news.booking.com Open in urlscan Pro
52.58.159.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://launch.sneature.com/handing/amateurs/counterweigh
Effective URL:
https://news.booking.com/
Submission: On November 03 via api (November 3rd 2024, 2:44:30 am UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 44 HTTP transactions. The main IP is 52.58.159.35, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is news.booking.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 23rd 2024. Valid for: a year.

This is the only time news.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	78.46.177.197 78.46.177.197	24940 (HETZNER-AS) (HETZNER-AS)
1 1	5.42.102.161 5.42.102.161	210644 (AEZA-AS) (AEZA-AS)
1	52.58.159.35 52.58.159.35	16509 (AMAZON-02) (AMAZON-02)
26	2600:9000:264... 2600:9000:2646:1000:15:cfc2:9880:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d014:dd2... 2a05:d014:dd2:c302:993c:e92a:ff98:3a8a	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d014:dd2... 2a05:d014:dd2:c302:4e94:302a:eca2:b0d	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
44	10

4 78.46.177.197 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dedi4618.your-server.de

launch.sneature.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.42.102.161 (Paris, France) 1 redirects

ASN210644 (AEZA-AS, GB)
PTR: superb-alarm.aeza.network

enwars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.159.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-159-35.eu-central-1.compute.amazonaws.com

news.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:2646:1000:15:cfc2:9880:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.presspage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:dd2:c302:993c:e92a:ff98:3a8a (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

manager.presspage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:dd2:c302:4e94:302a:eca2:b0d (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

api.presspage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	presspage.com content.presspage.com — Cisco Umbrella Rank: 91263 manager.presspage.com — Cisco Umbrella Rank: 190338 api.presspage.com — Cisco Umbrella Rank: 200209	2 MB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	145 KB
4	sneature.com 1 redirects launch.sneature.com	48 KB
2	gstatic.com fonts.gstatic.com	36 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	295 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	2 KB
1	booking.com news.booking.com	25 KB
1	enwars.com 1 redirects enwars.com	201 B
44	9

	Domain	Requested by
26	content.presspage.com	news.booking.com content.presspage.com
7	cdn.cookielaw.org	news.booking.com cdn.cookielaw.org
4	launch.sneature.com	1 redirects launch.sneature.com
2	fonts.gstatic.com	fonts.googleapis.com
1	api.presspage.com	content.presspage.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fonts.googleapis.com	content.presspage.com
1	cdn.jsdelivr.net	content.presspage.com
1	manager.presspage.com	news.booking.com
1	news.booking.com
1	enwars.com	1 redirects
44	11

This site contains links to these domains. Also see Links.

Domain
www.booking.com
capsulenz.com
www.destinationnsw.com.au
curlytales.com
www.moneycontrol.com
www.countryliving.com
www.travelpulse.com
www.glasgowtimes.co.uk
www.elliott.org
www.timeout.com
www.timesnownews.com
www.stuff.co.nz
www.traveltalkmag.com.au
eu.usatoday.com
www.forbes.com
www.nationalgeographic.com
www.travelweekly.com
www.remixmagazine.com
www.mirror.co.uk
www.nzherald.co.nz
eglobaltravelmedia.com.au
travelnoire.com
www.hotelnewsresource.com
nl.linkedin.com
www.facebook.com
www.instagram.com
www.tiktok.com
www.linkedin.com

Subject Issuer	Validity	Valid
launch.sneature.com Encryption Everywhere DV TLS CA - G2	`2024-02-28` - `2025-02-28`	a year	crt.sh
news.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
*.presspage.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-20` - `2025-09-14`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://news.booking.com/
Frame ID: 8EC0F004FC42748FE96AFB3767027A96
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booking.com: Press

Page URL History Show full URLs

http://launch.sneature.com/handing/amateurs/counterweigh HTTP 307
https://launch.sneature.com/handing/amateurs/counterweigh HTTP 301
https://launch.sneature.com/handing/amateurs/counterweigh/ Page URL
https://launch.sneature.com/handing/amateurs/counterweigh/ Page URL
https://enwars.com/ HTTP 302
https://news.booking.com/ Page URL

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

44
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

2476 kB
Transfer

3823 kB
Size

8
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.booking.com/

Search URL Search Domain Scan URL

URL: https://capsulenz.com/do/intergenerational-travel/
Title: THIS Is The Secret To Having A Great Holiday…opens in new window

Search URL Search Domain Scan URL

URL: https://www.destinationnsw.com.au/newsroom/sydney-named-one-of-the-world-s-most-sustainable-cities
Title: Sydney named one of the world's most sustainable citiesopens in new window

Search URL Search Domain Scan URL

URL: https://curlytales.com/80-of-indian-travellers-are-embracing-solo-travel-here-are-the-most-ideal-locations/
Title: 80% Of Indian Travellers Are Embracing Solo Travel; Here Are The Most Ideal Locationsopens in new window

Search URL Search Domain Scan URL

URL: https://www.moneycontrol.com/travel/tourism-ministry-working-on-visa-on-arrival-to-promote-india-as-a-global-destination-gajendra-singh-shekhawat-article-12843884.html
Title: Tourism ministry working on visa-on-arrival to promote India as a global destination: Gajendra Singh Shekhawatopens in new window

Search URL Search Domain Scan URL

URL: https://www.countryliving.com/uk/travel-ideas/abroad/g62600650/best-places-to-see-northern-lights/
Title: The world's best places to see the Northern Lightsopens in new window

Search URL Search Domain Scan URL

URL: https://www.travelpulse.com/news/features/spending-kids-inheritance-and-boys-ii-zen-trips-are-the-trends-to-watch-in-2025
Title: Spending Kids Inheritance and Boys II Zen Trips Are The Trends to Watch in 2025opens in new window

Search URL Search Domain Scan URL

URL: https://www.glasgowtimes.co.uk/news/national/uk-today/24655470.holiday-time-booking-com-shares-2025-travel-predictions/
Title: Holiday time? Booking.com shares 2025 travel predictionsopens in new window

Search URL Search Domain Scan URL

URL: https://www.travelpulse.com/news/features/four-award-winning-female-travelers-share-their-favorite-solo-travel-destinations
Title: Four Award-Winning Female Travelers Share Their Favorite Solo Travel Destinationsopens in new window

Search URL Search Domain Scan URL

URL: https://www.elliott.org/destinations/how-do-you-define-sustainability-in-gothenburg-sweden-its-everywhere/#google_vignette
Title: How do you define sustainability? In Gothenburg, Sweden, it’s everywhereopens in new window

