Report - air.bnb-id3204.com/payment/192308145/payment

Report Overview

Submitted URL
air.bnb-id3204.com/payment/192308145/payment_confirmation
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 17:50:53
Access
public
Website Title
Booking.com | Official site | The best hotels, flights, car rentals & accommodations
Final URL
www.booking.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
accounts.google.com	81	1997-09-15	2016-03-20	2024-04-16	1.4 kB	231 kB	108.177.14.84
q-xx.bstatic.com	17256	2009-04-24	2018-03-07	2024-04-12	16 kB	1.1 MB	143.204.55.112
geolocation.onetrust.com	802	2004-01-12	2018-02-07	2024-04-16	475 B	468 B	104.18.32.137
account.booking.com	22920	1998-04-17	2018-07-12	2024-04-15	2.6 kB	10 kB	54.230.111.34
accommodations.booking.com	228032	1998-04-17	2019-04-09	2024-04-12	4.6 kB	11 kB	54.230.111.123
www.booking.com	10220	1998-04-17	2013-09-01	2024-02-28	38 kB	633 kB	54.230.111.57
air.bnb-id3204.com	unknown	unknown	No data	No data	759 B	145 kB	188.114.96.1
t-cf.bstatic.com	20707	2009-04-24	2022-12-04	2024-04-09	2.6 kB	146 kB	143.204.55.112
privacyportal-eu.onetrust.com	7191	2004-01-12	2018-06-05	2024-04-13	1.1 kB	18 kB	104.18.32.137
booking.com	3556	1998-04-17	2012-06-26	2024-04-11	506 B	607 kB	54.230.111.57
cf.bstatic.com	19256	2009-04-24	2020-10-08	2024-04-12	72 kB	11 MB	143.204.55.112
cdn.cookielaw.org	502	2011-06-20	2013-12-28	2024-04-16	3.3 kB	205 kB	104.19.177.52
r-xx.bstatic.com	56174	2009-04-24	2018-03-08	2024-04-14	16 kB	757 kB	143.204.55.112

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	air.bnb-id3204.com/payment/192308145/payment_confirmation	Airbnb, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	bnb-id3204.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (102)

	URL	Size	First Seen	Last Seen
	cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff0aa81.js	95 B	2023-03-07	2024-04-29
Pretty URL cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff0aa81.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:30 Last Seen2024-04-29 18:06:13 Times Seen366 Hash 335be8900580e9c3875dba57334294ae a86597d2ddfa410df13bceca86fdf9a2291fe798 8a882fd19a15567e53a5c3c08d22cdab714fa87734ed92d854c4e8fdf3940b1f Loading...

	cf.bstatic.com/psb/capla/static/js/d9560671.5c8217f2.chunk.js	221 kB	2024-04-13	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/d9560671.5c8217f2.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:03 Last Seen2024-04-16 19:58:17 Times Seen21 Hash a1b0c4116f3cee9d0fe211cc73d499fe 83e60173e4366765518fe3f8a6c1da477b40def6 ed26f55485733699a5edb850c534030150a1700bdcbbe2f60e60b4fc66f875a6 Loading...

	www.booking.com/	6.0 kB	2023-11-09	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-09 09:51:19 Last Seen2024-04-29 18:06:12 Times Seen112 Hash d94d61aaac9ab2e1bff1984516f34477 2233fd76a0d6861d390fb7e026565811c306b17f 31a9ef21ba5491689158944561b48f34ce0d91eca60c1dfb3f30a5a42afa59e9 Loading...

	www.booking.com/	481 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:12 Times Seen212 Hash 70dee752a0099bd134e1d01e1aea3ad0 514f4bad59305b9280d56c667af5744359c837d9 9b22645fc800a173a1cca8b031f1444683adecfb805d238b2993b86b055be710 Loading...

	cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js	458 kB	2024-04-05	2024-04-29
Pretty URL cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js IP 104.19.177.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-05 18:56:44 Last Seen2024-04-29 18:06:13 Times Seen109 Hash fa5c95d8306a66b4eb13eef3a634f8e1 534157a808dc08f7cabfbd36967566f03dbabf3d 7e90effe2c4b60df553e50c5e65bcf113ad7a2ddf3d5e7a594f2b8a9ccfd4523 Loading...

	www.booking.com/	155 B	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 27bed117db4347387f8cf9ba7cbe8115 2434e5cd660967effcdba2da973b01b8e3e8a5bd 0b8530e45a1953a5ada4f1a06b873feb3ebbcb4d5bef3e88621475153c026235 Loading...

	www.booking.com/	387 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:12 Times Seen199 Hash ffe3c1dc0c9a87672bba94d924f46cc6 33b6b334d83b40cbb839ea8efec5b82d2817599c 196b1c0b2d9e70b76d099a995e1afcb7b52c02c1aa5a8528c1a31aa5a1b74f71 Loading...

	www.booking.com/	175 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:30 Last Seen2024-04-29 18:06:12 Times Seen204 Hash 1fe6a7a5b8e7273ac9bbcb045546e36e 521c84b6d8111b26ad0d30a866320f8306df56e0 e189c604ef635d80d54f752f597dad99d7381a9807a28c4fe8843a23046681dd Loading...

	www.booking.com/	149 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:30 Last Seen2024-04-29 18:06:12 Times Seen212 Hash fc13ade3e0da9651b757b37df36dbd90 ad08d49633701f7197826befdde348634b1b29d4 b22912e47ea429dda35eee8ec803c60ac8ba34a7da69225b18fd4035089ba173 Loading...

	www.booking.com/	115 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:12 Times Seen212 Hash 429d99a5cdbb08061c7aff9c682d56d1 f90a1b6aa0db6604e5a27694597ce5b42bf9fe2a df1cdc7a610750aaa33456d294bd11ff1a6690ca32d70223fc6afa845c1e8755 Loading...

	cf.bstatic.com/libs/privacy-consent/releases/2.1.54/customer/cookie-banner.min.js	12 kB	2024-03-18	2024-04-26
Pretty URL cf.bstatic.com/libs/privacy-consent/releases/2.1.54/customer/cookie-banner.min.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-18 10:01:04 Last Seen2024-04-26 10:26:14 Times Seen65 Hash d6b9ab496a18e87f581c766e6529293d 38d452ceed7161e97c51b5fd5df73712f73d6c54 2625e54668c91ff7e2afdc3284790a21391ba240580a9f872817a76fee719b4f Loading...

	www.booking.com/	109 B	2023-03-08	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:10:51 Last Seen2024-04-29 18:06:12 Times Seen123 Hash 7eddd0ab5701c940f8cbdeb5841618e0 9d01ff0fd3d4dc07a43e9ed78b5f6f2c823303e8 fa0780152c165db5faa3e5709f6fdfc224249bea5483480985d8aba30abac2fe Loading...

	www.booking.com/	51 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:12 Times Seen193 Hash dcc10ea2f1b12a213ad1c57a13bedf25 c7a811bd020a85709d36b748c1e95100b2076c85 7244fa861399d5527562b743c979cf7a32c6fb94751ddf0736eefae79452b79b Loading...

