www.booking.com Open in urlscan Pro
18.245.60.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ch.booking.com/c?target=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tL3IvP2NhYmluQ2xhc3M9RUNPTk9NWSZvcmlnaW49Q0pOJmFkdWx...
Effective URL:
https://www.booking.com/flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a172514dca933275&adpl...
Submission: On November 07 via api (November 7th 2023, 12:31:26 am UTC) from BE — Scanned from DE

Summary HTTP 54 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 54 HTTP transactions. The main IP is 18.245.60.7, located in United States and belongs to AMAZON-02, US. The main domain is www.booking.com. The Cisco Umbrella rank of the primary domain is 12201.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 12th 2023. Valid for: a year.

This is the only time www.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.222.214.6 52.222.214.6	16509 (AMAZON-02) (AMAZON-02)
2 8	99.86.4.92 99.86.4.92	16509 (AMAZON-02) (AMAZON-02)
3 5	18.245.60.7 18.245.60.7	16509 (AMAZON-02) (AMAZON-02)
25	2600:9000:205... 2600:9000:2057:7600:1c:d826:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:2251:9000:5:bf05:acc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
54	11

1 52.222.214.6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-6.fra56.r.cloudfront.net

ch.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.86.4.92 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-92.fra6.r.cloudfront.net

flights.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.245.60.7 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-7.fra60.r.cloudfront.net

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:2057:7600:1c:d826:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

q-xx.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r-cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q-cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:9000:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

t-cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	bstatic.com q-xx.bstatic.com — Cisco Umbrella Rank: 16792 r-cf.bstatic.com — Cisco Umbrella Rank: 310831 q-cf.bstatic.com — Cisco Umbrella Rank: 288067 t-cf.bstatic.com — Cisco Umbrella Rank: 25797	726 KB
14	booking.com 6 redirects ch.booking.com — Cisco Umbrella Rank: 776319 flights.booking.com — Cisco Umbrella Rank: 138435 www.booking.com — Cisco Umbrella Rank: 12201	107 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	142 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	563 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	563 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 366	13 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	149 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 590	294 B
54	9

	Domain	Requested by
19	q-xx.bstatic.com	www.booking.com q-xx.bstatic.com
8	flights.booking.com	2 redirects q-xx.bstatic.com
7	cdn.cookielaw.org	www.booking.com cdn.cookielaw.org
5	www.booking.com	3 redirects q-xx.bstatic.com
4	r-cf.bstatic.com	www.booking.com
3	t-cf.bstatic.com	www.booking.com
2	www.google.de	www.booking.com
2	www.google.com	www.booking.com
2	bat.bing.com	www.booking.com bat.bing.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.googletagmanager.com	www.booking.com www.googletagmanager.com
2	q-cf.bstatic.com	www.booking.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	ch.booking.com	1 redirects
54	14

This site contains links to these domains. Also see Links.

Domain
flights.booking.com
secure.booking.com
booking.com

Subject Issuer	Validity	Valid
*.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-12` - `2024-05-18`	a year	crt.sh
*.bstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-13` - `2024-08-31`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.booking.com/flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a172514dca933275&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP&
Frame ID: F4D846C5EFD02A98D72796C63AB3477A
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Find cheap flights & plane tickets | Booking.com

Page URL History Show full URLs

https://ch.booking.com/c?target=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tL3IvP2NhYmluQ2xhc3M9RUNPTk9NWSZ... HTTP 307
https://flights.booking.com/r/?cabinClass=ECONOMY&origin=CJN&adults=2&destination=BUS&adplat=email-mg_co... HTTP 302
https://flights.booking.com/?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R... HTTP 302
https://www.booking.com/flights/index.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-chec... HTTP 302
https://www.booking.com/food_redirect.html?url=aHR0cHM6Ly93d3cuYm9va2luZy5jb20vZmxpZ2h0cy9pbmRleC5od... HTTP 302
https://www.booking.com/flights/index.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-chec... HTTP 302
https://www.booking.com/flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

54
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

14
Subdomains

11
IPs

2
Countries

1136 kB
Transfer

4678 kB
Size

16
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://flights.booking.com/?aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK

Search URL Search Domain Scan URL

URL: https://secure.booking.com/help?source=hc_entry_point_flights_header&lang=en-us&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK

Search URL Search Domain Scan URL

URL: https://flights.booking.com/api/oauth/register?redirectURL=%2Fflights%2Findex.html%3Faid%3D2097130%26label%3Dconfirmation_text%26sid%3Df7362ce1a5c109b2a172514dca933275%26adplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK%26adults%3D2%26cabinClass%3DECONOMY%26depart%3D2023-10-13%26destination%3DBUS%26from%3DCJN%26origin%3DCJN%26return%3D2023-10-14%26showLoader%3D1%26to%3DBUS%26type%3DROUNDTRIP%26&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Register

Search URL Search Domain Scan URL

URL: https://flights.booking.com/api/oauth/login?redirectURL=%2Fflights%2Findex.html%3Faid%3D2097130%26label%3Dconfirmation_text%26sid%3Df7362ce1a5c109b2a172514dca933275%26adplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK%26adults%3D2%26cabinClass%3DECONOMY%26depart%3D2023-10-13%26destination%3DBUS%26from%3DCJN%26origin%3DCJN%26return%3D2023-10-14%26showLoader%3D1%26to%3DBUS%26type%3DROUNDTRIP%26&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Sign in

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?url=https%3A%2F%2Fbooking.kayak.com%2Fin%3Fp%3Dsearchbox_link%26sid%3Df7362ce1a5c109b2a172514dca933275%26mc%3DEUR%26a%3Dbdc%252Fsearchbox%26bdclc%3Den-us&lang=en&token=UmFuZG9tSVYkc2RlIyh9Yek6N0IyIDlt1D_n8GoSlCI0inwabKpuuJm4NUpeTtatS_4c2nEPaIZU5-cEQyMEgbpMLtV-u-5bDjzSyZgzrerl4lGCvg4bNsTiUoAZ0T5Y94MLIT9mzatrquVn9Rgv4RWA9uwpSa_MFm98IAHO-_HcFzyhuJUijml3jSVV7FnRUEhQI7Wt15nA5p1CDA-h27da5FAzaXGU91IVd7Z_tGvLfLogx2y4aIADUi29VyymFqe1Oy6rc0-2mekxEy0n_ijORSO-HioCLGcn0v7xXCLvGeZy1tXGxrbnZxhPlx6yBGida632UYv9FTj8GOkWoA&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Flights

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?token=UmFuZG9tSVYkc2RlIyh9Yb5s-oRzgw76bcWUd8wbcu_HQ_oNS0n5o7zQ4ALMS4xCoDgoIg07PIOUr_phnebffUinFPKSLpFru4iiVNZuyic69-Hn44j45plBbXW40-zWrWy6awAKcsvrUIlKxAgkFLypoQo81ginvdu3Pu_bLauafjY8aBHpU5H_wlFNfWJOOsBr6oC_9K9V3UJbmuUxvf4lka6Amddf0mRxcZClxhfgsS2LuvNOTO1xhx8k6laDCcBFtVA6sfVRp70kTqO2a3DnAsU19ZoVr0E2p_d_msYEd9ERlOH9hIQfDQ6azDXpYkQq9D5H2UCRZ_AAVv36ww&url=https%3A%2F%2Fbooking-dp.lastminute.de%3Futm_source%3Dbooking%26utm_medium%3Dwhitelabel%26utm_campaign%3Dhomepage_tab&lang=en&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Flight + Hotel