Search URL Search Domain Scan URL

URL: https://www.timeout.com/australia/hotels/secluded-retreat-in-noosa-hinterland
Title: Secluded Retreat in Noosa Hinterlandopens in new window

Search URL Search Domain Scan URL

URL: https://www.timesnownews.com/travel/news/india-emerges-as-the-new-hot-spot-for-global-travellers-article-114107868
Title: India Emerges As The New Hot Spot For Global Travellersopens in new window

Search URL Search Domain Scan URL

URL: https://www.stuff.co.nz/travel/350443788/would-you-travel-13-family-members-kiwi-family-tried-it-vietnam
Title: Would you travel with 13 family members? These Kiwis tried it in Vietnamopens in new window

Search URL Search Domain Scan URL

URL: https://www.traveltalkmag.com.au/b-corp-certification-gains-momentum-in-travel-industry/
Title: B Corp certification gains momentum in travel industryopens in new window

Search URL Search Domain Scan URL

URL: https://eu.usatoday.com/story/travel/2024/10/07/climate-change-overtourism-tourist-taxes-travel/75512123007/
Title: Many destinations are raising tourist taxes, but are they accomplishing their goal?opens in new window

Search URL Search Domain Scan URL

URL: https://www.forbes.com/sites/christopherelliott/2024/10/05/how-this-swedish-city-became-one-of-the-worlds-most-sustainable-places/
Title: How This Swedish City Became One Of The World’s Most Sustainable Placesopens in new window

Search URL Search Domain Scan URL

URL: https://www.nationalgeographic.com/travel/article/experience-worlds-most-remote-destinations
Title: 6 of the world's most remote destinations to test your inner adventureropens in new window

Search URL Search Domain Scan URL

URL: https://www.travelweekly.com/Thought-Leadership/Spain-The-Importance-of-Sustainability-in-Selling-Travel/366758
Title: The Importance of Sustainability in Selling Travelopens in new window

Search URL Search Domain Scan URL

URL: https://www.remixmagazine.com/lifestyle/how-to-spend-the-perfect-labour-weekend-in-queenstown-with-friends/
Title: How to spend the perfect Labour Weekend in Queenstown with friendsopens in new window

Search URL Search Domain Scan URL

URL: https://www.mirror.co.uk/3am/celebrity-news/huge-american-rapper-opening-up-33779058
Title: Huge American rapper opening up lavish mansion for fans to stay in at a bargain priceopens in new window

Search URL Search Domain Scan URL

URL: https://www.nzherald.co.nz/rotorua-daily-post/news/school-holidays-rotorua-third-on-list-for-kiwis-to-visit-mount-maunganui-fourth-in-trending-destinations/V2G6PJFV75EADPLTTSMPFSZM54/
Title: School holidays: Rotorua third on list for Kiwis to visit, Mount Maunganui fourth in ‘trending destinations’opens in new window

Search URL Search Domain Scan URL

URL: https://eglobaltravelmedia.com.au/2024/09/28/balinese-resort-unveils-new-sleep-package-for-sweet-dreams/
Title: Balinese Resort Unveils New Sleep Package for Sweet Dreamsopens in new window

Search URL Search Domain Scan URL

URL: https://travelnoire.com/kid-vacations
Title: What Your Kids Really Want To Do on Vacationopens in new window

Search URL Search Domain Scan URL

URL: https://www.hotelnewsresource.com/article133371.html
Title: Journey to Net Zero: Challenges and Solutions in Hotel Sustainabilityopens in new window

Search URL Search Domain Scan URL

URL: http://nl.linkedin.com/company/booking.com
Title: Visit our LinkedIn page (opens in new window)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bookingcom/
Title: Visit our Facebook page (opens in new window)

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bookingcom/?hl=en
Title: (opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@bookingcom?lang=en
Title: (opens in new window)

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/booking.com/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.booking.com/content/privacy.html
Title: Privacy & Cookie Statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://launch.sneature.com/handing/amateurs/counterweigh HTTP 307
https://launch.sneature.com/handing/amateurs/counterweigh HTTP 301
https://launch.sneature.com/handing/amateurs/counterweigh/ Page URL
https://launch.sneature.com/handing/amateurs/counterweigh/ Page URL
https://enwars.com/ HTTP 302
https://news.booking.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://launch.sneature.com/handing/amateurs/counterweigh HTTP 307
https://launch.sneature.com/handing/amateurs/counterweigh HTTP 301
https://launch.sneature.com/handing/amateurs/counterweigh/

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
launch.sneature.com/handing/amateurs/counterweigh/
Redirect Chain

http://launch.sneature.com/handing/amateurs/counterweigh
https://launch.sneature.com/handing/amateurs/counterweigh
https://launch.sneature.com/handing/amateurs/counterweigh/

4 KB
4 KB

28ms
27ms

Document
text/html

78.46.177.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://launch.sneature.com/handing/amateurs/counterweigh/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.177.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi4618.your-server.de
Software: Apache /
Resource Hash: a538aa597c716117da78068059d60fccdb9a792351b4630a74b6d42cd09563c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 03 Nov 2024 02:44:22 GMT
server: Apache

Redirect headers

content-length: 336
content-type: text/html; charset=iso-8859-1
date: Sun, 03 Nov 2024 02:44:22 GMT
location: https://launch.sneature.com/handing/amateurs/counterweigh/
server: Apache

GET
H2 200 /
launch.sneature.com/handing/amateurs/counterweigh/ 64 B
109 B 164ms
164ms Document
text/html 78.46.177.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://launch.sneature.com/handing/amateurs/counterweigh/
Requested by: Host: launch.sneature.com
URL: https://launch.sneature.com/handing/amateurs/counterweigh/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.177.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi4618.your-server.de
Software: Apache /
Resource Hash

Request headers

Referer: https://launch.sneature.com/handing/amateurs/counterweigh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 03 Nov 2024 02:44:23 GMT
server: Apache

GET
H2

200

Primary Request / Show response
news.booking.com/
Redirect Chain

https://enwars.com/
https://news.booking.com/

126 KB
25 KB

150ms
56ms

Document
text/html

52.58.159.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.58.159.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-159-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