	www.booking.com/	42 kB	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 95ae32ab86718c18246e895c950af43a d27bf43ae04d730a650e7e034922265500c344c7 965e83bf66c74e744a25dbac85c1daff6fcf78c0b9e0b6ffa8aecef0df9f9417 Loading...

	cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/9fc72199a3b8ae2b967821deb6fa10d92ce308fc.js	50 kB	2024-04-11	2024-04-29
Pretty URL cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/9fc72199a3b8ae2b967821deb6fa10d92ce308fc.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 06:11:29 Last Seen2024-04-29 18:06:12 Times Seen41 Hash baaf830fc576fc456cb3f518bc0e613a cbb3953efe9cf21b230b3c8e6e82da4d9d812780 8b780007215b807c49fdce4fb746ab9471b070011bf0c9b23d7db718185d9914 Loading...

	www.booking.com/	85 kB	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 412298633a70320acbc611cffb37997f e392873c7499f82a8a8fac22cee49c6468934a6e 6bd8c353b058a48027f7d8d7effb7592791ac7aae97e0a144fc94926b3a612f4 Loading...

	www.booking.com/	22 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:12 Times Seen219 Hash ccdb2571d2b93d7ba8fde60c10c18d60 5100679991b6a213d69c0372a78906b561cef281 9c0130128c7c780485532218e47bba99bab78baca8e716065a17aed3d42868f1 Loading...

	cf.bstatic.com/psb/capla/static/js/remoteEntry.f0866eea.client.js	20 kB	2023-12-23	2024-04-29
Pretty URL cf.bstatic.com/psb/capla/static/js/remoteEntry.f0866eea.client.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-23 17:35:15 Last Seen2024-04-29 18:06:15 Times Seen134 Hash d78c34e2dbec204465921f484c1997f8 b6b0d1ae5df66c0637284827222b757adb98c237 07b50ac877934b1ce0bd68c040f83bae04efb2db4e19b60681cdf4f367dcb2e0 Loading...

	cf.bstatic.com/psb/capla/static/js/88dc35d3.63c0e77e.chunk.js	19 kB	2024-04-07	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/88dc35d3.63c0e77e.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-07 05:49:10 Last Seen2024-04-16 19:58:20 Times Seen25 Hash 943f30d7cc8dd26953a13420ded99374 fe87df4a7d1d1628ab9bfa0235ee45a1063b007f f5b05fbd84b38bdad7540faf458a11721ff95976bd3477a786f585cce148358c Loading...

	cf.bstatic.com/psb/capla/static/js/remoteEntry.e35d0cc2.client.js	25 kB	2024-04-13	2024-04-29
Pretty URL cf.bstatic.com/psb/capla/static/js/remoteEntry.e35d0cc2.client.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:02 Last Seen2024-04-29 09:36:54 Times Seen44 Hash f9437e93baac18c73da482980b072728 dfd41d06b9418eef3f50fbafed5ce42bda434807 c49aba6f23d44e3f3270ca8729a5789f424b4f0d1c4c12f0d42098fcd3b73d23 Loading...

	www.booking.com/	718 B	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash b5c413aaff5ea261663847277cc8f51a 78be6805edfd930cbf124aed01702503153afc0e 1f116d8b136d56071a8e3eec3f9c70375604a850fbdd664cba9887be9dc50a06 Loading...

	www.booking.com/	4.7 kB	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 4a73f389aafec9733eef0adb42363620 963e5a3df6e6258013e129bb68a3beb63193bcbc e130d1a83c496c8942fa9fe734ddc26ae4fa06201e26c564824e1d769ffeab63 Loading...

	www.booking.com/	32 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:12 Times Seen193 Hash 54bd9910b0f2a55bee4865759101d0f1 167671b4506f7a290f7cf3a6c51cfb5943c75ba5 c5a31b9f1ab67af94b5802fb4eb26034ed0477ce75b1c7557cbeb2ddb924fdbb Loading...

	cf.bstatic.com/psb/capla/static/js/ace575b5.f3f69686.chunk.js	220 kB	2024-04-07	2024-04-29
Pretty URL cf.bstatic.com/psb/capla/static/js/ace575b5.f3f69686.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-07 05:49:07 Last Seen2024-04-29 18:06:15 Times Seen54 Hash f3385bf6f79f8c5882899b6b23f62355 3add774b8058dde10d0dc2e888de981db4707d95 c4fb6c41f7ea1ce23ac9c92581a8a76248d4664f10a65bc5bbe0e12e5ec0cbf2 Loading...

	www.booking.com/	111 B	2023-03-26	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 07:08:44 Last Seen2024-04-29 18:06:12 Times Seen106 Hash 2298f6df13b640152dea8adc5b20e30e 26bb4de48dec9fba66edc0e1337af27d9e08751a caab2d2f97590b1ebf262da95c5857384ef28b89dc9b4c2978a1ea3848aae025 Loading...

	www.booking.com/	465 B	2023-03-26	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 07:08:44 Last Seen2024-04-29 18:06:12 Times Seen107 Hash f7927142ca5b262a9ba7c55913591f3d f8f0c197b5b8daf3952c932cc85795b49db075a7 fa5b9c2d304120232f70077d4c4ea0219c9ab73531c8cf0cae1fdedf4be9b37f Loading...

	www.booking.com/	122 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:30 Last Seen2024-04-29 18:06:12 Times Seen203 Hash f89cac2b8fd0b6277068da67ff82641c ddf1d45c77ed4c663ec00d2b84139b208bec8897 db41bfbd53bc0c0593330afe275e79d96bf1ea80d17bdc525694db0819a7310d Loading...

	www.booking.com/	141 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:12 Times Seen205 Hash 1db86a8b28591b8c08f1d4ef14771218 3c73a26c55a43bcdb0f05b2ed15306c4f9851d84 7951b14c8f408df3bd00aa71eaa313d5468adc3d4e207472e9239c5f957fa590 Loading...

	www.booking.com/	779 B	2023-08-16	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-16 15:36:54 Last Seen2024-04-29 18:06:12 Times Seen126 Hash 4b8dbde331c64e81893943799e8ac5a8 2efbb44241a2728115429c7b1fb851b077671541 c1f5387d8f8cf23ad2bb62ca02fb1bbbbac5d530bcf8977cf1d7af051df7994b Loading...

	cf.bstatic.com/psb/capla/static/js/4a89d2db.6c0ec4b3.chunk.js	375 B	2023-12-10	2024-04-29
Pretty URL cf.bstatic.com/psb/capla/static/js/4a89d2db.6c0ec4b3.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-10 18:17:18 Last Seen2024-04-29 18:06:13 Times Seen140 Hash 71d148d7e362a60e9a0c56222e4c1c42 efa6833affafa5ee32cc538c0ee386673c92d169 eefd6838a88ff46efd00a91c0c63f124352bac2d328f583e87cafe87056aad31 Loading...