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-OPO/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-13&return=2023-11-20&from=FRA&to=OPO&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Frankfurt/Main to PortoNov 13 - Nov 20 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-PMI/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-13&return=2023-11-20&from=FRA&to=PMI&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Frankfurt/Main to Palma de MallorcaNov 13 - Nov 20 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-ROM/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-12&return=2023-11-19&from=FRA&to=ROM&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Frankfurt/Main to RomeNov 12 - Nov 19 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-SVQ/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-12&return=2023-11-19&from=FRA&to=SVQ&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Frankfurt/Main to SevilleNov 12 - Nov 19 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-LON/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-07&return=2023-11-14&from=FRA&to=LON&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Frankfurt/Main to LondonNov 7 - Nov 14 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-MIL/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-12&return=2023-11-19&from=FRA&to=MIL&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Frankfurt/Main to ParmaNov 12 - Nov 19 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-PAR/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-12&return=2023-11-19&from=FRA&to=PAR&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Frankfurt/Main to ParisNov 12 - Nov 19 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-FAO/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-12&return=2023-11-19&from=FRA&to=FAO&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Frankfurt/Main to FaroNov 12 - Nov 19 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-AGP/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-09&return=2023-11-16&from=FRA&to=AGP&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Frankfurt/Main to MálagaNov 9 - Nov 16 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-IST/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-11&return=2023-11-18&from=FRA&to=IST&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Istanbul, TurkeyFlights from Frankfurt AirportNov 11 - Nov 18 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-BKK/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-07&return=2023-11-14&from=FRA&to=BKK&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Bangkok, ThailandFlights from Frankfurt AirportNov 7 - Nov 14 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-BCN/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-13&return=2023-11-20&from=FRA&to=BCN&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Barcelona, SpainFlights from Frankfurt AirportNov 13 - Nov 20 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-NYC/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-07&return=2023-11-14&from=FRA&to=NYC&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: New York, United States of AmericaFlights from Frankfurt AirportNov 7 - Nov 14 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-LIS/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-13&return=2023-11-20&from=FRA&to=LIS&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Lisbon, PortugalFlights from Frankfurt AirportNov 13 - Nov 20 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-DPS/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-08&return=2023-11-15&from=FRA&to=DPS&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Kuta, IndonesiaFlights from Frankfurt AirportNov 8 - Nov 15 · Round trip

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-AYT/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-11-12&return=2023-11-19&from=FRA&to=AYT&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Antalya, TurkeyFlights from Frankfurt AirportNov 12 - Nov 19 · Round trip

Search URL Search Domain Scan URL

URL: https://secure.booking.com/help?source=hc_entry_point_flights_footer&lang=en-us&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK
Title: Flights Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ch.booking.com/c?target=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tL3IvP2NhYmluQ2xhc3M9RUNPTk9NWSZvcmlnaW49Q0pOJmFkdWx0cz0yJmRlc3RpbmF0aW9uPUJVUyZhZHBsYXQ9ZW1haWwtbWdfY29uZmlybWF0aW9uX2VtYWlsLWxwX2luX2NvcHktZmxpZ2h0LWNoZWNrbGlzdC0xeEtTaW9HeFNNM1I1bTUwT1g1QU1LJmxhYmVsPWNvbmZpcm1hdGlvbl90ZXh0JnR5cGU9Uk9VTkRUUklQJmZyb209Q0pOJnRvPUJVUyZkZXBhcnQ9MjAyMy0xMC0xMyZsYW5nPWVuLXVzJnNob3dMb2FkZXI9MSZhaWQ9MjA5NzEzMCZyZXR1cm49MjAyMy0xMC0xNA==&st=RkxJR0hU&lt=UFJPRFVDVDpyb3VuZHRyaXA=&rid=957c6fb0-681b-11ee-ab40-bb85e7e6aa93&si=ChZiLXBhbmRhLXRvcC1rLXNlbGVjdG9yEAEaQHydJe2uzZzg6vVAcclXXzmw5INFn0blfWsRT8/F+IyC3t1L2GhbTxyCp0QCC5Zvu0VCi1vAumVNqNUu+6fLDQQ=&mmconf=checklist HTTP 307
https://flights.booking.com/r/?cabinClass=ECONOMY&origin=CJN&adults=2&destination=BUS&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&label=confirmation_text&type=ROUNDTRIP&from=CJN&to=BUS&depart=2023-10-13&lang=en-us&showLoader=1&aid=2097130&return=2023-10-14 HTTP 302
https://flights.booking.com/?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&label=confirmation_text&lang=en-us&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP HTTP 302
https://www.booking.com/flights/index.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&label=confirmation_text&lang=en-us&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP HTTP 302
https://www.booking.com/food_redirect.html?url=aHR0cHM6Ly93d3cuYm9va2luZy5jb20vZmxpZ2h0cy9pbmRleC5odG1sP2FkcGxhdD1lbWFpbC1tZ19jb25maXJtYXRpb25fZW1haWwtbHBfaW5fY29weS1mbGlnaHQtY2hlY2tsaXN0LTF4S1Npb0d4U00zUjVtNTBPWDVBTUsmYWR1bHRzPTImYWlkPTIwOTcxMzAmY2FiaW5DbGFzcz1FQ09OT01ZJmRlcGFydD0yMDIzLTEwLTEzJmRlc3RpbmF0aW9uPUJVUyZmcm9tPUNKTiZsYWJlbD1jb25maXJtYXRpb25fdGV4dCZsb2NhbGU9ZW4tdXMmb3JpZ2luPUNKTiZyZXR1cm49MjAyMy0xMC0xNCZzaG93TG9hZGVyPTEmdG89QlVTJnR5cGU9Uk9VTkRUUklQ HTTP 302
https://www.booking.com/flights/index.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&label=confirmation_text&locale=en-us&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP HTTP 302
https://www.booking.com/flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a172514dca933275&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
www.booking.com/flights/
Redirect Chain

https://ch.booking.com/c?target=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tL3IvP2NhYmluQ2xhc3M9RUNPTk9NWSZvcmlnaW49Q0pOJmFkdWx0cz0yJmRlc3RpbmF0aW9uPUJVUyZhZHBsYXQ9ZW1haWwtbWdfY29uZmlybWF0aW9uX2VtYWlsLWxwX...
https://flights.booking.com/r/?cabinClass=ECONOMY&origin=CJN&adults=2&destination=BUS&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&label=confirmation_text&t...
https://flights.booking.com/?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN...
https://www.booking.com/flights/index.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-10-13&destinatio...
https://www.booking.com/food_redirect.html?url=aHR0cHM6Ly93d3cuYm9va2luZy5jb20vZmxpZ2h0cy9pbmRleC5odG1sP2FkcGxhdD1lbWFpbC1tZ19jb25maXJtYXRpb25fZW1haWwtbHBfaW5fY29weS1mbGlnaHQtY2hlY2tsaXN0LTF4S1Npb0...
https://www.booking.com/flights/index.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-10-13&destinatio...
https://www.booking.com/flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a172514dca933275&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX...

