6irpPcxEc34utss6sUoz95PQQ==
expires: Sun, 24 Sep 2023 19:02:37 GMT

GET
H2 200 cc3c3bb07577b243628b6437fe31264026e19804.css
cf.bstatic.com/static/affiliate_base/css/flexi_product_sbp/ Frame 4123 722 B
1 KB 23ms
23ms Stylesheet
text/css 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_product_sbp/cc3c3bb07577b243628b6437fe31264026e19804.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4fd43a4477bcd68debcf4c5c6b943f3fc4fbec14a396573ffb2f7f31b21e914c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 00:49:59 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1850447
x-cache: Hit from cloudfront
content-length: 722
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:19 GMT
server: nginx
etag: "5cadd1af-2d2"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 4_a_MauFCA2F3B3o9H7BCaavYb6QyIvWg9WdS_R1MMmYVohJsCcQ2g==
expires: Sat, 09 Sep 2023 00:49:59 GMT

GET
H2 200 ebc3273565b5e682ccaf01872d2e046749306442.png
cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ Frame 4123 3 KB
3 KB 21ms
20ms Image
image/png 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ebc3273565b5e682ccaf01872d2e046749306442.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 07:24:43 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 2345163
x-cache: Hit from cloudfront
content-length: 2904
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:50 GMT
server: nginx
etag: "5cadd1ce-b58"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: yqR3UE49LuDgd0YbWK9lKrTIFcqiaWouvfj9sa8mmRAoUm7j39zpow==
expires: Sun, 03 Sep 2023 07:24:43 GMT

GET
H2 200 8445c6d95d9a59c87b9bfd0c4e8d6d06bae67f9f.png
cf.bstatic.com/static/img/flags/32/fr/ Frame 4123 635 B
1 KB 21ms
21ms Image
image/png 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/32/fr/8445c6d95d9a59c87b9bfd0c4e8d6d06bae67f9f.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

18a076ed54c175e4c0d840f127c03b8e307a50c98ef1a2be28b7e89e74443c35

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:01:33 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 524953
x-cache: Hit from cloudfront
content-length: 635
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-27b"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SbuAG0OHddJe4mU2FrKm8z4OGNswmQ88qyJOmmRVVEwCKDBRVd1d1w==
expires: Sun, 24 Sep 2023 09:01:33 GMT

GET
H2 200 c40908f41aa7dd9168e8dfdb659bf98a012b7b39.png
cf.bstatic.com/static/img/flags/32/gb/ Frame 4123 2 KB
2 KB 22ms
22ms Image
image/png 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/32/gb/c40908f41aa7dd9168e8dfdb659bf98a012b7b39.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d01ed637e101f58f2b05ad506818a5df97aa8330510c035c2792e307e614bb85

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 13:50:03 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1285243
x-cache: Hit from cloudfront
content-length: 1550
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-60e"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: pN_knqlRBrgtL_joiv-cOUXoXr9iO-pvF72mJsZx1kDB44t0H82ivw==
expires: Fri, 15 Sep 2023 13:50:03 GMT

GET
H2 200 61a55c5f6c8f0a16e35cef7ab1b5b5b8a645589a.png
cf.bstatic.com/static/img/flags/32/es/ Frame 4123 857 B
1 KB 29ms
28ms Image
image/png 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/32/es/61a55c5f6c8f0a16e35cef7ab1b5b5b8a645589a.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bd181a983d2b28d18decdb6dff1df9c90f1e04e72fcc09b6d0f4c0cdf4ed4c00

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 02:20:58 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 894588
x-cache: Hit from cloudfront
content-length: 857
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-359"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Z-zTFLRXWvDqQFcM_vtP3Rc7cnyHtoNcHJQZCrIOnOefcoq_raotRQ==
expires: Wed, 20 Sep 2023 02:20:58 GMT

GET
H2 200 cef6c221c259b1c2769b52afcea6e90df142f961.png
cf.bstatic.com/static/img/flags/32/it/ Frame 4123 641 B
1 KB 31ms
27ms Image
image/png 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/32/it/cef6c221c259b1c2769b52afcea6e90df142f961.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c901873a8ab4820c73a2d5e26c4c593a0506dfd64d0dadda8050dc9f98267d7f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:37:39 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 2409187
x-cache: Hit from cloudfront
content-length: 641
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-281"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Scd4fpImZUHFrH0mgSyOyQsDe1BPrWIj2fgpuLzdK-Jg0dfdiL5g-g==
expires: Sat, 02 Sep 2023 13:37:39 GMT

GET
H2 200 f0875dec68706cfc4328e93bfcd26eb66cc5b29d.png
cf.bstatic.com/static/img/flags/32/gr/ Frame 4123 699 B
1 KB 43ms
43ms Image
image/png 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/32/gr/f0875dec68706cfc4328e93bfcd26eb66cc5b29d.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