	cf.bstatic.com/psb/capla/static/js/0d919837.cfd9901d.chunk.js	556 kB	2024-04-15	2024-04-29
Pretty URL cf.bstatic.com/psb/capla/static/js/0d919837.cfd9901d.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 06:33:33 Last Seen2024-04-29 09:36:54 Times Seen29 Hash c9a4cea0fba910b2a98fead6f6282970 5f50effc78ed78734880b0b9e632e25c59a81026 5b34100dda1a93aa7549bde423e0daff008fbf2a748cd5fc7ec0495013839501 Loading...

	www.booking.com/	30 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:12 Times Seen191 Hash 11d548ae8488da5bbd209a11abd1e043 ac59ae4d634f1d975a2c93f2e03b1e94034ddd44 cab245482a2c6ef628c24e8b7c916ae2590a9897c14567fbadf70c3d8332f91e Loading...

	www.booking.com/	109 B	2023-03-08	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:10:51 Last Seen2024-04-29 18:06:12 Times Seen122 Hash f5903c9e2f710f6c6930f12405335523 f9bf32887d11c2d233f00e3c19db362b265c7a1a 53eb979543297d77c011695875920f7781745c1c90ff408ff6ab782ccba3070b Loading...

	cf.bstatic.com/psb/capla/static/js/client.8e4324b2.js	1.1 MB	2024-04-13	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/client.8e4324b2.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:04 Last Seen2024-04-16 19:58:17 Times Seen14 Hash 2f6cb0d0621ef907df15cfca8fd8ac76 a64645028f2ad93723cf945adc57b64f3b08a107 6c5ca2eb760128c2436292f942ef46ad6cb0b309f649afb8d01142030a3f7caa Loading...

	www.booking.com/	260 B	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 8ea86a4867459869a3f0b76bb3d73895 e58490700570ebf143ebbd6c6ad6f59c924907af c8cc5f464aef31b387a02d92fd5fa52ff9576381bf5892615be8ef84023bc7f3 Loading...

	www.booking.com/	239 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:30 Last Seen2024-04-29 18:06:13 Times Seen211 Hash 6dd75624ec49ae315fe7a85a6bca525d cb8f556abe1f615e0b5a1a3a1e2804a39259f69d 14a1042147311c561e11e437b9ebda2eaf5f1acbf9f462764d67d49e22a53407 Loading...

	cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js	9.8 kB	2024-04-11	2024-04-29
Pretty URL cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js IP 104.19.177.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 06:11:31 Last Seen2024-04-29 18:06:13 Times Seen55 Hash df2b513603c3c4aedbd7366aa07309b1 fcc212f92202477f31e4b2c796a65409de1a2bc2 433a9b7ed2172aa877cc638cbe2583eaef8af74a9d30e26d0bd9dbd05e0a364e Loading...

	www.booking.com/	12 kB	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 1fb16e5ebca4af858fd146ebd449cf67 fb01922eef91dec2823f0880ac25ebddc9f8d203 c35e73c982f68df5a147097357272e6cad05fdcf109ff5a03fa85b7498f3e3f7 Loading...

	cf.bstatic.com/psb/capla/static/js/c8637181.d5f32ef5.chunk.js	46 kB	2024-04-13	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/c8637181.d5f32ef5.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:04 Last Seen2024-04-16 19:58:18 Times Seen20 Hash d809790bd2c94f46d3430d29750e4f20 b3561d9ea1a880f3f3f2d1ab77d4d3848adb2ac2 113f23ffb623b6d1dac78a8c9a5a273621b47a379dacb8c7c757093f65f0052a Loading...

	www.booking.com/	451 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:57 Last Seen2024-04-29 18:06:13 Times Seen215 Hash 45bb23d34f92a49fe3c30762e6c6bb42 009420df1a15573589cf3510d276e7c49d93d997 f08e8e66600aaedd27410550c1d237709bc91222f604962127b42705e4a22e3f Loading...

	www.booking.com/	1.0 kB	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 876d9356b924be9b2214cfe986fab5b5 8bebd90fc86baca7a2719ef9f9e20ba6b8fb1dfe 5a66cd5ee132bfdbf076d94819a02400e6fe210963a0156665841330a4cc445d Loading...

	cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/77204d4da4aa41b08b1a4062c8e66e4629550994.js	5.6 kB	2023-03-07	2024-04-29
Pretty URL cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/77204d4da4aa41b08b1a4062c8e66e4629550994.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:12 Times Seen276 Hash 023fd7251563f3d53a56e92130146dcc 0e8228ea58a086a73e3fcd8e914b5759affe5e7a 994ec33de4b9253b6abbf26965dafb40c822e0b333e334456be7ff2a6fa638fe Loading...

	cf.bstatic.com/psb/capla/static/js/782ad794.9ef2b884.chunk.js	886 kB	2024-03-31	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/782ad794.9ef2b884.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-31 05:40:31 Last Seen2024-04-16 19:58:20 Times Seen41 Hash c68b080c6a3e2c34a72f5fba4e317922 946787767c852380e81f795e03d3f352faac23e6 2b04761641f16d28378ecb6f38e832b8918c5167d32b4419bef5a8eecdd895df Loading...

	cf.bstatic.com/psb/capla/static/js/remoteEntry.431ad6f4.client.js	20 kB	2024-04-07	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/remoteEntry.431ad6f4.client.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-07 05:49:09 Last Seen2024-04-16 19:58:20 Times Seen28 Hash 526e1b9efddd7dcdef6e271cf5d6624f beb0e2c57ae7150cfb974b906eb6ab20e66583a9 bd52b1be26a4cdde7b71680d0afeea64041b894da3ffe0e4ef4812154336c0f5 Loading...

	www.booking.com/	247 B	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash cbb6a3e39070ccd8159c832baebbcff7 79d967d7ffc8a84a7e1c56119b402bd207140769 632df508716bb6ab2679815ac1735dead7511ddbf940e597a2056e74ead18116 Loading...

	cf.bstatic.com/psb/capla/static/js/59306dc3.201acd28.chunk.js	191 kB	2024-04-13	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/59306dc3.201acd28.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:02 Last Seen2024-04-16 19:58:20 Times Seen22 Hash 44d281c621d3299632d2b3f3df9594ed 907a8d1ed3e14d72b4d2d380d05a8332cf04a717 c0cba5fcd1784070bf9fd139f487dcef8db12aff7a43f2d43ede6baa83761ea1 Loading...

	www.booking.com/	454 B	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash d931c678719d19bb82d45faad1238c1c f4748313f7762e74eabd20b8a7528a41295ed87c aa9098eac6b2621a9c2f69179c6d8662504077a5029ba695ccad2f6a39837aa2 Loading...

	cf.bstatic.com/psb/capla/static/js/3c29a897.18d442f5.chunk.js	29 kB	2024-04-07	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/3c29a897.18d442f5.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-07 05:49:09 Last Seen2024-04-16 19:58:20 Times Seen26 Hash 0b633dfa4929ccab601b08cd99ab80d4 cfeecc703a1f52cb92fe0e85d83890eda68f2353 4343465275e5d96e313edf03daabe845d2eb9bd2e7d356c5fe010cc128886d88 Loading...

	www.booking.com/	10 kB	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 6bbc7c6240efd8c4a4fb837e0835ed9f 0710813ecb91c481dc0c609779d99245b8ed86e1 e9e94c5eef53a2d9748aaaad3477c62f175e8244f0d2be40e34fb4710a8789b4 Loading...