731 KB
91 KB

491ms
490ms

Document
text/html

18.245.60.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a172514dca933275&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-7.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

633bbf612c7c75e8ba07b9875ad3ae7526c363d17831a8c9d726a31ea494d2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 91428
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=005c03acc4fd0159&e=UmFuZG9tSVYkc2RlIyh9YWNWlKLi8Iut9UDBm-0CY43LRNVJKS7iJHK0P95mLf1i
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 00:31:20 GMT
nel: {"max_age":604800,"report_to":"default"}
reason
referrer-policy: no-referrer
report-to: {"max_age":604800,"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}]}
server: envoy
status: 200
strict-transport-security: max-age=300; includeSubDomains
vary: User-Agent, Accept-Encoding
via: 1.1 b459d8cae3f218ce39711fc3ecdcc998.cloudfront.net (CloudFront)
x-amz-cf-id: yti7L1re3-xGbcAl2whl-CM9_eH1SffeCeKs5HAHB9irDpjS5GE8ig==
x-amz-cf-pop: FRA60-P5
x-bookings-http-multivalue: HASH(0x7fae64dcb5d0)
x-cache: Miss from cloudfront
x-content-type-options: nosniff nosniff
x-envoy-upstream-service-time: 202
x-frame-options: SAMEORIGIN
x-recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
x-request-id: 2ec2584c-b917-47f5-af19-fa18195033b2
x-xss-protection: 1; mode=block

Redirect headers

content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=666903acbbaa0135&e=UmFuZG9tSVYkc2RlIyh9YWNWlKLi8IutnsGmqq-BtKiApRChVbZ6OixNFrLAWpCc
date: Tue, 07 Nov 2023 00:31:20 GMT
location: /flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a172514dca933275&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP&
nel: {"max_age":604800,"report_to":"default"}
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}]}
server: nginx
strict-transport-security: max-age=300; includeSubDomains
via: 1.1 b459d8cae3f218ce39711fc3ecdcc998.cloudfront.net (CloudFront)
x-amz-cf-id: njx-c_7P0MPlLq-DdSALJl6aSX4QKp-cfXh0hif1_DEQsA9ksN-WFw==
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
x-xss-protection: 1; mode=block

GET
H2 200 client.b400fb8a.css
q-xx.bstatic.com/flights/web/static/css/ 302 KB
30 KB 114ms
56ms Stylesheet
text/css 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/css/client.b400fb8a.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a172514dca933275&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c32aeb0263e4789793d66462178e6933a2c427fabc14593d97f10ea2d558f48e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:54:50 GMT
content-encoding: br
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 635790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Sun, 28 Jan 2024 15:38:10 GMT", rule-id="expire-static-assets"
last-modified: Mon, 30 Oct 2023 15:38:10 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:cbff7af79a26d2d5bcd816d910410f9a
etag: W/"cbff7af79a26d2d5bcd816d910410f9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: XVdFzDN29P8YhypTJNN7KUP8THQoc2cYqqSVKgOB9mGDM2QSJ32eTQ==
expires: Wed, 29 Nov 2023 15:54:50 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/ 9 KB
3 KB 99ms
46ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfbe1a9cc8a14086aafa1c4b0836ec64dc12eb522a419e6600190033aff686e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 00:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 45866
content-md5: UtbcMFAeytYTm2njFtO9DQ==
content-length: 2587
x-ms-lease-status: unlocked
last-modified: Thu, 07 Sep 2023 11:45:11 GMT
server: cloudflare
etag: 0x8DBAF97E4803813
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4b64307e-c01e-00a6-6980-e18e9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8221790ba9644dac-FRA
expires: Wed, 08 Nov 2023 00:31:20 GMT

GET
H2 200 644363.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 9 KB
9 KB 67ms
31ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/644363.jpg?k=d7dfbc64880d52cf00797f6a0e34568e4d25fc913a719a721a06832b5c5a9308&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5147eef02a949fda1f4f2d0335ee29d0e75670de519caec953316d38d2fd03e4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 18:43:45 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 1835255
etag: "500ab5bcfe0e7988f811897f9677f2acccb618c8"
x-cache: Hit from cloudfront
content-language: 9248
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: UcjLS-N-jKva5jRmeFPOfQPn4NDnh7A-9EbUh8Spx1oZB7jiImdeHQ==
x-xss-protection: 1; mode=block

GET
H2 200 644333.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 8 KB
8 KB 64ms
28ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/644333.jpg?k=5ef264baf6fb50c13b119d4b378111f7072e30c42996c51ce7e76f2574e1d785&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da4d6cbe029e66af0b914d74b4058756451fda4f79b4e7b85c0ebf4f0e74cfb2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 15:44:45 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 2537195
etag: "508c46e4d96fa9c4474e271b0c24f5063e18c50c"
x-cache: Hit from cloudfront
content-language: 7778
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 7778
x-xss-protection: 1; mode=block
x-amz-cf-id: Dt8NTCMoojRxF-SkgQY7VewHFbXrjwcwWtRB4lX2EcyOSO8-7liscQ==

GET
H2 200 654465.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 8 KB
8 KB 30ms
30ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/654465.jpg?k=e986e4c928c7135f9195b209f97f430b5abeb12de717a5c2ac02d850befb8018&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e427436ed0ce834394870c251e79702d7d43ade320c43f6a78d800dad2bec3dc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 02:10:48 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 944432
etag: "23765dd555446117949c804092269241b45074ca"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-language: 7856
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 7856
x-xss-protection: 1; mode=block
x-amz-cf-id: 1dqwjin1crELlny6pBYLmLCdM_8bjOBYZeKsbZ04CBFynSY-sAjLdg==

GET
H2 200 674544.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 11 KB
11 KB 32ms
31ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/674544.jpg?k=374eca51a45ac73438fe7ced19eea8841d905b09650fad2f285d58bfed41efa2&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

118bad82bb50fca373b9c10dc4233a9e630dd0ccc94503789da17064afa6db56

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 09:32:38 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 226722
etag: "71a2c893fa987449ce73394b646328e96c7eaa8f"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-language: 11062
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: Mr2qwWBAng4jEONNoIoN0T1RLXgMeK1n7RjNanqJp3vUPe-eLs1nBw==
x-xss-protection: 1; mode=block

GET
H2 200 635811.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 8 KB
9 KB 33ms
33ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/635811.jpg?k=0eff5bf70b0d9dcf3af5e9263f5d1b0e6f769e0242232f5c8aac9b8bc4b3e1b1&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a9733056e9719d1d51f24413bb8cb621b8a2b0ce8e6331e4b006fc150566344

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:44:02 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 233238
etag: "d17e07e0f00091015049a93de68f670558913475"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-language: 8450
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: bJive6HD7zOQj4am6iCOtulSqHaxzofP1RjUL3anLC-F8TBrJvv8_A==
x-xss-protection: 1; mode=block

GET
H2 200 953846.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 7 KB
7 KB 34ms
32ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/953846.jpg?k=29f1aa324a747187330b2a8790c799118ef5b22185a0a235a3ab5117f8495006&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

70e549f73c03f059751c1267636d37539205c5a6926d07c171bf7e6b098e9362

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 15:43:35 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 2450865
etag: "e9dda9b3b887436c0efb1e68e46bea47f14ed34c"
x-cache: Hit from cloudfront
content-language: 6877
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 6877
x-xss-protection: 1; mode=block
x-amz-cf-id: 5vJ9YN3cZNn9bVU5lzNrzQklvkQcBrN3i3OMRMnW-7T_nd5PQ2YzrQ==

GET
H2 200 27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png
r-cf.bstatic.com/static/img/tfl/group_logos/logo_booking/ 2 KB
2 KB 40ms
37ms Image
image/png 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r-cf.bstatic.com/static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:10:36 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 1725644
x-cache: Hit from cloudfront
content-length: 1628
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-65c"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VSmLnYzn6J7zQXMyT69HCmn0d5cS2x9OcxCY9cjetfLvapYKuO8JGw==
expires: Fri, 17 Nov 2023 01:10:36 GMT

GET
H2 200 f80e129541f2a952d470df2447373390f3dd4e44.png
q-cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/ 2 KB
2 KB 40ms
38ms Image
image/png 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 05:09:15 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 1279325
x-cache: Hit from cloudfront
content-length: 1591
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-637"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: C8ZfBN0ORZ2HCopMfoFI9O-1D2cpv-P2OGQ8xjJmcLvmBtCwSxuoEg==
expires: Wed, 22 Nov 2023 05:09:15 GMT

GET
H2 200 83ef7122074473a6566094e957ff834badb58ce6.png
r-cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/ 1 KB
2 KB 37ms
35ms Image
image/png 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r-cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 04:17:10 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 1973650
x-cache: Hit from cloudfront
content-length: 1154
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-482"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PCkRK33v8TUc1vcXcKvRcU9n7rU0kc5WObILXcC9w61zq9hvqP9DQQ==
expires: Tue, 14 Nov 2023 04:17:10 GMT