10424d0d012e8b53561402134ef9f8fa28e6ae772d50e96b4e8acf88bbaf31ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .booking.com .presspage.com; connect-src 'self' .presspage.com https://region1.google-analytics.com .cookielaw.org .onetrust.com .doubleclick.net https://www.google-analytics.com .nr-data.net .booking.com https://.hotjar.com https://.hotjar.io; font-src 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://.typekit.net .presspage.com https://content.presspage.com .booking.com data:; frame-src 'self' .hotjar.com https://cdn.embedly.com https://.twitter.com https://syndication.twitter.com https://.facebook.com https://.google.com https://.youtube.com https://.pinterest.com https://.fls.doubleclick.net https://.doubleclick.net .booking.com; img-src 'self' .presspage.com https://.url2png.com .twimg.com .bstatic.com https://.vimeocdn.com .ytimg.com https://i.embed.ly https://www.googletagmanager.com https://content.presspage.com https://static.licdn.com https://.linkedin.com https://.twitter.com https://syndication.twitter.com https://.pinterest.com https://t.co https://bat.bing.com https://www.google-analytics.com https://stats.g.doubleclick.net https://.google.com https://.google.nl .booking.com data:; script-src 'self' 'unsafe-inline' .presspage.com .cookielaw.org https://geolocation.onetrust.com .hotjar.com https://content.presspage.com https://.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://js-agent.newrelic.com https://.facebook.net https://.linkedin.com https://.google.com https://bam.nr-data.net https://.pinterest.com https://.google-analytics.com https://.googleadservices.com https://.bing.com https://.ads-twitter.com https://.googletagmanager.com https://googleads.g.doubleclick.net .booking.com; style-src 'self' 'unsafe-inline' .presspage.com .jsdelivr.net https://fonts.googleapis.com https://.twitter.com https://maxcdn.bootstrapcdn.com https://.typekit.net https://syndication.twitter.com https://.twimg.com https://content.presspage.com .booking.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://launch.sneature.com/handing/amateurs/counterweigh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' *.booking.com *.presspage.com; connect-src 'self' *.presspage.com https://region1.google-analytics.com *.cookielaw.org *.onetrust.com *.doubleclick.net https://www.google-analytics.com *.nr-data.net *.booking.com https://*.hotjar.com https://*.hotjar.io; font-src 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://*.typekit.net *.presspage.com https://content.presspage.com *.booking.com data:; frame-src 'self' *.hotjar.com https://cdn.embedly.com https://*.twitter.com https://syndication.twitter.com https://*.facebook.com https://*.google.com https://*.youtube.com https://*.pinterest.com https://*.fls.doubleclick.net https://*.doubleclick.net *.booking.com; img-src 'self' *.presspage.com https://*.url2png.com *.twimg.com *.bstatic.com https://*.vimeocdn.com *.ytimg.com https://i.embed.ly https://www.googletagmanager.com https://content.presspage.com https://static.licdn.com https://*.linkedin.com https://*.twitter.com https://syndication.twitter.com https://*.pinterest.com https://t.co https://bat.bing.com https://www.google-analytics.com https://stats.g.doubleclick.net https://*.google.com https://*.google.nl *.booking.com data:; script-src 'self' 'unsafe-inline' *.presspage.com *.cookielaw.org https://geolocation.onetrust.com *.hotjar.com https://content.presspage.com https://*.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://js-agent.newrelic.com https://*.facebook.net https://*.linkedin.com https://*.google.com https://bam.nr-data.net https://*.pinterest.com https://*.google-analytics.com https://*.googleadservices.com https://*.bing.com https://*.ads-twitter.com https://*.googletagmanager.com https://googleads.g.doubleclick.net *.booking.com; style-src 'self' 'unsafe-inline' *.presspage.com *.jsdelivr.net https://fonts.googleapis.com https://*.twitter.com https://maxcdn.bootstrapcdn.com https://*.typekit.net https://syndication.twitter.com https://*.twimg.com https://content.presspage.com *.booking.com
content-type: text/html; charset=UTF-8
date: Sun, 03 Nov 2024 02:44:24 GMT
expires: Sun, 03 Nov 2024 02:58:16 GMT
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
last-modified: Sun, 03 Nov 2024 02:28:16 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 03 Nov 2024 02:44:24 GMT
Location: https://news.booking.com/
Server: nginx/1.26.1

GET
H2 200 favicon.ico
launch.sneature.com/ 43 KB
43 KB 285ms
283ms Other
text/html 78.46.177.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://launch.sneature.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.177.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi4618.your-server.de
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://launch.sneature.com/handing/amateurs/counterweigh/

Response headers

date: Sun, 03 Nov 2024 02:44:23 GMT
content-type: text/html; charset=UTF-8
server: Apache

GET
H2 200 modules.min_v21.css
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/ 128 KB
26 KB 173ms
17ms Stylesheet
text/css 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/modules.min_v21.css

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05a65a6a57bbabf00017beca88e6f94745c9ff8438edc8ff7df31a44fa5f3838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"4d72d3041ba47ae72d8c66bddefbc0d1"
age: 35746
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: IbF7-D45gojVFxQJHWRz0Vu0U6m9C-2TVA5_FcTVMlft0mb0P4O7IA==
date: Sat, 02 Nov 2024 16:48:39 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 jquery-min.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/ 87 KB
31 KB 159ms
29ms Script
application/javascript 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/jquery-min.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age: 25027
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: D30iqRFRBnwKNaPOKOrKryjIpTuMQBQX1D6QTjJhxdTrQeyuA2t-1A==
date: Sat, 02 Nov 2024 19:47:18 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 plugins_v4.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/ 34 KB
11 KB 144ms
13ms Script
application/javascript 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/plugins_v4.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bbc4ed2659f3ef8b9303fbfed2529077332277b5e6be563e32b19026a3b1d001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"83611ebe0b1483565c6f5f1d64c95f54"
age: 25027
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ZmtQngs0Q_kOcp7EHjbGFVl_2cAREXDyhuBlULX37CwUwf3Jd0NvqA==
date: Sat, 02 Nov 2024 19:47:18 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cookie.min.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/ 2 KB
1 KB 160ms
30ms Script
application/javascript 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/cookie.min.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7e06879de9b9038485d6c5188d0a9e7c903ee23486fa2aa9d63f24ebae1effc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"890702ae897ccf4792b2cb32fd8246b1"
age: 19360
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 1XVYx1n9HV7mweCsPereKBjlhmdj6jJx_qD8ht-0glvw3hITLdYTug==
date: Sat, 02 Nov 2024 21:21:45 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/ 5 KB
2 KB 79ms
41ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/OtAutoBlock.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9939a9bee9ae4b72742cf599502a31beed5e8634c8ce254ac957fda9c7b13438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: 78m6XRhDvYlOKe6QSG+rlA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCCBFC19B4AB59
age: 22536
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Mon, 04 Nov 2024 02:44:24 GMT
date: Sun, 03 Nov 2024 02:44:24 GMT
content-type: application/javascript
last-modified: Tue, 03 Sep 2024 09:38:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 3696f4ed-701e-002a-1b4c-26e6cf000000
cf-ray: 8dc905b52c6d1e45-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2044
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 56ms
19ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCF9E14B983B5E
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 82789
x-content-type-options: nosniff
date: Sun, 03 Nov 2024 02:44:24 GMT
content-type: application/javascript
last-modified: Thu, 31 Oct 2024 19:22:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 6717472a-101e-0057-2a7a-2c7a07000000
cf-ray: 8dc905b52c6c1e45-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7212
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ppcookieintegration.js Show response
content.presspage.com/templates/219/685/784587/ 2 KB
1 KB 18ms
17ms Script
application/javascript 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/ppcookieintegration.js?26836