404d2ad736284e28dbe64d3abc12448208fb4ea441e9aaeaad8aa8afcd7931d9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:30:35 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1819211
x-cache: Hit from cloudfront
content-length: 699
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-2bb"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: MBNJyXBhsRwJMOg2kt-LTfPDL5YWa_6sB_gP940RpcdRbhDerlnNuw==
expires: Sat, 09 Sep 2023 09:30:35 GMT

GET
H2 200 6b8c66043c4e7a3aa674af5f43e5a2a3c08e32b8.png
cf.bstatic.com/static/img/flags/32/cz/ Frame 4123 817 B
1 KB 29ms
28ms Image
image/png 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/32/cz/6b8c66043c4e7a3aa674af5f43e5a2a3c08e32b8.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ea458e2bdf499bd6f201677fffe3be3e47b2fc2350524d90ced1c9db27f76064

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 13:54:43 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1284963
x-cache: Hit from cloudfront
content-length: 817
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-331"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6pIAQTNpmKWzD4ucuMJ57a8VP2BybcnydwS34nNl3kxfrq8lR1mfXA==
expires: Fri, 15 Sep 2023 13:54:43 GMT

GET
H2 200 b9113d827a4bef669a316480e50017d43bf5ff42.png
cf.bstatic.com/static/img/flags/32/no/ Frame 4123 700 B
1 KB 30ms
29ms Image
image/png 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/32/no/b9113d827a4bef669a316480e50017d43bf5ff42.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e1c2b02a2fd88fb452129e070f09b0baf6c2af152e4fe0b2607fba0181297eb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 11:57:05 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 428021
x-cache: Hit from cloudfront
content-length: 700
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-2bc"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: lgEwmhA19NUVWywX6pmsyRt_fEyKofxnuYYp_vQ5dzUCIHLxpeJIIQ==
expires: Mon, 25 Sep 2023 11:57:05 GMT

GET
H2 200 a62d709d85599e9749e7e57a515331e478095a40.png
cf.bstatic.com/static/img/flags/32/jp/ Frame 4123 593 B
1 KB 42ms
41ms Image
image/png 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/32/jp/a62d709d85599e9749e7e57a515331e478095a40.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3f47b3234146e9e88a7865b64673caec413348c74bd20de13703b5f4dc834b56

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 18:54:24 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1353382
x-cache: Hit from cloudfront
content-length: 593
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-251"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: lwCGm6BfG8sl_fTi4TlLfAzBr07vrqFeRIM4hxMSh56N4acTiIbB2A==
expires: Thu, 14 Sep 2023 18:54:24 GMT

GET
H2 200 c094e9373984d40a3cb9662c9082ee121ba9bcfd.png
cf.bstatic.com/static/img/flags/32/th/ Frame 4123 469 B
1 KB 43ms
42ms Image
image/png 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/32/th/c094e9373984d40a3cb9662c9082ee121ba9bcfd.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f47085e5b9d96ecce7918e6dd505df6fb9578b76646159a3ff3a9d0a2002b40f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 15:38:25 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1451541
x-cache: Hit from cloudfront
content-length: 469
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-1d5"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: NyTsgVPMPoggH1yIXKS3PqyAJqiDRRluivcN4E9YZnc_hTupd1e5KQ==
expires: Wed, 13 Sep 2023 15:38:25 GMT

GET
H2 200 85522fc012ea427986aabb503405f288a30cc3c8.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/ Frame 4123 123 KB
39 KB 75ms
27ms Script
application/javascript 2600:9000:223f:5c00:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:5c00:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 12:09:10 GMT
content-encoding: br
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1291296
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 25 May 2022 11:00:45 GMT
server: nginx
etag: W/"628e0c5d-1ed10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: E168ytjEKSH_4Qg_oRMRqz22u1Jlv2bfTULY3-QRbfR_KKEPfl9-0g==
expires: Fri, 15 Sep 2023 12:09:10 GMT

GET
H2 200 eb78197b2eee9a032c319d91a6e1c581e295f284.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/ Frame 4123 33 KB
11 KB 94ms
46ms Script
application/javascript 2600:9000:223f:5c00:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/eb78197b2eee9a032c319d91a6e1c581e295f284.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:5c00:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:49:04 GMT
content-encoding: br
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1382502
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-84eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: HtpJSQuUrKPZLi1YpKer0JLMA6DPNBtS9FwW5QUupzhwddHGMk70dA==
expires: Thu, 14 Sep 2023 10:49:04 GMT