	cf.bstatic.com/static/js/raf_cloudfront_sd/7f16a33b470011b4f1df4034c745259154f9eb0a.js	128 kB	2024-03-25	2024-04-19
Pretty URL cf.bstatic.com/static/js/raf_cloudfront_sd/7f16a33b470011b4f1df4034c745259154f9eb0a.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-25 04:39:55 Last Seen2024-04-19 06:25:43 Times Seen58 Hash 5f94c2d77933770809d34204e29968bb c47d9beb9246cf25c3ca30efea36cf023912dfea 44d0910c2f26e0116a02abefdf36a0275e6ff315a4ced14df8e69cb3177bd6b9 Loading...

	www.booking.com/	109 B	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 1ad62849331f54d00f21320c5cea03c0 e7ed51953431351ecfb981262972974bd5c5db7f 8a97c338c50418a3e16bc4ac18af567da41c1cfde234cddefdef86e6a48fcaea Loading...

	cf.bstatic.com/psb/capla/static/js/6758081d.ab2a4c1c.chunk.js	1.5 kB	2024-03-31	2024-04-29
Pretty URL cf.bstatic.com/psb/capla/static/js/6758081d.ab2a4c1c.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-31 05:40:33 Last Seen2024-04-29 18:06:12 Times Seen36 Hash e9dc307f20d8d6f88a02a01a0616effb 4f3e78bef060c9930e2d31007c069b29a6523388 3aa974cd94c32eaabdbb237ebd408b176149fdd23d152322dfb7bff37f518e14 Loading...

	cf.bstatic.com/psb/capla/static/js/remoteEntry.9bfbf3e3.client.js	29 kB	2024-03-25	2024-04-18
Pretty URL cf.bstatic.com/psb/capla/static/js/remoteEntry.9bfbf3e3.client.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-25 04:39:53 Last Seen2024-04-18 07:29:30 Times Seen47 Hash f6db6a3215273163bd23a83f34945773 ca7ad6bd2effd5a81047e0576c3343e1805774c8 6a30bf63e040480b19b17c137aa6af5d73dd1d94470e82e9a2b63c0a1b6f31a7 Loading...

	www.booking.com/	194 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen204 Hash 736caf2d587bdae506bca0cb4b3522d3 7ba0f46b7176a82eddeec0bbfa2a5082447e2028 55c5923b9ba8e0b27a093ed7dc6da982e7f532a1860a2be0b3ce5d63bc1325b6 Loading...

	www.booking.com/	39 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen210 Hash 1b1b63c49a7fb4a2406835fc65f6ed45 c741b976b0984b0d0c59335cdc86c2da2f1b606a 0740f283e8f08730af2395d3c19a616e04088e02bb4ae5dcb364693307632bf2 Loading...

	www.booking.com/	325 B	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 7a37d5c4e5a825bdf7efa683b8559c2b 764c74df3921260099b51ef5d3a5dd3419a895a2 6c15f7184ab035909883a53bcb06eb6be177589670e19bbe3b4ea3dd1b5ecedc Loading...

	www.booking.com/	7.1 kB	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash fb0d70cb3387a68bdd1ab9d24197c258 95ff959411cf734a2d315ff1d8a6e8426633dcd6 ebfe26066629b52929b23d8b775a6fdde7643ce801f20b01cfba65facc86798c Loading...

	www.booking.com/	3.7 kB	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 76efc15c4390fda6ad5e97a0e6e2aaae f89350c2b26cebac1a03cfd4a1f28d814e2ae2f3 7b49cb09ab9292b8756fd2c200e23a33ea015573aeef33125a9ac4aa46a0c9b3 Loading...

	cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/0acd2ada6c74d5dec978a04ea837952bdf050cd2.js	6.2 kB	2023-03-12	2024-04-29
Pretty URL cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/0acd2ada6c74d5dec978a04ea837952bdf050cd2.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:29:26 Last Seen2024-04-29 18:06:12 Times Seen356 Hash 1e32438142fcd82e3c2aea1ec4900c2e 70f7f4732872c739c76969d77fe36d1d53333950 c3f06cf6ded52069a79551343aca5f2269a048cedb9fbacd3cfff7136980659c Loading...

	cf.bstatic.com/psb/capla/static/js/63bff8e9.45a58914.chunk.js	146 kB	2024-04-11	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/63bff8e9.45a58914.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 06:11:29 Last Seen2024-04-16 19:58:19 Times Seen25 Hash 6d7854f8e16730f042b590a8aa2fd8ad 115700ae8ec7d21dbe528fc093e0f963851d8b5a 97f24b0148eaa706de7c9347f3318f05673743b2e4e1059392b5988caf9d9067 Loading...

	www.booking.com/	618 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen209 Hash d6afbd04bcddc38c65b9186e61a9a4d2 2fe03ae1a9a3a79c5bda917dbc568ebf9d0f9058 dfd0f630c74a3d76487ad90c72785700dd8eab8d6c84af01f344db2cf0d2e57f Loading...

	cf.bstatic.com/static/js/index_cloudfront_sd/5209e63d7382e58bb460e3d4ed665e5a0d34479f.js	24 kB	2024-03-10	2024-04-19
Pretty URL cf.bstatic.com/static/js/index_cloudfront_sd/5209e63d7382e58bb460e3d4ed665e5a0d34479f.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-10 13:42:12 Last Seen2024-04-19 06:25:41 Times Seen61 Hash 29c39d9aab2e18068e29d75c062f0a71 c3b754794b158d7aec26b55aa8f75de786fe1747 d1917c930b1d85f73fb2e889ad9664980b76d07260527753622a040b1ea48e0a Loading...

	www.booking.com/	644 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen209 Hash 5c0d8c5ee3769a9e9bdfb64239f29379 df9b5ade4fa42c7b75ec6946e478ad03b51ca77e 600675a6871a5a46f01e75796a38e0deade04564688b072bc4dd200bdf561a7b Loading...

	cf.bstatic.com/psb/capla/static/js/51ee1383.6c7ab1e9.chunk.js	26 kB	2024-03-25	2024-04-18
Pretty URL cf.bstatic.com/psb/capla/static/js/51ee1383.6c7ab1e9.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-25 04:39:54 Last Seen2024-04-18 07:29:31 Times Seen55 Hash 81d8b730dc8b63b677e2e2f1ba62dc38 2d05257b39a9b2b048f5031d4074baf8f59d5771 55319bfbc387c0fe5d806968e88c39e22c9433a6ecb4b9f9c05fbf9d447c1309 Loading...

	www.booking.com/	696 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen210 Hash a9255a5db27aac440e941cdacae475b0 6f1306857426dac0f4b2d521c9cc0430a529a9a0 fbe0a70bd3dcdd6cfd0bb4b1e4427d9b1e03f7e44cdb3152b252e39e8f104b42 Loading...

	www.booking.com/	785 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen209 Hash b05c6ee6d52bf91c9f927568a0e6b723 6f067f4ae6b571c9818182824f29a429da4509fd 0c7b9dffa63c17bc614a462a05a6733eb7de28dd602a282ec6753187835f8395 Loading...