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

98447f99e2bdf1965ed9a6a5a89d75ab580dc3f3d33c9fc09f2fd7190878b7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-meta-client-id: 685
etag: W/"28746ab023879d131b52ad79fcc2fc9b"
x-amz-version-id: 3uLp6JVfdfyKd38.TdGYQyPTmGw.JG2u
age: 15423255
access-control-allow-methods: GET
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: smVDMlKigWo8ku2vZpohuU3Jz_rumYlgSSvRbTLOqTiSfU8DE9nPpg==
date: Wed, 08 May 2024 14:30:10 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 14:24:28 GMT
x-amz-meta-template-id: 784587
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-onetrust-integration.js Show response
content.presspage.com/templates/219/685/784587/ 443 B
1 KB 18ms
18ms Script
application/javascript 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-onetrust-integration.js?26836

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

91d475df95a13f2a95a797b265f689a231d58f05c40d1f251e56d9ea82106c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "d8aecf7606174b2630600cd9f59ccf57"
x-amz-version-id: 9hPlOEY4qhzCPjUtIK7xw0jw7K2HLVt4
age: 15420380
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: Wqu0SvbM4AjqGhiuxLyrBzOETBDSXMqObU7LXABwMggpnmxLsXxX3w==
date: Wed, 08 May 2024 15:18:05 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 14:24:28 GMT
x-amz-meta-template-id: 784587
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
vary: Origin
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 443
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-vt-core-v3:latest.min.css
content.presspage.com/vanilla-template/ 369 KB
47 KB 159ms
29ms Stylesheet
text/css 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.css?26836

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e049dcefc9390e7c8f8bcc2c090183ed556dd941f6b6a559a3ca09b472e67b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
x-amz-version-id: QWRfkFnVet10RgVkSwDKxaZOPE5Q1gLp
etag: W/"9a2c33c9131f3900fa104d12d273ffcf"
age: 274326
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 0vzKx_gLrkR0Yqe9548QrZPZn_j04FRkgtwyPTQBChvOSnpzuyElhw==
date: Wed, 30 Oct 2024 22:32:19 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Tue, 24 Sep 2024 13:23:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-booking-settings.min.css
content.presspage.com/templates/219/685/784587/ 22 KB
5 KB 141ms
11ms Stylesheet
text/css 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?26836

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd381dee23980bbf1843495a2723edc81adf7a3a13cf888f3b9f9cae7ee31cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
x-amz-meta-client-id: 685
etag: W/"e8e08c6db5b8944a75ca5a38ccf8a855"
x-amz-version-id: 28hCOtot274qri.P949Kx0JKFCaQLRYW
age: 13009729
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: tTqXQCzn7KwALvf3V7Sk7Q9hGQU9kwcylKuyabozneMiIL8lSY6NWA==
date: Wed, 05 Jun 2024 12:55:36 GMT
content-type: text/css
vary: Accept-Encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Wed, 05 Jun 2024 12:37:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-booking-settings.min.js Show response
content.presspage.com/templates/219/685/784587/ 10 KB
4 KB 10ms
8ms Script
application/javascript 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.js?26836

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fdcd6a3c237da227932e17729d84e3fb548efd01a8233765370970a024b13419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
x-amz-meta-client-id: 685
etag: W/"a1b5466367e9dcf3cce2720b78df0c01"
x-amz-version-id: eYhLsVF7dyhnojq_4PHLs3O8X1NGj6Nr
age: 13010587
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: ZKlutA0ynWJXfOFKGchvxu6gL1hr-1y1T5dtm31x-8rYUwDuNoz_LA==
date: Wed, 05 Jun 2024 12:41:18 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Wed, 05 Jun 2024 12:37:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-booking-locale-global-us.min.js Show response
content.presspage.com/templates/219/685/784587/ 3 KB
2 KB 11ms
9ms Script
application/javascript 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/219/685/784587/pp-booking-locale-global-us.min.js?26836

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fdfc9343fa42ebdc2647c0e00f07542644f5c8d1b02058f04ee76fb617bac761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
x-amz-meta-client-id: 685
etag: W/"5e60124fbe47241780a8ee2318509a72"
x-amz-version-id: iaoV1v1_z3vBZnKbzCERWf5BBj9r4Vx5
age: 13527222
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Template file
x-amz-cf-id: yDSrASan229hbvx6ghgzGyG1c8W6lhF0aCbCXuhW4d8STq7KQSgbow==
date: Thu, 30 May 2024 13:10:43 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-meta-template-id: 784587
last-modified: Thu, 30 May 2024 12:48:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-agency-id: 219
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-vt-core-v3:latest.min.js Show response
content.presspage.com/vanilla-template/ 18 KB
5 KB 13ms
12ms Script
application/javascript 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.js?26836

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2f61510b69aea56c0200a96089fe33e2751ecba1b6cfa4d5f85c11ea2d953bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
x-amz-version-id: eL4PSV.PXiA61OtX1FIwKYPSE5sldeAf
etag: W/"934600648fec6aa3652d7675e1cdd3ba"
age: 265714
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: X-yNg-CZJbUUNeRrrjlmU9VOYijwkS-y6_AhwY6yK3ejVzGgUgALsA==
date: Thu, 31 Oct 2024 00:55:51 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Tue, 24 Sep 2024 13:23:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 blank.gif
manager.presspage.com/images/ 49 B
251 B 127ms
1ms Image
image/gif 2a05:d014:dd2:c302:993c:e92a:ff98:3a8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manager.presspage.com/images/blank.gif
Requested by: Host: news.booking.com
URL: https://news.booking.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d014:dd2:c302:993c:e92a:ff98:3a8a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

cache-control: max-age=3600, public
etag: "6721f206-31"
expires: Sun, 03 Nov 2024 03:44:24 GMT
accept-ranges: bytes
content-length: 49
date: Sun, 03 Nov 2024 02:44:24 GMT
content-type: image/gif
last-modified: Wed, 30 Oct 2024 08:44:54 GMT