GET
H2 200 1c9191b6a3651bf030e41e99a153b64f449845ed.png
q-cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/ 2 KB
3 KB 39ms
37ms Image
image/png 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 00:34:02 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 1036638
x-cache: Hit from cloudfront
content-length: 2146
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 10:15:57 GMT
server: nginx
etag: "5e6a0bdd-862"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Wp_jx3EHbx4083K-Mt3PjOl1L0LY6wqq1xIgMXvXiVDpzdTf0xX00A==
expires: Sat, 25 Nov 2023 00:34:02 GMT

GET
H2 200 6bc5ec89d870111592a378bbe7a2086f0b01abc4.png
r-cf.bstatic.com/static/img/tfl/group_logos/logo_rentalcars/ 3 KB
4 KB 38ms
36ms Image
image/png 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r-cf.bstatic.com/static/img/tfl/group_logos/logo_rentalcars/6bc5ec89d870111592a378bbe7a2086f0b01abc4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8561e200a6a57195e480ed9d893b14579ef6acdeabfbb3fe22b5e4ec9b84b455

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 08:48:45 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 488555
x-cache: Hit from cloudfront
content-length: 3221
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-c95"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: hMumaiCNDmQyVGiYZpl2UzDaYGr0LDJz7ktu6yBqfuh3rqPBzCynyg==
expires: Fri, 01 Dec 2023 08:48:45 GMT

GET
H2 200 a4b50503eda6c15773d6e61c238230eb42fb050d.png
r-cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/ 2 KB
3 KB 36ms
34ms Image
image/png 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r-cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:37:17 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 471243
x-cache: Hit from cloudfront
content-length: 2344
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-928"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SMTOoWhMJXmcvp13hzxXekzU_WR_ycqyIE7gcEueknN7f3D1AKIE2g==
expires: Fri, 01 Dec 2023 13:37:17 GMT

GET
H2 200 client.eec36e8c.js Show response
q-xx.bstatic.com/flights/web/static/js/ 1 MB
285 KB 93ms
31ms Script
application/javascript 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/js/client.eec36e8c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

46f08b96eeed662a9563239b6626703ac471c90c3109bf9be61993e48b966161

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:06:36 GMT
content-encoding: br
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 44684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Sun, 04 Feb 2024 12:00:53 GMT", rule-id="expire-static-assets"
last-modified: Mon, 06 Nov 2023 12:00:53 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:fca70791f29d2e0c1068c07c390e9838
etag: W/"fca70791f29d2e0c1068c07c390e9838"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: R0LnYgi-_MXRK5jBqca-HgtVYb5xBRJaplZ4MjDGI2kCOr26zq9a4A==
expires: Wed, 06 Dec 2023 12:06:36 GMT

GET
H2 200 screens-Home.c30ebbab.chunk.js Show response
q-xx.bstatic.com/flights/web/static/js/ 264 KB
59 KB 98ms
37ms Script
application/javascript 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/js/screens-Home.c30ebbab.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

842abe871ed778a7e63a64c7157f6e6ac56cf548998731811ff10130efdd1592

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:28:28 GMT
content-encoding: br
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 392573
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Wed, 31 Jan 2024 10:42:23 GMT", rule-id="expire-static-assets"
last-modified: Thu, 02 Nov 2023 11:20:35 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:fb4cba504cc1e344e933c5f6845ea396
etag: W/"fb4cba504cc1e344e933c5f6845ea396"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: C7kOhmI2rTxsfsAfCqfOU4EUVzjrv8WmDvTst4AlH_KLv-tVPl3_Ow==
expires: Sat, 02 Dec 2023 11:28:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
76 KB 113ms
41ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQHB9P4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

803b7d5969a6218e56c9b8be3d92f4f5bb4226a8cc88b5e8e4162665c441c9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 00:31:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77845
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:12:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Nov 2023 00:31:21 GMT

GET
H2 200 us.png
q-xx.bstatic.com/backend_static/common/flags/new/48-squared/ 642 B
1 KB 37ms
34ms Image
image/png 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/backend_static/common/flags/new/48-squared/us.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a333d02eedde7a4dd8643d58b0ea7947268a1762f35f517eb6000ec9e7fcfae8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:04:03 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 2165238
x-cache: Hit from cloudfront
content-length: 642
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
server: nginx
etag: "5f55f887-282"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ujA6OqDLCakxkI69yQdaWpp8JhyX_0r9oUiUJN_jzD_OqNpBjPUOeg==
expires: Sat, 11 Nov 2023 23:04:03 GMT

GET
H2 200 971982.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 15 KB
15 KB 36ms
33ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/971982.jpg?k=b65c557258d14ccaf06765683a26d8f2bc5088d751af34e0986923daa72eab98&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b351283674b0d43f5353319877686a7d2070173809ba5e2dcd29f2b96e261667

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 11:02:36 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 307725
etag: "c3b697696bb8000dbf53816ff13df7a7cc9244d3"
x-cache: Hit from cloudfront
content-language: 15284
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: fJZOnl_f1IvxAbKLPdxhLAVRIkNHA8GAZSzG6ufu7nMcXEFhaWE2Rg==
x-xss-protection: 1; mode=block

GET
H2 200 645685.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 8 KB
8 KB 39ms
36ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/645685.jpg?k=bb3c96578e18a637d5481bd37ce507968c8473365b557d08c302e105ec5f13dc&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e1117bd0c871b65190e19381e2856bb55fab15b957b14e6cce36ed3c3c384908

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 09:39:04 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 226337
etag: "2db1598f3b33c253008e1605f033d437c8781006"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-language: 7935
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 7935
x-xss-protection: 1; mode=block
x-amz-cf-id: hy4FJbsj5IMolMsF3eWADxK0db5VrhSsAMIqUqSqzkUtfTn_QqpxZQ==

GET
H2 200 613104.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 12 KB
13 KB 44ms
41ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/613104.jpg?k=6e9fa0c6cb25472c6a843ddc1a14d93cf7a7306a4111a74052af94d75c69b03e&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fdcb2e29bce68a68f34d6143a54b4a6db16e49dab91c7fe6e068c783e0864f11

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:47:35 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 1647826
etag: "0ad05617e83d3480cc148f83950b2a67ebe35bb6"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-language: 12680
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: -z_CoUBXdzsBYR2awdH_Js8UO_xkH-TEPKvsmhjvvVkTahxicCaZkA==
x-xss-protection: 1; mode=block

GET
H2 200 645961.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 11 KB
11 KB 43ms
40ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/645961.jpg?k=590a1d750ec44a3b9c5f6d9dd1c84f2d8b87693e1c553f2dc76ac2cebe75f1a2&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

df00734b7eccb4c7293946d4981a936d6e419d8309df52a38495dafcf2e89c28

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:14:22 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 1484219
etag: "256a6eb58e9ef703aa735e1e2336596d9e17f94a"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-language: 11015
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: ZcOjWgQvQyBKft84JtG-eorGYZd4pxBSXgyM70Ny5oxhQpTw07-bTA==
x-xss-protection: 1; mode=block

GET
H2 200 654657.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 8 KB
9 KB 49ms
46ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/654657.jpg?k=89856fe34d0c79585591dfb571c096931beeea442ef9175f86cd9960ffb242dd&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f4b37393f2c075b901968f72e63b4057dbd6f1b0e48acba372529b13faa3dc6a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:20:01 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 2434280
etag: "ba87dafbcd04b4b6850c17f977cfa9feef9aee2e"
x-cache: Hit from cloudfront
content-language: 8378
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: W5_gSxJp5EN-5_OgzBg3bxak4m34eDriQ2SFGJ0jxtDL2OlUu1X8IQ==
x-xss-protection: 1; mode=block