	www.booking.com/	5.9 kB	2023-03-08	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 04:53:42 Last Seen2024-04-29 18:06:13 Times Seen209 Hash 248bf43fc6de0334184f99ad266f8f48 e31a2ac84db31d448ed6335be054dfe97ab92b3b d0e0ce2c8adbc3a5a7cac7be27ca7af30b916d5b1bf48b32ac012fdf3ea0db72 Loading...

	cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js	105 kB	2023-03-07	2024-04-29
Pretty URL cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:30 Last Seen2024-04-29 18:06:15 Times Seen404 Hash 1a16f971ed98c047c8fa288987383922 04200a6f3b25cdfa04551f635d025fc64743b4ff 5ad7526d50b7586ddfaee62b3fc95e71207136dc08f6a2b7ffd671ded73fab83 Loading...

	www.booking.com/	2.2 kB	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen210 Hash 8fbcfc88c2676ab318815a69967692b2 5edf5cc7394383af1ad2ce37c188f2579f0f9ad7 80a15c1cefe190870a607bac76d156c97613b1cbd9cc98c5fb745a3c5a62c1c7 Loading...

	cf.bstatic.com/psb/capla/static/js/remoteEntry.e6606aa1.client.js	19 kB	2024-04-16	2024-04-19
Pretty URL cf.bstatic.com/psb/capla/static/js/remoteEntry.e6606aa1.client.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 19:46:35 Last Seen2024-04-19 06:25:38 Times Seen17 Hash 376c9c9a97b72230330657bfd551528c b9b21ed30fa86f9a5b5880df7e752424eb4a5103 06a75593a4d5c1a79d1b4e9effb5e2a3684023613266889682c2ce6871510df1 Loading...

	www.booking.com/	1.7 kB	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen210 Hash 64131044627a7bfe6ba00bbe48980c0a 430b4ac944dfdcb4beedcd53b1862d4a5a08c847 57ea95f6e66f2045af819e3edbf4de06d31d6da4550338203ff27f671aef23d0 Loading...

	cf.bstatic.com/psb/capla/static/js/0d073a5f.c1d66f4e.chunk.js	27 kB	2024-04-13	2024-04-29
Pretty URL cf.bstatic.com/psb/capla/static/js/0d073a5f.c1d66f4e.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:03 Last Seen2024-04-29 18:06:15 Times Seen50 Hash a0925d92c4c9528c77ba1b4a91e95e34 924aa09c45f6d4ef533466811e8091c0e90657d9 92980af4abdd1e58020de1762b9e2f035c730ccf846383bd44e80b66095461de Loading...

	cf.bstatic.com/psb/capla/static/js/8067d7e4.109fb194.chunk.js	38 kB	2024-04-16	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/8067d7e4.109fb194.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 19:46:35 Last Seen2024-04-16 19:58:20 Times Seen8 Hash f7e72b88387d5189f4019a53507ac8d4 54bf7a1014f295a22052e1fc75444857b65cb753 54a0eae39f16b8c2936ea1394754356469fe50e78b59771c2f71ca0cc9c4b2d0 Loading...

	cf.bstatic.com/psb/capla/static/js/dc32f6b7.809da5b4.chunk.js	215 kB	2024-03-25	2024-04-18
Pretty URL cf.bstatic.com/psb/capla/static/js/dc32f6b7.809da5b4.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-25 04:39:54 Last Seen2024-04-18 07:29:31 Times Seen51 Hash 642392a8dcfeae50fa26900d133d055a c6a71d7ec53da5a8527239a718f541c4e9978af8 f44e7eecc3e9f06cc5708b1a48dd5d699287d18c09f0465f6344d6860e3549b2 Loading...

	www.booking.com/	1.3 kB	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen208 Hash e033d32454a10f698160a3e8b9cc1e5f 052ff148982ba1129f703778ad97db9d5e82bcab 5c8d155e9c859228b9a1dca0b9adcd79ec4bbab5f80d0c371fd770cda7c6ac87 Loading...

	cf.bstatic.com/static/js/genius_vip_cloudfront_sd/aae975495cc56436f4f59463b9ea4e594bdb102a.js	3.4 kB	2023-11-06	2024-04-29
Pretty URL cf.bstatic.com/static/js/genius_vip_cloudfront_sd/aae975495cc56436f4f59463b9ea4e594bdb102a.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-06 06:25:02 Last Seen2024-04-29 18:06:14 Times Seen135 Hash 09a80a4a23bdc1dba67f37fca7af6e1b f37cd1b7b407485887c87717098a0fda8fc268c6 eb8a863847bbe73aed0fdff596dd87c9cf66e85e4ce3526869d99fa9bdf01acf Loading...

	cf.bstatic.com/static/js/sp-on-maps_cloudfront_sd/6ed4742ed4775eef0e92f036b430325ef3c02600.js	6.9 kB	2024-04-16	2024-04-19
Pretty URL cf.bstatic.com/static/js/sp-on-maps_cloudfront_sd/6ed4742ed4775eef0e92f036b430325ef3c02600.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 19:46:36 Last Seen2024-04-19 06:25:41 Times Seen14 Hash 6e92b927b80092c11a3485586f60a6b3 ca568f2dace76dbe3f9bf9ddb0e8e40983613504 8217780f54c886be220309f995907784baa5771c7dd94b800925ce9670cfccce Loading...

	cf.bstatic.com/psb/capla/static/js/6b631c3f.4ad2f2c7.chunk.js	73 kB	2024-04-13	2024-04-29
Pretty URL cf.bstatic.com/psb/capla/static/js/6b631c3f.4ad2f2c7.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:04 Last Seen2024-04-29 18:06:15 Times Seen48 Hash 8222121ade8cc64dad7e00376c36088a 80fdb29dcd16e40b1998ccf82c1691126c23ae73 13308126c20fa94372f756cb3d2d2b8b9238d8adee3505d3b4fab50d56f1b9ee Loading...

	www.booking.com/	173 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen210 Hash d71aff614b6562d7377a40e202885370 57fb390da1571cc46ee4a7ecc950521d0a46db97 6fa9011200e6ce4caa20fec30ccc9e35b3fd504ef968fc69083e5e0e86a5b829 Loading...

	cf.bstatic.com/static/js/main_cloudfront_sd/66e83bc64432d9b5a57e8d60d6906582efdd1134.js	584 kB	2024-04-16	2024-04-19
Pretty URL cf.bstatic.com/static/js/main_cloudfront_sd/66e83bc64432d9b5a57e8d60d6906582efdd1134.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 19:46:34 Last Seen2024-04-19 06:25:40 Times Seen13 Hash 4141221bfc54492ea83f020e6879960f 295f24ba633e45394051308a76bc4ad0d6e83827 ef7a5f84582a65330c2901fb5febf5862c4aeac8375cc5cf4f2e50a86b9bc28c Loading...