GET
H2 200 modules.min.js Show response
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/ 25 KB
8 KB 43ms
43ms Script
application/javascript 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/min/modules.min.js

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cd3c00afc865a5b01a328a22d1c84058efd7e76fe3b1eb79bb7669a1f9e2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: gzip
etag: W/"f944b9c4be7e09c7aca915407564ffbb"
age: 25027
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: g0OCGsp1f2g7WXIFTT4PEiRIogER60n7tZ3OV8wXwioiaWvuj_PH6A==
date: Sat, 02 Nov 2024 19:47:18 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Wed, 30 Oct 2024 08:50:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 db9be2d3-b529-44d8-a87e-5b8c48e22eeb.json Show response
cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/ 6 KB
3 KB 55ms
26ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/db9be2d3-b529-44d8-a87e-5b8c48e22eeb.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed06b6ff7398644229001c37d986b3fbcf9bc6111f14641bb7e79f41efe2b6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: Tb3r2WRMCdtPYuL739rVGQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCCBFC19B719AB
age: 18513
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Mon, 04 Nov 2024 02:44:24 GMT
date: Sun, 03 Nov 2024 02:44:24 GMT
content-type: application/json
last-modified: Tue, 03 Sep 2024 09:38:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 7b767800-d01e-00af-634c-26b11a000000
cf-ray: 8dc905b67cf89195-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1997
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 flag-icons.min.css
cdn.jsdelivr.net/gh/lipis/flag-icons@6.6.6/css/ 27 KB
2 KB 272ms
37ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/lipis/flag-icons@6.6.6/css/flag-icons.min.css

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/vanilla-template/pp-vt-core-v3:latest.min.css?26836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5de11e2e3c7322ba096d84edbf8adac8c9a8c2022af224f1c6bdc25d658ad5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://content.presspage.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"6b06-ORz8HGhNFX0/RE7iSGg/nKhGlV0"
age: 3331365
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sun, 03 Nov 2024 02:44:24 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230101-FRA, cache-mad2200142-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1746
x-jsd-version: 6.6.6

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
2 KB 250ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Roboto:wght@400;700&display=swap

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?26836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b82e567b32dbc17ba3c07a30656c9ae21f7cdf3511d24e5ac95dd9257ff73156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://content.presspage.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 02:44:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 02:44:24 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 03 Nov 2024 02:44:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 280ms
106ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://news.booking.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8dc905b7ceac1e6a-FRA
access-control-allow-origin: *
date: Sun, 03 Nov 2024 02:44:25 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 c800_booking.comenhancestravelplanningwithnewaipoweredfeaturesforeasiersmarterdecisions.jpg
content.presspage.com/uploads/685/1f08bb82-7488-4f95-949e-c42ac72ad425/ 104 KB
105 KB 68ms
49ms Image
image/jpeg 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/1f08bb82-7488-4f95-949e-c42ac72ad425/c800_booking.comenhancestravelplanningwithnewaipoweredfeaturesforeasiersmarterdecisions.jpg?79549

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de0d683956b0c1984ee72042647828918f24852cf1e745e8b2aa78b9bd25c463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "9a1a012f20dc58b4b383897b8b382429"
x-amz-version-id: HIRF7toB44lj9msE6LNAkV0xsU3RKpGW
age: 325644
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: XdcIpBoMJ-FpNjMmuL5TywISXhjkAtZndATZwK20rhQY2ZiPWYHDyg==
date: Wed, 30 Oct 2024 08:17:02 GMT
content-type: image/jpeg
last-modified: Tue, 29 Oct 2024 13:23:41 GMT
vary: Origin
x-amz-meta-height: 472
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 106352
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_sustainabilityprogramforaccommodationpartners3.jpg
content.presspage.com/uploads/685/1a9d71ea-8c3c-46f8-86ff-87572608eaa9/ 109 KB
110 KB 40ms
21ms Image
image/jpeg 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/1a9d71ea-8c3c-46f8-86ff-87572608eaa9/c800_sustainabilityprogramforaccommodationpartners3.jpg?92069

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

62c045ad232f63a02d0316089fda58d7a7e7a330d5095f072ab0981b4777bb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "a76e9ff51e93e9a7ae7da2074bcd52b2"
x-amz-version-id: IlLrLb0TZEzzJQ.LGf.SCuXPo25TMIFo
age: 464088
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: lVn_Zik3IChuBtr3IMebWxtV4VSFSmTx_gthOxMsbkt7H5qwnSPGJQ==
date: Mon, 28 Oct 2024 17:49:38 GMT
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 11:28:17 GMT
vary: Origin
x-amz-meta-height: 362
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 111373
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_booking.comholidayhomeoutlookexpertsandtodd2.jpg
content.presspage.com/uploads/685/ad9b4f7d-2670-4461-9b75-83b7063ed29c/ 76 KB
77 KB 48ms
29ms Image
image/jpeg 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/ad9b4f7d-2670-4461-9b75-83b7063ed29c/c800_booking.comholidayhomeoutlookexpertsandtodd2.jpg?95981

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d720a8e0f3d3a28a7346812dbf4ea5c1bcdfaa77b968ff7d27d607d6c9b08af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "a21f6720fed95ed6c2f7a41cfd32757a"
x-amz-version-id: tvTzIzxLam1rVNM9ypu.RgGFOG6P67W8
age: 3426365
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: is_zb4PPZD3T6cx8_wiibf-JouAyhO6Z6T1ljsNT6zDKv0qcCuP3nA==
date: Tue, 24 Sep 2024 10:58:21 GMT
content-type: image/jpeg
last-modified: Mon, 23 Sep 2024 10:41:27 GMT
vary: Origin
x-amz-meta-height: 287
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 78234
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp_iconfont.woff
content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/fonts/pp_iconfont/fonts/ 27 KB
28 KB 69ms
11ms Font
binary/octet-stream 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/fonts/pp_iconfont/fonts/pp_iconfont.woff