GET
H2 200 620027.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 10 KB
11 KB 47ms
44ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/620027.jpg?k=3e415bb694a1a0145529dad3242573d0d52364bc57bae824b5990bf9c2fabc04&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3a726740277bf3b9712fe9ab756ec2135f6ebac9b86ac0731cd2b5919e77e798

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 16:17:44 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 1152817
etag: "f67f2079861ef0a77bb4287bbcdb769516f1d891"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-language: 10460
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 0taCE6OsGspVzbHqVKjOaTkJEWyYi9d0CpOkzV4qZseANYXPlwcCDg==
x-xss-protection: 1; mode=block

GET
H2 200 968314.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 11 KB
12 KB 44ms
41ms Image
image/jpeg 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/968314.jpg?k=0e0d712f666150594683eeeea60d7e3afdaab51286a9023f15f648ff3fbb0d6c&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0ed37c039c511d40e23876bd20ff2c0b3d60a5c93e9614a426b819680f379e85

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:29:30 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 75711
etag: "c0515de19d8e2028dad43dd77c1ef7932e40d7e2"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-language: 11498
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 77IITJPM45BrlNUcu-umnVKKWYw-tbMT2M2IqXUCRMXpPQ95ZJ09oQ==
x-xss-protection: 1; mode=block

GET
H2 200 MagnifyingGlassUsp.png
t-cf.bstatic.com/design-assets/assets/v3.99.1/illustrations-traveller/ 3 KB
4 KB 98ms
31ms Image
image/png 2600:9000:2251:9000:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-cf.bstatic.com/design-assets/assets/v3.99.1/illustrations-traveller/MagnifyingGlassUsp.png
Requested by: Host: www.booking.com
URL: https://www.booking.com/flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a172514dca933275&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f8527d9408a651f17cf4de43262a6fa2927ab2af6ca98641828793af062f118

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 05:21:52 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Tue, 10 Oct 2023 12:25:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 68972
x-amz-server-side-encryption: AES256
etag: "5966a74d467ac8907792c738d59e8218"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3358
x-amz-cf-id: m7TDII86hpbtrFPhKLSyrYolPiTpf-oeY9eYV7HY8XmLsxWqHParDQ==

GET
H2 200 MoneyUsp.png
t-cf.bstatic.com/design-assets/assets/v3.99.1/illustrations-traveller/ 4 KB
4 KB 100ms
33ms Image
image/png 2600:9000:2251:9000:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-cf.bstatic.com/design-assets/assets/v3.99.1/illustrations-traveller/MoneyUsp.png
Requested by: Host: www.booking.com
URL: https://www.booking.com/flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a172514dca933275&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54370e8f589fef00fbdc853c168f40c1955c478a26c2f464f76f927951f9ffb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 05:40:26 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Tue, 10 Oct 2023 12:25:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 67957
x-amz-server-side-encryption: AES256
etag: "dca7c9b271c8b4799ce94491fa1b9ef2"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4038
x-amz-cf-id: EyCFjKmGDTDJkrQ1BE1XWzuwLAO7vN-RQCSJftfVze6EUwtl0Q5tKw==

GET
H2 200 TicketsUsp.png
t-cf.bstatic.com/design-assets/assets/v3.99.1/illustrations-traveller/ 4 KB
4 KB 98ms
32ms Image
image/png 2600:9000:2251:9000:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-cf.bstatic.com/design-assets/assets/v3.99.1/illustrations-traveller/TicketsUsp.png
Requested by: Host: www.booking.com
URL: https://www.booking.com/flights/index.html?aid=2097130&label=confirmation_text&sid=f7362ce1a5c109b2a172514dca933275&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK&adults=2&cabinClass=ECONOMY&depart=2023-10-13&destination=BUS&from=CJN&origin=CJN&return=2023-10-14&showLoader=1&to=BUS&type=ROUNDTRIP&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47b58f0909cae06bc80a8d79e50758d188832800d541c7285a8bd72f3b23a0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 05:21:52 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Tue, 10 Oct 2023 12:25:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 68972
x-amz-server-side-encryption: AES256
etag: "4f8be30173d60369e61612204c1a9013"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3759
x-amz-cf-id: NwQoj1l_P-WtuA8NuoDPXkFSr315iKM5HQnZcIoWsDLwxffURt9EAw==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 40ms
39ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 00:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R1P6TtSHAQZyvOSI/KawHw==
age: 62357
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Thu, 02 Nov 2023 05:50:24 GMT
server: cloudflare
etag: 0x8DBDB679BACFE6C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fd3a81d4-f01e-0049-2bfa-0d7b68000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8221790caa694dac-FRA

GET
H2 200 3ea94870-d4b1-483a-b1d2-faf1d982bb31.json Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/ 6 KB
3 KB 115ms
52ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cbf41c1d2cdac0aace6b9464c581ed8a6c3ca2c29d160ce019b300f3a22d662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 00:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 45869
content-md5: YYAw/Ph1nC+ghNDKoOfL5A==
content-length: 2039
x-ms-lease-status: unlocked
last-modified: Thu, 07 Sep 2023 11:45:11 GMT
server: cloudflare
etag: 0x8DBAF97E4AE6D4A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ff9f9ff6-f01e-0014-3380-e171ec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8221790d49d739df-FRA
expires: Wed, 08 Nov 2023 00:31:21 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/481216654/ 3 KB
2 KB 230ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481216654/?random=1699317081163&cv=11&fst=1699317081163&bg=ffffff&guid=ON&async=1&gtm=45He3b60v843635506&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.html%3Faid%3D2097130%26label%3Dconfirmation_text%26sid%3Df7362ce1a5c109b2a172514dca933275%26adplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK%26adults%3D2%26cabinClass%3DECONOMY%26depart%3D2023-10-13%26destination%3DBUS%26from%3DCJN%26origin%3DCJN%26return%3D2023-10-14%26showLoader%3D1%26to%3DBUS%26type%3DROUNDTRIP%26&hn=www.googleadservices.com&frm=0&tiba=Find%20cheap%20flights%20%26%20plane%20tickets%20%7C%20Booking.com&auid=1466511993.1699317081&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQHB9P4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c609173350bc2faad9cb51dba45207528219ce5fd436238237c62babc7ebac2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 00:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1494
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1070314322

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQHB9P4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

020242bea9a6a90b2fbda2b284fa3b901bd3ee6cf9372fda3f4a3fe87f6e332b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 00:31:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74399
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Nov 2023 00:31:21 GMT

GET
H2 200 9806.15323e3e.chunk.js Show response
q-xx.bstatic.com/flights/web/static/js/ 11 KB
3 KB 28ms
28ms Script
application/javascript 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/js/9806.15323e3e.chunk.js

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.eec36e8c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4ef2c8eb00729d025d4d7f79294105c7cea7eddb4063d7c1bc5accf226d03199

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:06:13 GMT
content-encoding: br
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 1923908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Thu, 13 Oct 2022 09:07:53 GMT", rule-id="expire-static-assets"
last-modified: Wed, 11 Oct 2023 13:16:18 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:a197ce07cfb7a8cb87b370fe65362bfb
etag: W/"a197ce07cfb7a8cb87b370fe65362bfb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 8sB7DWK-Yprt-vCsrCJVJdrSvjVy454kop7D10mlW9p0DVyUSbod7g==
expires: Tue, 14 Nov 2023 18:06:13 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
294 B 117ms
43ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 00:31:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8221790eac0a6aec-FRA
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070314322/ 3 KB
2 KB 71ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070314322/?random=1699317081316&cv=11&fst=1699317081316&bg=ffffff&guid=ON&async=1&gtm=45be3b60v882970024&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.html%3Faid%3D2097130%26label%3Dconfirmation_text%26sid%3Df7362ce1a5c109b2a172514dca933275%26adplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK%26adults%3D2%26cabinClass%3DECONOMY%26depart%3D2023-10-13%26destination%3DBUS%26from%3DCJN%26origin%3DCJN%26return%3D2023-10-14%26showLoader%3D1%26to%3DBUS%26type%3DROUNDTRIP%26&hn=www.googleadservices.com&frm=0&tiba=Find%20cheap%20flights%20%26%20plane%20tickets%20%7C%20Booking.com&auid=1466511993.1699317081&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070314322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08a6fbfec6e31832b727c4c5327046d3303b75c02badfbfb4ca78dccfdb8ccc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 00:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1509
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 internal-events
flights.booking.com/track/ 0
0 142ms
76ms Preflight 99.86.4.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-92.fra6.r.cloudfront.net