GET
H2 200 4b4fae87bf31da220deff9a2b0120bd0552b6fe8.js Show response
cf.bstatic.com/static/affiliate_base/js/flexi_sbp_cloudfront_sd/ Frame 4123 4 KB
2 KB 70ms
44ms Script
application/javascript 2600:9000:223f:5c00:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexi_sbp_cloudfront_sd/4b4fae87bf31da220deff9a2b0120bd0552b6fe8.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:5c00:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7010c1be3185f588ded1c9f2dad3295ae742a55bcf57d59042965b1020b863b5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:25:35 GMT
content-encoding: br
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1056311
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-112b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 5zsSXEbXfRdtDZUP0AvHdktPGauVMYjh29TudBl3pr37z_FEQsid_g==
expires: Mon, 18 Sep 2023 05:25:35 GMT

GET
H2 200 844107.webp
cf.bstatic.com/xdata/images/city/max300/ Frame 4123 13 KB
14 KB 28ms
24ms Image
image/webp 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/max300/844107.webp?k=d2e327bd37d6b8a5e3b3f8f0a4c218387781b80dbbd5adb2d9e56d10f46c1659&o=

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bbafac93eeb02663acdf79d346f5f518a4b793eacf35d796963ccbe534398a53

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:19:12 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5
age: 502294
etag: "d6f93772497aa45aef50815182b422a2fb2da5e6"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
content-language: 13746
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: XNjSlsTycHKkO4aCfQbwZGVOB5XH5a46kyGbJjBLBQxY3m8P2W5RAg==
x-xss-protection: 1; mode=block

GET
H2 200 879409.webp
cf.bstatic.com/xdata/images/city/max300/ Frame 4123 11 KB
11 KB 31ms
27ms Image
image/webp 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/max300/879409.webp?k=5ae0075dd2c4eb38ba197d88f436067ab78e7701b55ba1ab6699fdce795425ca&o=

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a7a7f4e6db8dedf7804443f80d722a2eabe4478df8ba618dc1ab603357b94800

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 11:39:43 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5
age: 861063
etag: "203a2b6afd35dbb9204e644dea815f64ee04a868"
x-cache: Hit from cloudfront
content-language: 10974
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: TmSQtyTfiMHK_hIZOXi2-rkBSS5_KN5TakvPZzD9ZE7DwN7hb5sVfQ==
x-xss-protection: 1; mode=block

GET
H2 200 693538.webp
cf.bstatic.com/xdata/images/city/max300/ Frame 4123 15 KB
15 KB 45ms
41ms Image
image/webp 2600:9000:223f:b000:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/max300/693538.webp?k=a0f59068e765bf5c423e84eb83ccc8ba1bf30eed3b89d5fbfa8c9d17316cdffa&o=

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b000:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fb19a69b1aaf4707196d8fa0de8d2cd05098b7f1a99be934eba1b9d8e5b01aa1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 06:51:50 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5
age: 446336
etag: "7918c54b6943f4707cc504d44712e25685b491d4"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
content-language: 15184
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: ENMOIMmTz5oyRU3Xy8Hg2mR6inI1TVVjivHiLJ_zSMo0iGjiJXVQlQ==
x-xss-protection: 1; mode=block

GET
H2 200 750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
cf.bstatic.com/static/fonts/flexi/flexi/ Frame 4123 8 KB
8 KB 35ms
23ms Font
application/font-woff 2600:9000:223f:5c00:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/flexi/flexi/750fa5bec9bde5e6e09115b5970b8106f73a5646.woff

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:5c00:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 04:25:13 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1837533
x-cache: Hit from cloudfront
content-length: 7772
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
server: nginx
etag: "5cadd1cd-1e5c"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 4UGNCKEDCUiTi-L0hk2xsFOzZOPKvBbvl4EfwTga6XkgaZphjz4ypg==
expires: Sat, 09 Sep 2023 04:25:13 GMT

GET
H2 200 fp_view Show response
www.booking.com/affiliate/ Frame 4123 12 B
1 KB 2617ms
2617ms XHR
application/json 108.138.7.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/affiliate/fp_view?aid=1481528&target_aid=1481528&product_type=sbp