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/modules.min_v21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e1cb499a9f98e88ff46f57371fd3e6dc5b4b873523a0fed081325dd32686c636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://news.booking.com
Referer: https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/css/min/modules.min_v21.css

Response headers

access-control-expose-headers: *
etag: "a473e92dd3cf7a4394d5c9082989cf5d"
age: 19339
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: cLi_LXRcFrC-zxPf-6VBNwMLlqv9v1kHVgS8nNiGEK7MvO5tp6QOiA==
date: Sat, 02 Nov 2024 21:22:07 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 30 Oct 2024 08:50:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27580
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pp-icons.ttf
content.presspage.com/templates/50/2372/465298/ 456 KB
244 KB 85ms
27ms Font
font/ttf 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/templates/50/2372/465298/pp-icons.ttf?yprlij

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?26836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

247a1148c35b121c0431b2e6a10e20890840605530590b3f3a68d805f57a6d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://news.booking.com
Referer: https://content.presspage.com/templates/219/685/784587/pp-booking-settings.min.css?26836

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: JhXUiRW2CfKNeVf3aK7o5lm8_v7msCrx
etag: W/"ff34ce45bb9343306fa032539cf2416d"
age: 53238
access-control-allow-methods: GET
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 2iylzHYsZC5Ggj1mv3r4_p74Vr5I5DLc0KTairp0IPuv8W2BCFC2pQ==
date: Sat, 02 Nov 2024 11:57:08 GMT
content-type: font/ttf
vary: accept-encoding
last-modified: Tue, 05 Mar 2024 10:27:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202408.1.0/ 453 KB
110 KB 46ms
43ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b56e45e770416d91dd83f5a7375794aee5667293cd54219b3d4c17997e885f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: cSmNeMyDkvSieWRwSFHuAQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 1660
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=464200
date: Sun, 03 Nov 2024 02:44:25 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 03:34:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 5e448996-d01e-0063-6883-25d5af000000
cf-ray: 8dc905b89dcf1e45-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 booking_logo--white.svg
content.presspage.com/templates/50/2962/744836/ 8 KB
4 KB 36ms
13ms Image
image/svg+xml 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/templates/50/2962/744836/booking_logo--white.svg?1

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

93af691b38b1e92c465c2caf67d0eb843b57c51dd2c50ce8509b3fbb504d1f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
etag: W/"c96f081503685a634a214f711504ee55"
x-amz-version-id: ZX7Wxj3m55ftK4lNlay47ImN6A64Kky7
age: 10087
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Ys7DvdX5DqsIw_FFNvhJgxsK3vCMcT_v0hI3aU1Wr7VVf8nIY1yAaQ==
date: Sat, 02 Nov 2024 23:56:19 GMT
content-type: image/svg+xml
vary: accept-encoding, Origin
last-modified: Tue, 05 Mar 2024 10:28:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 booking_logo--blue.svg
content.presspage.com/templates/50/2962/744836/ 8 KB
4 KB 38ms
15ms Image
image/svg+xml 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/templates/50/2962/744836/booking_logo--blue.svg?1

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

98220a088c7193dcb97447e7d9bb6b94d289d121f4eadc418832c5242702a54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-encoding: br
etag: W/"c34097669b28d5ad8e42fd5f70870e54"
x-amz-version-id: UA0sZqdzfNTb4tbeDV1GmaQi6fnGrzbf
age: 10087
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 4CjP-HRtyF42NV-qQD1tDnSqv9GeXV2FcUxNJbLxUKl8N013F0XTVw==
date: Sat, 02 Nov 2024 23:56:19 GMT
content-type: image/svg+xml
vary: accept-encoding, Origin
last-modified: Tue, 05 Mar 2024 10:28:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_tromsonorway-credits-booking.comcopygettyimages-159597813.jpg
content.presspage.com/uploads/685/8f069b23-34c5-44c9-81bc-3b947bfbe140/ 133 KB
134 KB 47ms
25ms Image
image/jpeg 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/8f069b23-34c5-44c9-81bc-3b947bfbe140/c800_tromsonorway-credits-booking.comcopygettyimages-159597813.jpg?75849

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b78b55f701e2ed6c9f0b5742387689551628063c39b4300d5f1b4b8c6579539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "ccde8da2c21da93b299001383cac4236"
x-amz-version-id: EWSRL3k9pTxEEMYJnM6bpkqf1tzf29Q_
age: 1533123
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: xzYa-C7WIaB2yY67zvezu50hfvcJjUvtlR0oOiRL1sHs_w0aEY0gug==
date: Wed, 16 Oct 2024 08:52:23 GMT
content-type: image/jpeg
last-modified: Mon, 14 Oct 2024 09:37:08 GMT
vary: Origin
x-amz-meta-height: 329
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 136349
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_shoppingforproduceingrocerystore-leadimage.jpg
content.presspage.com/uploads/685/8468f853-ca03-4568-a9c2-cbe69e8102b2/ 105 KB
106 KB 50ms
28ms Image
image/jpeg 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/8468f853-ca03-4568-a9c2-cbe69e8102b2/c800_shoppingforproduceingrocerystore-leadimage.jpg?79371

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3c22847f17b7533b7aea11f3378b22e808ad7719b3fac5551018018154824c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "e3829f56b45513b31f70f0693e173c72"
x-amz-version-id: CN89L6tNEXJ96tX5DLbTtSnCnosSBJrq
age: 2011491
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: SXdhdLWalqCQM0zDYKhPFe1I-nmzrase6k_X521uPpta8KH69M_TRw==
date: Thu, 10 Oct 2024 19:59:35 GMT
content-type: image/jpeg
last-modified: Mon, 07 Oct 2024 08:28:50 GMT
vary: Origin
x-amz-meta-height: 297
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 107939
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c800_internationalcoffeeday.jpg
content.presspage.com/uploads/685/7a2d3856-e8dd-48a3-8b6c-dc8825c88c11/ 85 KB
85 KB 52ms
31ms Image
image/jpeg 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/7a2d3856-e8dd-48a3-8b6c-dc8825c88c11/c800_internationalcoffeeday.jpg?50424