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-booking-affiliate-id,x-booking-label,x-booking-parent-request-id,x-booking-request-tree-id,x-booking-trace-meta,x-requested-from
Access-Control-Request-Method: POST
Origin: https://www.booking.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-booking-affiliate-id,x-booking-label,x-booking-parent-request-id,x-booking-request-tree-id,x-booking-trace-meta,x-requested-from
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.booking.com
date: Tue, 07 Nov 2023 00:31:21 GMT
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=300; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id: C8IPpwyIwYL9ArFrjfvdcRRWTwc4yDZE9sQxJG4IZ1OzbqN-6Gr8ow==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: f9992ad0-7d04-11ee-a541-77b8529edcda
x-xss-protection: 1; mode=block

OPTIONS
H2 204 internal-events
flights.booking.com/track/ 0
0 153ms
88ms Preflight 99.86.4.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-92.fra6.r.cloudfront.net

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-booking-affiliate-id,x-booking-label,x-booking-parent-request-id,x-booking-request-tree-id,x-booking-trace-meta,x-requested-from
Access-Control-Request-Method: POST
Origin: https://www.booking.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-booking-affiliate-id,x-booking-label,x-booking-parent-request-id,x-booking-request-tree-id,x-booking-trace-meta,x-requested-from
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.booking.com
date: Tue, 07 Nov 2023 00:31:21 GMT
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=300; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id: iFKLMYW0m8y9dfYBefj22HPNVnL0pYE-JoIFeVN29zpBhMQVdECd-Q==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: f9986780-7d04-11ee-98d7-81d185059c4a
x-xss-protection: 1; mode=block

GET
H2 200 header Show response
www.booking.com/attractions/api/ 15 KB
6 KB 151ms
150ms Fetch
application/json 18.245.60.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/attractions/api/header?label=confirmation_text&lang=en-us&aid=2097130&product=flights

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.eec36e8c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-7.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

18aea06158f07a81a42cca145479d34864cd2bdfd17f2d26d1a00d4f98d2037f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 00:31:21 GMT
strict-transport-security: max-age=300; includeSubDomains
content-encoding: gzip
x-content-options: nosniff
server: nginx
via: 1.1 b459d8cae3f218ce39711fc3ecdcc998.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.booking.com:* wss://*.booking.com:* cdn.cookielaw.org *.google-analytics.com *.onetrust.com; script-src 'self' 'unsafe-inline' *.booking.com:* *.bstatic.com cdn.cookielaw.org bat.bing.com googleads.g.doubleclick.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.onetrust.com; img-src * data:; style-src 'self' 'unsafe-inline' *.booking.com *.bstatic.com *.googleapis.com; font-src 'self' *.bstatic.com fonts.gstatic.com; frame-src 'self' *.booking.com; object-src 'none'; report-to default
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-cf-id: w0nEdCsnvIG1fv_ttGsoCGxjbkDpgeBHcfCU53sVDROdCcD_IntLig==
x-xss-protection: 1; mode=block

GET
H2 200 screens-Search.42acd5ff.chunk.js Show response
q-xx.bstatic.com/flights/web/static/js/ 926 KB
190 KB 29ms
29ms Script
application/javascript 2600:9000:2057:7600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/js/screens-Search.42acd5ff.chunk.js

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.eec36e8c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

23012e7fcf0bb64a70ec4047eef86707836427f2c5b2a159c171859920b4ed4b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:28:29 GMT
content-encoding: br
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA6-C1
age: 392571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Wed, 31 Jan 2024 10:42:26 GMT", rule-id="expire-static-assets"
last-modified: Thu, 02 Nov 2023 11:20:37 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:99c99d746d428bc1f46e3b75dad97cf5
etag: W/"99c99d746d428bc1f46e3b75dad97cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: ALfl51JSAO-7zfBwOCA2UczGXEEeHrbunkSroJ1mvYZzQBSuwcG4iQ==
expires: Sat, 02 Dec 2023 11:28:29 GMT

POST
H2 202 internal-events Show response
flights.booking.com/track/ 16 B
731 B 230ms
229ms Fetch
application/json 99.86.4.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.eec36e8c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-92.fra6.r.cloudfront.net

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="app"
x-booking-request-tree-id: 6549855866fbc4fd70c22b4584fc2772
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
x-booking-parent-request-id: 76690653-3e74-4191-9698-a574b07321b7
X-Booking-Label: confirmation_text
Content-Type: application/json
X-Requested-From: clientFetch
Referer: https://www.booking.com/
X-Booking-Affiliate-Id: 2097130

Response headers

date: Tue, 07 Nov 2023 00:31:21 GMT
strict-transport-security: max-age=300; includeSubDomains
x-content-type-options: nosniff
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: 6549855866fbc4fd70c22b4584fc2772
server: envoy
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
x-amz-cf-id: WAgmkct1T952HOG0yA31CeQ9_r6R25lDQPYYUyWUWgEdX7NwuvcppQ==

POST
H2 202 internal-events Show response
flights.booking.com/track/ 16 B
731 B 106ms
105ms Fetch
application/json 99.86.4.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.eec36e8c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-92.fra6.r.cloudfront.net

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="app"
x-booking-request-tree-id: 6549855866fbc4fd70c22b4584fc2772
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
x-booking-parent-request-id: 76690653-3e74-4191-9698-a574b07321b7
X-Booking-Label: confirmation_text
Content-Type: application/json
X-Requested-From: clientFetch
Referer: https://www.booking.com/
X-Booking-Affiliate-Id: 2097130

Response headers

date: Tue, 07 Nov 2023 00:31:21 GMT
strict-transport-security: max-age=300; includeSubDomains
x-content-type-options: nosniff
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: 6549855866fbc4fd70c22b4584fc2772
server: envoy
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
x-amz-cf-id: aVwcVqI_dt812dyrD7nDvMvxzPbdpEu7TuB924YevfONhZw8Fzb6AA==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 141ms
55ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 07 Nov 2023 00:31:20 GMT
last-modified: Fri, 20 Oct 2023 01:13:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F428C0AECFA4D5282B43E9301E4EFA9 Ref B: DUS30EDGE0713 Ref C: 2023-11-07T00:31:21Z
etag: "0125f9ff22da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13079