	cf.bstatic.com/static/js/landingpage_cloudfront_sd/4417f0cf113c3ec51a8190be88e7c373a6d9295d.js	350 kB	2023-09-20	2024-04-29
Pretty URL cf.bstatic.com/static/js/landingpage_cloudfront_sd/4417f0cf113c3ec51a8190be88e7c373a6d9295d.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 17:18:58 Last Seen2024-04-29 18:06:15 Times Seen193 Hash 261cd9524de1941c0adbbc5ab40e071f b1d444cb7950cdaba1a586656133d83230716535 90217691ef650ad862929297ef8a897d5fed3d2a44b042274c20b0529907e375 Loading...

	cf.bstatic.com/psb/capla/static/js/5f127cf4.97c2b1a6.chunk.js	219 kB	2024-04-13	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/5f127cf4.97c2b1a6.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:04 Last Seen2024-04-16 19:58:20 Times Seen22 Hash 10cab819aad9c043a475f5e4ea56c8d6 f2d5c9a24eb9ab245542ae30d992559a737d7470 63bfd90ed282701473f0cdc4d29432fb0fc0946af29f6cef0d1750e03e1c71e0 Loading...

	cdn.cookielaw.org/scripttemplates/otSDKStub.js	21 kB	2024-04-16	2024-04-29
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.19.177.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:31:16 Last Seen2024-04-29 20:06:41 Times Seen1428 Hash 0cd317a7b9c520801230e944f7d50e41 e3985ff0c2e8b1eaacb617c7c5af5bebfcbceda6 6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544 Loading...

	www.booking.com/	64 kB	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:05 Last Seen2024-04-16 19:51:05 Times Seen1 Hash 562c4a44b51cd2b9a5b1fd00661f89c9 5040e63562c66c06b47fe58a6a88a750ec06452e 28dbee70be8387293976c431864c91f6b0d43d6cbbaa4c8dfb5aed77ec62ea47 Loading...

	cf.bstatic.com/psb/capla/static/js/282e5b08.3f312d8d.chunk.js	219 kB	2024-04-13	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/282e5b08.3f312d8d.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:02 Last Seen2024-04-16 19:58:20 Times Seen22 Hash 7ee974bf7bfebc24d6ccb9e3030ebb2b 19aa61a6a7423561331d4b9b2a9b07951545b075 d65193b19251e25d6ef7f355cb1e6346d861597088067a7f29755c42822caf26 Loading...

	cf.bstatic.com/psb/capla/static/js/0a098284.036ea833.chunk.js	42 kB	2024-03-31	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/0a098284.036ea833.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-31 05:40:33 Last Seen2024-04-16 19:58:20 Times Seen35 Hash fc5c3100b0f235ccd3243ffa5ac8be4b 16ef00a9368311678988a18a9aa83bfa1c482d39 c163bb7e75f58184668351d232f2344a75ab313c2f9a867fcd64b4c10b9b96f9 Loading...

	cf.bstatic.com/psb/capla/static/js/d8454389.ba82ac70.chunk.js	219 kB	2024-04-13	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/d8454389.ba82ac70.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:03 Last Seen2024-04-16 19:58:18 Times Seen20 Hash 27156b80331443db35f85700e1ac45b7 fdecd94cac27e860cebe7b6adfa6afef0579d197 7695b8d724e531066f9963c1cb474e87e62f17062502f3a8cc5512469575aceb Loading...

	cf.bstatic.com/psb/capla/static/js/b9a82cb8.e5633784.chunk.js	56 kB	2024-03-25	2024-04-18
Pretty URL cf.bstatic.com/psb/capla/static/js/b9a82cb8.e5633784.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-25 04:39:55 Last Seen2024-04-18 07:29:31 Times Seen56 Hash 724f085b4a9491fe8d80b2e525a06b80 faf29a7db808cc49e19b1f9d9dd59caa1d92b955 074334aba021856458a790e456586c4f75b0b7e4d512903e997b724954a06800 Loading...

	www.booking.com/	90 B	2023-03-07	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:29 Last Seen2024-04-29 18:06:13 Times Seen208 Hash ab1d6bda76ed6085c21b870c3f481929 5c37b10ccfc599727c712cbd60e359b6c005c9d6 ab1e1980a90333bea092e41648714dc201af2333f26c8262c730e30ea4aa68f9 Loading...

	cf.bstatic.com/psb/capla/static/js/f141039c.1c2abb24.chunk.js	11 kB	2024-03-10	2024-04-29
Pretty URL cf.bstatic.com/psb/capla/static/js/f141039c.1c2abb24.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-10 13:42:11 Last Seen2024-04-29 18:06:15 Times Seen70 Hash 6373ae89ed2b9b79abeff0e4e13f68a7 ff553513e9bff9e35518ede617adc95fe06f77da d41d630c0452791cbcd8cc993b9ec0b0e99c3c080912d31db4ef97c20e8db323 Loading...

	www.booking.com/	111 B	2023-03-08	2024-04-29
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:10:51 Last Seen2024-04-29 18:06:13 Times Seen122 Hash acddbda0920369bf3ad483e7d5ef7c9a a52fcb278583c12d558a044b3100f4376804a82d fd0bf0480e967e0a1bec7ae3ae7ce700817c39470202233ba0ca8df8978797d8 Loading...

	accounts.google.com/gsi/client	224 kB	2024-04-11	2024-04-18
Pretty URL accounts.google.com/gsi/client IP 108.177.14.84 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 11:57:17 Last Seen2024-04-18 12:43:19 Times Seen42 Hash 3378a93b5397ad2401f6b18ff1773fed 4a17029b9177e38d085fc90b73f5cf59e667d1df 4d903e4a172e899b1ee9eb8af686e9bddba2f119dd764f3e6c520f36ec01af40 Loading...

	cf.bstatic.com/psb/capla/static/js/f41dcaf5.b35264fb.chunk.js	1.6 kB	2024-04-13	2024-04-19
Pretty URL cf.bstatic.com/psb/capla/static/js/f41dcaf5.b35264fb.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:04 Last Seen2024-04-19 06:25:39 Times Seen17 Hash cc59273043247cb6caee92360ecbc12e badf1706d75cca7c83cc9b0f643824bcfcc72bd4 1316434833aa46fc354c216af1e184074791a5c32cc0e3b3560d365616ff9c96 Loading...

	www.booking.com/	169 B	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:06 Last Seen2024-04-16 19:51:06 Times Seen1 Hash a86ed0182df7109cb869ef2ff8b4b29d 7416c640b3b7c4dad0bc2d0dbec90e60ec800ba8 55addc8cdc03097cab654c9b28dcf65eb4b34aa0f092850851960930316bd6d8 Loading...

	cf.bstatic.com/psb/capla/static/js/18cad957.827e1cbd.chunk.js	38 kB	2024-04-16	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/18cad957.827e1cbd.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 19:46:35 Last Seen2024-04-16 19:58:20 Times Seen8 Hash e3e91829ee2579db9788e879a8b9e307 9c9f55838a0d3d30e4b011fee038f55ac5efb353 c4d4fd41208c7f61a878cf00bff4f1f7e55d411239181ad6646b20d2d1e04ecd Loading...