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

69a7f7e3df023cbb78c479e37f83c063a2de91bcca7b2af348535169ceb087c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "3457e5e074a0317f0f8ddf68a761d6c1"
x-amz-version-id: 9iIIOE4pZk0siPYN3FOG5_WZhmD.U60u
age: 408069
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: kJA8MWTz2HXSJtHAYtgeqtrN4460yiHAUg36R6WtX0cvjeAVgyzzUQ==
date: Tue, 29 Oct 2024 09:23:17 GMT
content-type: image/jpeg
last-modified: Thu, 05 Sep 2024 14:31:21 GMT
vary: Origin
x-amz-meta-height: 335
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 800
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 86636
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 track-visits Show response
api.presspage.com/statistics/v0/ 31 B
564 B 270ms
61ms XHR
application/json 2a05:d014:dd2:c302:4e94:302a:eca2:b0d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.presspage.com/statistics/v0/track-visits

Requested by

Host: content.presspage.com
URL: https://content.presspage.com/assets/e00be28934850e8999d57c1d8d9aa5756625dfcb/js/jquery-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:dd2:c302:4e94:302a:eca2:b0d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

658dcf097cb005f827fdb5c0813ebd21deed4578bef5b587d56585fa5a9ba8cc

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

Referer: https://news.booking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: "max-age=31536000; includeSubDomains"
cache-control: no-cache, private
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
date: Sun, 03 Nov 2024 02:44:25 GMT
x-xss-protection: "1; mode=block"
content-type: application/json
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,FINGER-PRINT,X-AUTH-TOKEN,X-AUTH-NEWSROOM-TOKEN,accounts,Link,x-auth-content-language

GET
H2 200 c1920_destinationsperfectforthespiritualseekers.jpg
content.presspage.com/uploads/685/1691002b-5939-4ee7-af2b-802b9ab53af3/ 268 KB
269 KB 96ms
38ms Image
image/jpeg 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/1691002b-5939-4ee7-af2b-802b9ab53af3/c1920_destinationsperfectforthespiritualseekers.jpg?65211

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a6b030fd6227311ce7f3951718f850c6c40e8a44f68286c43a5aaff09d2e5e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "d67f958faa606bac00a1617a3ff48b49"
x-amz-version-id: Z3OCEDnvAyMzMjfY5tg3lfj8.L0hKTA.
age: 134727
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: oYg7x2-0kxvPVwG9dT6FJlQPRCCEBR-qxwbx6QLyz3mwq5YHw4BmQw==
date: Fri, 01 Nov 2024 13:18:59 GMT
content-type: image/jpeg
last-modified: Mon, 07 Oct 2024 10:02:45 GMT
vary: Origin
x-amz-meta-height: 831
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 1920
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 274801
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/01919962-3e9c-7145-9d1a-dadf7f5db4c8/ 56 KB
14 KB 33ms
13ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db9be2d3-b529-44d8-a87e-5b8c48e22eeb/01919962-3e9c-7145-9d1a-dadf7f5db4c8/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

761f983533fd6bff9c284e6622ecee74779a235b6581e387208283d131891c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: mx8ZoriGBBggiUkpTumuOw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCCBFC1BC88BAC
age: 66471
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Mon, 04 Nov 2024 02:44:25 GMT
date: Sun, 03 Nov 2024 02:44:25 GMT
content-type: application/json
last-modified: Tue, 03 Sep 2024 09:38:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 318e6695-a01e-0023-544d-26fc41000000
cf-ray: 8dc905ba3e309195-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14460
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 c1920_ux-noctur-ism-generic-credits-booking.comcopygettyimages-961007550.jpg
content.presspage.com/uploads/685/8513e1a7-56ff-4a6c-a002-809338792afb/ 358 KB
359 KB 103ms
43ms Image
image/jpeg 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/8513e1a7-56ff-4a6c-a002-809338792afb/c1920_ux-noctur-ism-generic-credits-booking.comcopygettyimages-961007550.jpg?94470

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a30306fe2280e21473a57fc1a5bd2e75ad62cddf52362ea1924d11ca93ac726b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "62628c54fc70f65a8cfd727f4480fc08"
x-amz-version-id: znkgsWD_TBdJLkCDjrkspD2d5DkM0tCu
age: 138259
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: sQqh09p_0_KXNCQW5UMsnQZ7VKhe7ja2K1dQhcGNL85sCpCAx4XbXA==
date: Fri, 01 Nov 2024 12:20:07 GMT
content-type: image/jpeg
last-modified: Mon, 14 Oct 2024 10:20:39 GMT
vary: Origin
x-amz-meta-height: 746
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 1920
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 366335
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c1920_halloween-2.jpg
content.presspage.com/uploads/685/084403fb-be87-4226-9e2b-253e049e1819/ 523 KB
524 KB 131ms
71ms Image
image/jpeg 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.presspage.com/uploads/685/084403fb-be87-4226-9e2b-253e049e1819/c1920_halloween-2.jpg?90523

Requested by

Host: news.booking.com
URL: https://news.booking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ae1ae5020b9e4d665c4d71042bd9aab6cebab9ce242f036dc77d0cb56af22c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "bb15025e3eb0f3971c02e2d9ea5e3c23"
x-amz-version-id: 3OqiY6Nb_g8QfJPEYQwHtNnxQwbDoSSK
age: 300168
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: User upload
x-amz-cf-id: IxS-wCywl_0EiyJ_cnaXawkvzJ22lOMSFGNc5jg23oNifHn8MLWU1w==
date: Wed, 30 Oct 2024 15:21:38 GMT
content-type: image/jpeg
last-modified: Thu, 05 Sep 2024 14:40:40 GMT
vary: Origin
x-amz-meta-height: 640
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-amz-meta-width: 1920
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 535627
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/ 13 KB
3 KB 32ms
20ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: sJMlMDwvdZk7rNpgGQCzTA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCD1496AC72635
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 22504
x-content-type-options: nosniff
date: Sun, 03 Nov 2024 02:44:25 GMT
content-type: application/json
last-modified: Tue, 10 Sep 2024 03:34:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 7d7eb421-e01e-0024-2369-030ac4000000
cf-ray: 8dc905bb3e919195-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/ 24 KB
4 KB 39ms
28ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 24257
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=24745
date: Sun, 03 Nov 2024 02:44:25 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 03:34:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 61f73f22-801e-003f-4068-032456000000
cf-ray: 8dc905bb3e939195-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 130ms
91ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://news.booking.com
Referer: https://fonts.googleapis.com/

Response headers

age: 416725
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 06:59:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 06:59:00 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 74ms
35ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://news.booking.com
Referer: https://fonts.googleapis.com/

Response headers

age: 300262
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:20:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:20:03 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 685.ico
content.presspage.com/favicon/ 25 KB
26 KB 16ms
15ms Other
image/x-icon 2600:9000:2646:1000:15:cfc2:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.presspage.com/favicon/685.ico?574361062