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-83.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.booking.com/flexiproduct.html?product=sbp&w=750&h=400&lang=pt-BR&aid=1481528&target_aid=1481528&fid=1693479045496&
X-Requested-With: XMLHttpRequest
X-Booking-CSRF: xajwZAAAAAA=wXu5nTy-bcCXXcakeoBfeHVflC_Utj0K5I_RaO3DStlxUcv_IX35BQFx1fhLMbFkP_JBDi6plzAjf7_OBHBAbQgIVJpvguecF0cIxgkKkHtnMClt0oTj6A8FtrY6qgiSzrWKWxGBJX2BBUpYohsw7ijUGO0qlTFmApRaIfDWHEo9DD93hSaBYb52HAvOGwVzENVrSoaTusZxNDPR
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 10:50:48 GMT
strict-transport-security: max-age=300; includeSubDomains
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-content-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
x-amz-cf-id: 2yxhPI2kW3ndt_k2zFLF_ZYogcEgq3W0T2dSoR9PvuQUm8_aRVKL-A==
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 14:24:39	Name: test_cookie Value: CheckForPermission
			.booking.com/	1970-01-21 00:00:39	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzlp0qtiqiUe8Kd7DT8BuJXQ7oYHzkzfqyq6gsbpEs9lrY7hC5N3IiSIRb6d%2Fi006K9C%2BRZ4WxSg6%2FlmjTZISMcYo7FxlNhkNWAqLM0l4KpHxKVrPnqUnaEWdOiNlwlbBZmkZVOhx5b%2BBeU8JOmV%2F6UtNMR7%2FsZu5AI%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aff.bstatic.com
cf.bstatic.com
googleads.g.doubleclick.net
www.booking.caminhadas.info
www.booking.com
www.ecobooking.com.br
www.google.com
www.google.de
www.googletagmanager.com
108.138.7.83
207.180.245.227
2600:9000:223f:5c00:1c:d826:cd80:93a1
2600:9000:223f:b000:1c:d826:cd80:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:82a::2002
18a076ed54c175e4c0d840f127c03b8e307a50c98ef1a2be28b7e89e74443c35
38f8806984f0d1c580b1d16a4349f82afaf9060804a717d7e66daeadb3efb730
3f47b3234146e9e88a7865b64673caec413348c74bd20de13703b5f4dc834b56
404d2ad736284e28dbe64d3abc12448208fb4ea441e9aaeaad8aa8afcd7931d9
424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959
4e1c2b02a2fd88fb452129e070f09b0baf6c2af152e4fe0b2607fba0181297eb
4fd43a4477bcd68debcf4c5c6b943f3fc4fbec14a396573ffb2f7f31b21e914c
5544d6b2ce76219d233c409157d71c781f8028b36d2793bcb6949b8074d14b74
5628293c1c5d824869ce43478cd749afa5cd651f672266d128dc485b9dde1583
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
635d5333b77da7aad295127771f27c58a5bda6eec056d0c751b4dd639cd65adf
64d8dd0719b02886cf0f762ebad628776981ef8b31fcbe49edab2bb2d43f47ec
69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
7010c1be3185f588ded1c9f2dad3295ae742a55bcf57d59042965b1020b863b5
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
82a2d637455a552a4c904cff99bf0f100f08cd8f8bc6f0b9b075d3f0a6915783
836916d5a8b6f6482d1aa0b56ade01fb7664417a1620e23cebdbb018e1fc29ea
8b0e9be1bec7d3576267eb9c315f61be0d6e97698b5ba483dac7ce9da3ebd41a
a7a7f4e6db8dedf7804443f80d722a2eabe4478df8ba618dc1ab603357b94800
a97772645a6fa1d78d11c444cdd9c92b59f37b8bf9a56a6d9a1b419849a27a38
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
ba6d1297ef8c2ad25591e5dd8102515a3b11c957551e2e5341dc5e4e666e4e04
bbafac93eeb02663acdf79d346f5f518a4b793eacf35d796963ccbe534398a53
bd181a983d2b28d18decdb6dff1df9c90f1e04e72fcc09b6d0f4c0cdf4ed4c00
c782660a9b5bb7de462d00b4d8ff031c4f5f2b6cb0f90c49beb24b81ee4940c3
c901873a8ab4820c73a2d5e26c4c593a0506dfd64d0dadda8050dc9f98267d7f
d01ed637e101f58f2b05ad506818a5df97aa8330510c035c2792e307e614bb85
da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
e4b88506942c09795a6a97ac5a8c3fc7c82fbad446fab92ad3b199f83b8524d4
ea458e2bdf499bd6f201677fffe3be3e47b2fc2350524d90ced1c9db27f76064
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47085e5b9d96ecce7918e6dd505df6fb9578b76646159a3ff3a9d0a2002b40f
fb19a69b1aaf4707196d8fa0de8d2cd05098b7f1a99be934eba1b9d8e5b01aa1
fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d

www.booking.caminhadas.info Open in urlscan Pro 207.180.245.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

75 %IPv6

8 Domains

9 Subdomains

8 IPs

2 Countries

434 kBTransfer

1165 kBSize

2 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.booking.caminhadas.info Open in urlscan Pro
207.180.245.227 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

434 kB
Transfer

1165 kB
Size

2
Cookies

41 HTTP transactions
0 data transactions