	cf.bstatic.com/psb/capla/static/js/7943e0ea.68af9cf4.chunk.js	170 kB	2024-04-11	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/7943e0ea.68af9cf4.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 06:11:29 Last Seen2024-04-16 19:58:17 Times Seen24 Hash 2a3b093fb92ff5e685b8ff752b752857 4d9c094da023640ebc9648ceab6af08c2ca19756 a2666fd5a9ec118e7222dcacd1488c84cd9b10db76afc182753ad964839b9973 Loading...

	www.booking.com/	183 B	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:06 Last Seen2024-04-16 19:51:06 Times Seen1 Hash ef7e34bf97f0651a2d106d185ae77de7 41e855b4cb7b09a852e4a94e3354ecbbd42b26bb 6053a74502c0f8d91f67bf51333795426d3c327e20c988f1555242228a6b3dfc Loading...

	www.booking.com/	134 B	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:06 Last Seen2024-04-16 19:51:06 Times Seen1 Hash 797c7c97570cdf604a21b7e08cf486d0 a77a8ac97e42891672deb364d3e04c3bef03868f 56156e79da41e9c49df1df7be3b2150969da9a817c0af395e7b4e326d0e661f8 Loading...

	cf.bstatic.com/psb/capla/static/js/remoteEntry.7d304f63.client.js	19 kB	2024-04-16	2024-04-16
Pretty URL cf.bstatic.com/psb/capla/static/js/remoteEntry.7d304f63.client.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 19:46:37 Last Seen2024-04-16 19:58:20 Times Seen8 Hash e0d84a9728bb874ea91659520664f873 e2e4087e27f1cfa8536c98d724008024b058ea44 0c2f297095e3da28207aff0bd511a9d77f8766cce89e70e52728b0a6e56294c6 Loading...

	cf.bstatic.com/psb/capla/static/js/97a643cd.b0e8ae10.chunk.js	20 kB	2024-04-13	2024-04-29
Pretty URL cf.bstatic.com/psb/capla/static/js/97a643cd.b0e8ae10.chunk.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 10:58:04 Last Seen2024-04-29 18:06:15 Times Seen51 Hash b2c124026779587267b8fc0e4e153201 2b2cf1f1c0eca138a50c812517e90652a5b4aea8 7fa3b2674b0fba4cdf547e0d4198cb75b2357250ecd09df64c940556da52fe5c Loading...

	cf.bstatic.com/static/js/searchbox_cloudfront_sd/208ed372e5b3fa6f5a8aa0c5d7fac5e72ade3356.js	245 kB	2024-02-25	2024-04-29
Pretty URL cf.bstatic.com/static/js/searchbox_cloudfront_sd/208ed372e5b3fa6f5a8aa0c5d7fac5e72ade3356.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 10:54:10 Last Seen2024-04-29 18:06:12 Times Seen67 Hash e68ce27305d2367670bb72e633a52a75 158cbe08ae6891e9ee9e92826e1f7c5d666e0bec 923bf98545d6ab1dd4630d395e4dd7f24239fd2a42538e11c8f79abb57f4c76c Loading...

	www.booking.com/	4.4 kB	2024-04-16	2024-04-16
Pretty URL www.booking.com/ IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 19:51:06 Last Seen2024-04-16 19:51:06 Times Seen1 Hash df9e8e8525da91fa9724870bb7e4c338 f7f622ec49bece984f996e6331af1f40c06bec9d 91946918bc20201986e9ffa1c8c738b7461c98b1e1211d461a78cac8acebe986 Loading...

HTTP Transactions (250)

URL IP Response Size

cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff0aa81.js

143.204.55.112

200 OK

95 B

URL GET HTTP/2
cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff0aa81.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
95 B (95 bytes)
Hash
335be8900580e9c3875dba57334294ae
a86597d2ddfa410df13bceca86fdf9a2291fe798
8a882fd19a15567e53a5c3c08d22cdab714fa87734ed92d854c4e8fdf3940b1f

HTTP Headers

GET /static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff0aa81.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 95
server: nginx
date: Mon, 25 Mar 2024 13:02:21 GMT
last-modified: Wed, 10 Apr 2019 11:21:38 GMT
etag: "5cadd1c2-5f"
expires: Wed, 24 Apr 2024 13:02:21 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0ZpEzHGNmsiPVqY_7NP0Fu68XCq4wUMRL-B8YlpbbxYVuKSvD2sX3A==
age: 1918074
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js

104.19.177.52

200 OK

2.9 kB

URL GET HTTP/2
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.booking.com/
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5355)
Size
2.9 kB (2947 bytes)
Hash
df2b513603c3c4aedbd7366aa07309b1
fcc212f92202477f31e4b2c796a65409de1a2bc2
433a9b7ed2172aa877cc638cbe2583eaef8af74a9d30e26d0bd9dbd05e0a364e

HTTP Headers

GET /consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:50:15 GMT
content-type: application/x-javascript
content-length: 2947
cf-ray: 875604434acf0b4d-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 19821
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC5A219320657A
expires: Wed, 17 Apr 2024 17:50:15 GMT
last-modified: Thu, 11 Apr 2024 12:19:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: qG47vuVKqisfZ6e8XK7n8Q==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 21591f0d-f01e-003b-7f0a-8c7c27000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2

cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/851d9d90e70b111207ec88dd198b5ea33b3330f9.css

143.204.55.112

200 OK

34 kB

URL GET HTTP/2
cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/851d9d90e70b111207ec88dd198b5ea33b3330f9.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (34343 bytes)
Hash
dae3d23d11d452a14d5b43d39fda3537
458f3de294c17819136653e9780f1755034bebd8
372c3a9cf7a9619ce8e71c71dff3dafbf3883f1aa7cd1ecb44981ea5dba3d1cd

HTTP Headers

GET /static/css/gprof_icons_cloudfront_sd.iq_ltr/851d9d90e70b111207ec88dd198b5ea33b3330f9.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 29 Mar 2024 13:25:10 GMT
last-modified: Wed, 28 Feb 2024 12:32:03 GMT
etag: W/"65df27c3-29126"
expires: Sun, 28 Apr 2024 13:25:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a2pcqv0fMqkOXC_BHycjAkabqzoNYgDzkPOU3ojBLxzoCjo90ysVeA==
age: 1571105
X-Firefox-Spdy: h2

cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/82553e98ffae657c57463aa497e9d8933a2ebe7f.css

143.204.55.112

200 OK

61 kB

URL GET HTTP/2
cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/82553e98ffae657c57463aa497e9d8933a2ebe7f.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
61 kB (61093 bytes)
Hash
09724eafceca136163dab323bbda4167
151160cf3b13a76abe9e969c1613499538f758ea
c3be9fbd59decfb2ac8a20d374cb68fcec314e6a6e9587e23bae181ab04596e1

HTTP Headers

GET /static/css/main_cloudfront_sd.iq_ltr/82553e98ffae657c57463aa497e9d8933a2ebe7f.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Tue, 09 Apr 2024 09:16:00 GMT
last-modified: Tue, 09 Apr 2024 08:42:27 GMT
etag: W/"6614ff73-7d9be"
expires: Thu, 09 May 2024 09:16:00 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LjdiFfHcgV8HLbihcBSx3hzdBuky6jMmwPBYW1jezE-klewqEvRhAA==
age: 635655
X-Firefox-Spdy: h2

cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/c4cea6cc4a62eba0342cfa9f4b20714a610dd010.css