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/ 421 KB
101 KB 38ms
38ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee39d0cbc9e9cd88b7dac8ebca680b89e8879081f855152f21772c7834474437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 00:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: B7RJGeSCnZZuAb1NQkB81w==
age: 21399
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 103637
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:26:02 GMT
server: cloudflare
etag: 0x8DBB9A2763B37CA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 21d158e6-101e-007e-2a3b-eca9c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8221790f7c5c4dac-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/481216654/ 42 B
455 B 315ms
37ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/481216654/?random=1699317081163&cv=11&fst=1699315200000&bg=ffffff&guid=ON&async=1&gtm=45He3b60v843635506&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.html%3Faid%3D2097130%26label%3Dconfirmation_text%26sid%3Df7362ce1a5c109b2a172514dca933275%26adplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK%26adults%3D2%26cabinClass%3DECONOMY%26depart%3D2023-10-13%26destination%3DBUS%26from%3DCJN%26origin%3DCJN%26return%3D2023-10-14%26showLoader%3D1%26to%3DBUS%26type%3DROUNDTRIP%26&frm=0&tiba=Find%20cheap%20flights%20%26%20plane%20tickets%20%7C%20Booking.com&fmt=3&is_vtc=1&cid=CAQSGwDICaaN60wvDz-4GIHMWMtkBlwKMLvrXlcdIw&random=3577749949&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 00:31:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/481216654/ 42 B
108 B 317ms
37ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/481216654/?random=1699317081163&cv=11&fst=1699315200000&bg=ffffff&guid=ON&async=1&gtm=45He3b60v843635506&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.html%3Faid%3D2097130%26label%3Dconfirmation_text%26sid%3Df7362ce1a5c109b2a172514dca933275%26adplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK%26adults%3D2%26cabinClass%3DECONOMY%26depart%3D2023-10-13%26destination%3DBUS%26from%3DCJN%26origin%3DCJN%26return%3D2023-10-14%26showLoader%3D1%26to%3DBUS%26type%3DROUNDTRIP%26&frm=0&tiba=Find%20cheap%20flights%20%26%20plane%20tickets%20%7C%20Booking.com&fmt=3&is_vtc=1&cid=CAQSGwDICaaN60wvDz-4GIHMWMtkBlwKMLvrXlcdIw&random=3577749949&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 00:31:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1070314322/ 42 B
108 B 315ms
37ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070314322/?random=1699317081316&cv=11&fst=1699315200000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v882970024&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.html%3Faid%3D2097130%26label%3Dconfirmation_text%26sid%3Df7362ce1a5c109b2a172514dca933275%26adplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK%26adults%3D2%26cabinClass%3DECONOMY%26depart%3D2023-10-13%26destination%3DBUS%26from%3DCJN%26origin%3DCJN%26return%3D2023-10-14%26showLoader%3D1%26to%3DBUS%26type%3DROUNDTRIP%26&frm=0&tiba=Find%20cheap%20flights%20%26%20plane%20tickets%20%7C%20Booking.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNSM0DRlnogDQUpwNmB9Ltn9vdQpIAKg&random=1473599985&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 00:31:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1070314322/ 42 B
455 B 315ms
37ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070314322/?random=1699317081316&cv=11&fst=1699315200000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v882970024&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.html%3Faid%3D2097130%26label%3Dconfirmation_text%26sid%3Df7362ce1a5c109b2a172514dca933275%26adplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK%26adults%3D2%26cabinClass%3DECONOMY%26depart%3D2023-10-13%26destination%3DBUS%26from%3DCJN%26origin%3DCJN%26return%3D2023-10-14%26showLoader%3D1%26to%3DBUS%26type%3DROUNDTRIP%26&frm=0&tiba=Find%20cheap%20flights%20%26%20plane%20tickets%20%7C%20Booking.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNSM0DRlnogDQUpwNmB9Ltn9vdQpIAKg&random=1473599985&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 00:31:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/5960a206-455d-4495-8981-3d8a43c9b243/ 97 KB
21 KB 46ms
46ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/5960a206-455d-4495-8981-3d8a43c9b243/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ae7df13550245a7a053dbab8e787b2f2d228f74afb011ee9cbc25786906458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 00:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 45354
content-md5: vyvGITJ2OXZnLAIwI0So7Q==
content-length: 21581
x-ms-lease-status: unlocked
last-modified: Thu, 07 Sep 2023 11:45:47 GMT
server: cloudflare
etag: 0x8DBAF97F9F8610C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e71a08e7-c01e-006d-3a80-e18dc8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 822179103b6c39df-FRA
expires: Wed, 08 Nov 2023 00:31:21 GMT

GET
H2 204 15338614.js Show response
bat.bing.com/p/action/ 0
117 B 56ms
56ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15338614.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 07 Nov 2023 00:31:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F4894C3A6FEC412C842422FC28342D0C Ref B: DUS30EDGE0713 Ref C: 2023-11-07T00:31:21Z
x-cache: CONFIG_NOCACHE

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/ 13 KB
3 KB 33ms
33ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 00:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BHQvHegaR3S9THBo4PtGGQ==
age: 45843
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:25:55 GMT
server: cloudflare
etag: 0x8DBB9A272000203
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9232cc53-201e-0017-03b8-eb9088000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 822179119c4639df-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/ 21 KB
4 KB 34ms
34ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 00:31:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 74744
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:26:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 36c05d9f-701e-000a-3e46-ec9d34000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 822179119c4739df-FRA

POST
H2 200 et Show response
flights.booking.com/track/ 4 B
736 B 102ms
101ms Fetch
application/json 99.86.4.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/et

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.eec36e8c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-92.fra6.r.cloudfront.net

Software

envoy /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="app"
x-booking-request-tree-id: 6549855866fbc4fd70c22b4584fc2772
accept-language: de-DE,de;q=0.9
x-booking-parent-request-id: 76690653-3e74-4191-9698-a574b07321b7
X-Booking-Label: confirmation_text
Content-Type: application/json
X-Requested-From: clientFetch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Referer: https://www.booking.com/
X-Booking-Affiliate-Id: 2097130
X-Soylent-Email

Response headers

date: Tue, 07 Nov 2023 00:31:22 GMT
strict-transport-security: max-age=300; includeSubDomains
x-content-type-options: nosniff
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-length: 4
x-xss-protection: 1; mode=block
x-request-id: 6549855866fbc4fd70c22b4584fc2772
referrer-policy: no-referrer
server: envoy
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
x-amz-cf-id: ZfrQRynnjFmMe8Od14kpRWXoXOBnx02qaOsmtTDDlel68u7LswiZvQ==

OPTIONS
H2 204 et
flights.booking.com/track/ 0
0 78ms
77ms Preflight 99.86.4.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/et