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:1000:15:cfc2:9880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d6f4604e2dfc6ff3a84f6de028c4c4f65401aa33a819f1eefb558e1e578e6671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://news.booking.com/

Response headers

x-amz-meta-client-id: 685
etag: "95a945b185cdeef4d80192b8441447a6"
x-amz-version-id: H9HuX1pvrB3scjeMdwiLJhwKw3JOtTim
age: 21564896
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-meta-file-category: Client favicon
x-amz-cf-id: qpQR7i8LraqzexCG30O0c4QRJSIQMNYVFU5MjmZ8QfEK-dsWp0iynw==
date: Tue, 27 Feb 2024 12:29:30 GMT
content-type: image/x-icon
last-modified: Wed, 07 Apr 2021 12:11:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-amz-replication-status: REPLICA
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 25971
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
launch.sneature.com/	1970-01-21 00:43:21	Name: d Value: 60
launch.sneature.com/	1970-01-21 00:43:21	Name: n Value: Europe/Berlin
launch.sneature.com/	1970-01-21 00:43:21	Name: sp Value: Linux%20x86_64
launch.sneature.com/	1970-01-21 00:43:21	Name: su Value: Mozilla/5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/130.0.0.0%20Safari/537.36
launch.sneature.com/	1970-01-21 00:43:21	Name: iu Value: Mozilla/5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/130.0.0.0%20Safari/537.36
launch.sneature.com/	1970-01-21 00:43:21	Name: wd Value: false
news.booking.com/	1969-12-31 23:59:59	Name: PPSESSION Value: difqdmu9a0arpplukb9osrgfm8
.news.booking.com/	1970-01-21 05:02:33	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Nov+03+2024+03%3A44%3A25+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&version=202408.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=d0909a74-d16a-4e3c-b497-268f4398765c&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fnews.booking.com%2F&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.presspage.com
cdn.cookielaw.org
cdn.jsdelivr.net
content.presspage.com
enwars.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
launch.sneature.com
manager.presspage.com
news.booking.com
142.250.186.99
2600:9000:2646:1000:15:cfc2:9880:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2a00:1450:4001:827::200a
2a04:4e42:400::485
2a05:d014:dd2:c302:4e94:302a:eca2:b0d
2a05:d014:dd2:c302:993c:e92a:ff98:3a8a
5.42.102.161
52.58.159.35
78.46.177.197
05a65a6a57bbabf00017beca88e6f94745c9ff8438edc8ff7df31a44fa5f3838
10424d0d012e8b53561402134ef9f8fa28e6ae772d50e96b4e8acf88bbaf31ea
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
247a1148c35b121c0431b2e6a10e20890840605530590b3f3a68d805f57a6d14
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f61510b69aea56c0200a96089fe33e2751ecba1b6cfa4d5f85c11ea2d953bf5
3b78b55f701e2ed6c9f0b5742387689551628063c39b4300d5f1b4b8c6579539
3e049dcefc9390e7c8f8bcc2c090183ed556dd941f6b6a559a3ca09b472e67b4
50cd3c00afc865a5b01a328a22d1c84058efd7e76fe3b1eb79bb7669a1f9e2eb
5de11e2e3c7322ba096d84edbf8adac8c9a8c2022af224f1c6bdc25d658ad5a7
62c045ad232f63a02d0316089fda58d7a7e7a330d5095f072ab0981b4777bb90
658dcf097cb005f827fdb5c0813ebd21deed4578bef5b587d56585fa5a9ba8cc
69a7f7e3df023cbb78c479e37f83c063a2de91bcca7b2af348535169ceb087c1
6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
761f983533fd6bff9c284e6622ecee74779a235b6581e387208283d131891c1f
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
91d475df95a13f2a95a797b265f689a231d58f05c40d1f251e56d9ea82106c85
93af691b38b1e92c465c2caf67d0eb843b57c51dd2c50ce8509b3fbb504d1f34
98220a088c7193dcb97447e7d9bb6b94d289d121f4eadc418832c5242702a54f
98447f99e2bdf1965ed9a6a5a89d75ab580dc3f3d33c9fc09f2fd7190878b7ec
9939a9bee9ae4b72742cf599502a31beed5e8634c8ce254ac957fda9c7b13438
a30306fe2280e21473a57fc1a5bd2e75ad62cddf52362ea1924d11ca93ac726b
a538aa597c716117da78068059d60fccdb9a792351b4630a74b6d42cd09563c3
a6b030fd6227311ce7f3951718f850c6c40e8a44f68286c43a5aaff09d2e5e16
ae1ae5020b9e4d665c4d71042bd9aab6cebab9ce242f036dc77d0cb56af22c1f
b82e567b32dbc17ba3c07a30656c9ae21f7cdf3511d24e5ac95dd9257ff73156
bbc4ed2659f3ef8b9303fbfed2529077332277b5e6be563e32b19026a3b1d001
c6b56e45e770416d91dd83f5a7375794aee5667293cd54219b3d4c17997e885f
c7e06879de9b9038485d6c5188d0a9e7c903ee23486fa2aa9d63f24ebae1effc
d3c22847f17b7533b7aea11f3378b22e808ad7719b3fac5551018018154824c6
d6f4604e2dfc6ff3a84f6de028c4c4f65401aa33a819f1eefb558e1e578e6671
d720a8e0f3d3a28a7346812dbf4ea5c1bcdfaa77b968ff7d27d607d6c9b08af9
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de0d683956b0c1984ee72042647828918f24852cf1e745e8b2aa78b9bd25c463
e1cb499a9f98e88ff46f57371fd3e6dc5b4b873523a0fed081325dd32686c636
ed06b6ff7398644229001c37d986b3fbcf9bc6111f14641bb7e79f41efe2b6e8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd381dee23980bbf1843495a2723edc81adf7a3a13cf888f3b9f9cae7ee31cc6
fdcd6a3c237da227932e17729d84e3fb548efd01a8233765370970a024b13419
fdfc9343fa42ebdc2647c0e00f07542644f5c8d1b02058f04ee76fb617bac761

news.booking.com Open in urlscan Pro 52.58.159.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

64 %IPv6

9 Domains

11 Subdomains

10 IPs

3 Countries

2476 kBTransfer

3823 kBSize

8 Cookies

30 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

news.booking.com Open in urlscan Pro
52.58.159.35 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

2476 kB
Transfer

3823 kB
Size

8
Cookies

44 HTTP transactions
0 data transactions