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-92.fra6.r.cloudfront.net

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-booking-affiliate-id,x-booking-label,x-booking-parent-request-id,x-booking-request-tree-id,x-booking-trace-meta,x-requested-from,x-soylent-email
Access-Control-Request-Method: POST
Origin: https://www.booking.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-booking-affiliate-id,x-booking-label,x-booking-parent-request-id,x-booking-request-tree-id,x-booking-trace-meta,x-requested-from,x-soylent-email
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.booking.com
date: Tue, 07 Nov 2023 00:31:22 GMT
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=300; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id: Qt8xyA1NK03Wg36bnoFJOWgZ27Cusw7dPd3t-uGFEIjkC3N_hD5WfA==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: f9e30510-7d04-11ee-aca9-15dee8bec193
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.booking.com/flights	1970-01-21 01:37:57	Name: px_init Value: 0
.booking.com/	1970-01-20 16:03:23	Name: fasc Value: d37aa981-eb2a-4438-8c84-d13a19421cb2
.booking.com/	1970-01-21 00:47:33	Name: pc_payer_id Value: 952a02e0-4d12-4d9c-9781-d8ea2f9f765e
.booking.com/	1970-01-21 00:47:33	Name: fsc Value: s%3Afe42b5abc9e9e54f7869d880fa07b97d.LclbdL29mu24wzBmRsOEqIFaptIStShRDt4IbHJ0w0o
flights.booking.com/	1970-01-20 16:26:28	Name: fsc Value: s%3Afe42b5abc9e9e54f7869d880fa07b97d.LclbdL29mu24wzBmRsOEqIFaptIStShRDt4IbHJ0w0o
.booking.com/	1970-01-20 16:12:01	Name: pcm_consent Value: analytical%3Dfalse%26countryCode%3DDE%26consentId%3D8327c23a-486c-46db-b997-7bf7c81d7b87%26consentedAt%3D2023-11-07T00%3A31%3A19.496Z%26expiresAt%3D2024-05-05T00%3A31%3A19.496Z%26implicit%3Dtrue%26marketing%3Dfalse%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr
.booking.com/	1970-01-20 16:12:01	Name: bkng_sso_auth Value: CAIQsOnuTRpytHHHhlSkS/FoNAxTM918JoY0fQVabrkOy0O4LGVgIAp2axIbQWgTO9+WYpDTAxezj8BdvYnJ0FZuCZgvwIve37A4bbFKj60BLUIJamRwsyy/6oM/A5YDHs4Xbce2PVQyG1IQV2wz066Aq76TGq5b15+2
.booking.com/	1970-01-21 01:37:57	Name: px_init Value: 0
.booking.com/	1970-01-21 00:47:33	Name: _pxhd Value: QJ-NVAF3lbP5vkfuFE3ei%252FrKrPEW0bDHzBbcwuUMXOZnJl72XJFEC1LIE1hWD65ibvgPns7cObjp1nKt7K9PVg%253D%253D%253AeaM%252FVjUvbZtu2XI9Qq%252FSA08M2YB%252FrXvsXUKMEHvl37S%252Fl-1gE05DkkiYx5O9C6dptwvjlIAW%252FHRpOJQAks%252FRNuh5qseze-ezQSwuDqopt2s%253D
www.booking.com/	1970-01-20 16:26:28	Name: fsc Value: s%3Afe42b5abc9e9e54f7869d880fa07b97d.LclbdL29mu24wzBmRsOEqIFaptIStShRDt4IbHJ0w0o
.booking.com/	1970-01-20 18:11:33	Name: _gcl_au Value: 1.1.1466511993.1699317081
.doubleclick.net/	1970-01-20 16:01:57	Name: test_cookie Value: CheckForPermission
.booking.com/	1970-01-21 01:37:57	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5tbhaH2C26Bp694h1E9P9K88gyYKhqjUGjCbiWqRLHHX7LS6E34fqaXc4y3rSHCG0NdMDr0RhnLDX5yIR3Gy%2B5D6eJ8VR%2BCorPE7GdhgAE4L6Hs30%2B7KW7gc4yQTa6dyeWd0UjLfqR%2Fvybd7zC4r%2B2YhkRIKFOwa5Q%3D
.booking.com/	1970-01-20 16:03:23	Name: _uetsid Value: f9a04b707d0411eeb16c75166715e4d1
.booking.com/	1970-01-21 01:23:33	Name: _uetvid Value: f9a06a807d0411eeb436f5cf86a18ba5
.www.booking.com/	1970-01-20 20:21:09	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Nov+07+2023+01%3A31%3A21+GMT%2B0100+(Central+European+Standard+Time)&version=202308.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=7aabfdd8-3fcc-4d1f-8799-f707e2b9f722&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.html%3Faid%3D2097130%26label%3Dconfirmation_text%26sid%3Df7362ce1a5c109b2a172514dca933275%26adplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-1xKSioGxSM3R5m50OX5AMK%26adults%3D2%26cabinClass%3DECONOMY%26depart%3D2023-10-13%26destination%3DBUS%26from%3DCJN%26origin%3DCJN%26return%3D2023-10-14%26showLoader%3D1%26to%3DBUS%26type%3DROUNDTRIP%26&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.cookielaw.org
ch.booking.com
flights.booking.com
geolocation.onetrust.com
googleads.g.doubleclick.net
q-cf.bstatic.com
q-xx.bstatic.com
r-cf.bstatic.com
t-cf.bstatic.com
www.booking.com
www.google.com
www.google.de
www.googletagmanager.com
18.245.60.7
2600:9000:2057:7600:1c:d826:cd80:93a1
2600:9000:2251:9000:5:bf05:acc0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:82ec
2620:1ec:c11::200
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
52.222.214.6
99.86.4.92
020242bea9a6a90b2fbda2b284fa3b901bd3ee6cf9372fda3f4a3fe87f6e332b
08a6fbfec6e31832b727c4c5327046d3303b75c02badfbfb4ca78dccfdb8ccc3
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0ed37c039c511d40e23876bd20ff2c0b3d60a5c93e9614a426b819680f379e85
118bad82bb50fca373b9c10dc4233a9e630dd0ccc94503789da17064afa6db56
18aea06158f07a81a42cca145479d34864cd2bdfd17f2d26d1a00d4f98d2037f
18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5
1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23012e7fcf0bb64a70ec4047eef86707836427f2c5b2a159c171859920b4ed4b
39ae7df13550245a7a053dbab8e787b2f2d228f74afb011ee9cbc25786906458
3a726740277bf3b9712fe9ab756ec2135f6ebac9b86ac0731cd2b5919e77e798
46f08b96eeed662a9563239b6626703ac471c90c3109bf9be61993e48b966161
47b58f0909cae06bc80a8d79e50758d188832800d541c7285a8bd72f3b23a0c2
4ef2c8eb00729d025d4d7f79294105c7cea7eddb4063d7c1bc5accf226d03199
5147eef02a949fda1f4f2d0335ee29d0e75670de519caec953316d38d2fd03e4
54370e8f589fef00fbdc853c168f40c1955c478a26c2f464f76f927951f9ffb4
5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42
5cbf41c1d2cdac0aace6b9464c581ed8a6c3ca2c29d160ce019b300f3a22d662
633bbf612c7c75e8ba07b9875ad3ae7526c363d17831a8c9d726a31ea494d2e9
6a9733056e9719d1d51f24413bb8cb621b8a2b0ce8e6331e4b006fc150566344
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
6f8527d9408a651f17cf4de43262a6fa2927ab2af6ca98641828793af062f118
70e549f73c03f059751c1267636d37539205c5a6926d07c171bf7e6b098e9362
803b7d5969a6218e56c9b8be3d92f4f5bb4226a8cc88b5e8e4162665c441c9c5
807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd
842abe871ed778a7e63a64c7157f6e6ac56cf548998731811ff10130efdd1592
8561e200a6a57195e480ed9d893b14579ef6acdeabfbb3fe22b5e4ec9b84b455
a333d02eedde7a4dd8643d58b0ea7947268a1762f35f517eb6000ec9e7fcfae8
b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974
b351283674b0d43f5353319877686a7d2070173809ba5e2dcd29f2b96e261667
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bfbe1a9cc8a14086aafa1c4b0836ec64dc12eb522a419e6600190033aff686e0
c32aeb0263e4789793d66462178e6933a2c427fabc14593d97f10ea2d558f48e
c609173350bc2faad9cb51dba45207528219ce5fd436238237c62babc7ebac2b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
da4d6cbe029e66af0b914d74b4058756451fda4f79b4e7b85c0ebf4f0e74cfb2
df00734b7eccb4c7293946d4981a936d6e419d8309df52a38495dafcf2e89c28
e1117bd0c871b65190e19381e2856bb55fab15b957b14e6cce36ed3c3c384908
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e427436ed0ce834394870c251e79702d7d43ade320c43f6a78d800dad2bec3dc
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ee39d0cbc9e9cd88b7dac8ebca680b89e8879081f855152f21772c7834474437
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b37393f2c075b901968f72e63b4057dbd6f1b0e48acba372529b13faa3dc6a
fdcb2e29bce68a68f34d6143a54b4a6db16e49dab91c7fe6e068c783e0864f11

www.booking.com Open in urlscan Pro 18.245.60.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

75 %IPv6

9 Domains

14 Subdomains

11 IPs

2 Countries

1136 kBTransfer

4678 kBSize

16 Cookies

23 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.booking.com Open in urlscan Pro
18.245.60.7 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

14
Subdomains

11
IPs

2
Countries

1136 kB
Transfer

4678 kB
Size

16
Cookies

54 HTTP transactions
0 data transactions