143.204.55.112

200 OK

22 kB

URL GET HTTP/2
cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/c4cea6cc4a62eba0342cfa9f4b20714a610dd010.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (21709 bytes)
Hash
5fb437a50d4157ccab9dd95f29cab05e
9807cf3919edbeb9cdd541f487c90f9fd89a18fa
490060aab13b9e2240a32e60d539396d602ec3df52e0c574df5baf3bd44f8bd1

HTTP Headers

GET /static/css/main_exps_cloudfront_sd.iq_ltr/c4cea6cc4a62eba0342cfa9f4b20714a610dd010.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 29 Mar 2024 13:25:10 GMT
last-modified: Wed, 28 Feb 2024 12:32:03 GMT
etag: W/"65df27c3-216e5"
expires: Sun, 28 Apr 2024 13:25:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FDdZfUKQ8WmgJnQ-IbDJUadDfYYYK3eigH2ZMsKW0BjHBJ1iIMMhIA==
age: 1571105
X-Firefox-Spdy: h2

cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/5b5ab8ab66a5ce3092875d0725122439c4f2dfdd.css

143.204.55.112

200 OK

12 kB

URL GET HTTP/2
cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/5b5ab8ab66a5ce3092875d0725122439c4f2dfdd.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
12 kB (12366 bytes)
Hash
59b9ba105a6857533bbf8c4c3cabef29
e6efdc0b7a1d2c8cd9cd35f6652ff64f3b0b48fc
dfe541a6c0c1481c3ebe6b417754ee08d8871ec885dad30f723b89767732ed2c

HTTP Headers

GET /static/css/xp-index-sb_cloudfront_sd.iq_ltr/5b5ab8ab66a5ce3092875d0725122439c4f2dfdd.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sat, 30 Mar 2024 09:33:05 GMT
last-modified: Tue, 30 Jan 2024 07:07:17 GMT
etag: W/"65b8a025-129a7"
expires: Mon, 29 Apr 2024 09:33:05 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fs9wBja1fKSOhD-wlUdNHX3neSkS-fh4GvbnKSKH15WglatRpyQU5g==
age: 1498630
X-Firefox-Spdy: h2

air.bnb-id3204.com/payment/192308145/payment_confirmation

188.114.96.1

302 Found

144 kB

URL User Request POST HTTP/3
air.bnb-id3204.com/payment/192308145/payment_confirmation
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectbnb-id3204.com
Fingerprint78:A9:57:2D:9C:68:DC:9B:FD:06:E0:A4:23:88:17:43:ED:D9:1A:FB
ValiditySun, 14 Apr 2024 09:59:34 GMT - Sat, 13 Jul 2024 09:59:33 GMT

File type
data
Size
144 kB (144216 bytes)
Hash
3c47e4e7901f36f56f009989376dfa81
920134984b0c113d8728a6854a04ffe380196671
1407871c49292a44d1e9fbf062453e21c51ebe551eecf9cc72f6bcf511b70f13

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Airbnb, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /payment/192308145/payment_confirmation HTTP/1.1
Host: air.bnb-id3204.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 111318
Origin: https://air.bnb-id3204.com
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id3204.com/payment/192308145/payment_confirmation
Cookie: _cid=9f22727159c514ea6074bb50e6df6fa8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Tue, 16 Apr 2024 17:50:14 GMT
content-type: text/html; charset=UTF-8
location: https://booking.com
x-powered-by: PHP/8.4.0-dev
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLfmoZ%2BIDO4rGaSAmJ0NCW4A2BMSc%2BDgy6HsI%2F9b06JQ1C4xcIKXGBmH5UgibbMprPg5OpS0AtiEOAziPvqT2LsdnbevHBQOGPnFRQhU2DHGPu1gRhTDNrvyGLLAdyXz2isENak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8756043cd9510b3d-OSL
alt-svc: h3=":443"; ma=86400

cf.bstatic.com/static/js/searchbox_cloudfront_sd/208ed372e5b3fa6f5a8aa0c5d7fac5e72ade3356.js

143.204.55.112

200 OK

53 kB

URL GET HTTP/2
cf.bstatic.com/static/js/searchbox_cloudfront_sd/208ed372e5b3fa6f5a8aa0c5d7fac5e72ade3356.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size
53 kB (53141 bytes)
Hash
e68ce27305d2367670bb72e633a52a75
158cbe08ae6891e9ee9e92826e1f7c5d666e0bec
923bf98545d6ab1dd4630d395e4dd7f24239fd2a42538e11c8f79abb57f4c76c

HTTP Headers

GET /static/js/searchbox_cloudfront_sd/208ed372e5b3fa6f5a8aa0c5d7fac5e72ade3356.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 20 Mar 2024 19:53:22 GMT
last-modified: Mon, 19 Feb 2024 14:15:38 GMT
etag: W/"65d3628a-3be3a"
expires: Fri, 19 Apr 2024 19:53:22 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fS9pKokXzh9iv0bNxR63xfm_9AXRLccozcvLaRmyEb5PjX15Wzdqmg==
age: 2325413
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/77204d4da4aa41b08b1a4062c8e66e4629550994.js

143.204.55.112

200 OK

2.1 kB

URL GET HTTP/2
cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/77204d4da4aa41b08b1a4062c8e66e4629550994.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5619), with no line terminators
Size
2.1 kB (2052 bytes)
Hash
023fd7251563f3d53a56e92130146dcc
0e8228ea58a086a73e3fcd8e914b5759affe5e7a
994ec33de4b9253b6abbf26965dafb40c822e0b333e334456be7ff2a6fa638fe

HTTP Headers

GET /static/js/lazy_load_images_cloudfront_sd/77204d4da4aa41b08b1a4062c8e66e4629550994.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 13 Apr 2024 01:13:19 GMT
last-modified: Tue, 04 Feb 2020 10:19:57 GMT
etag: W/"5e39454d-15f3"
expires: Mon, 13 May 2024 01:13:19 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ls05O1ktf1nz39GzpMbb7X6Vc0eFvoGz9-atQKVgfN5HViv8vIPyow==
age: 319016
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/4a89d2db.6c0ec4b3.chunk.js

143.204.55.112

200 OK

375 B

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/4a89d2db.6c0ec4b3.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
375 B (375 bytes)
Hash
71d148d7e362a60e9a0c56222e4c1c42
efa6833affafa5ee32cc538c0ee386673c92d169
eefd6838a88ff46efd00a91c0c63f124352bac2d328f583e87cafe87056aad31

HTTP Headers

GET /psb/capla/static/js/4a89d2db.6c0ec4b3.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 375
last-modified: Sun, 14 Apr 2024 05:22:19 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: CwNXSAR6B6PVfwcNfx21EhwPKehYDDwe
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 01:31:08 GMT
etag: "71d148d7e362a60e9a0c56222e4c1c42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GoKebLVK5cyV7PYxRNks7spR7Sp0AgeDg2swrxbKWKlBW35byStGlQ==
age: 58749
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png

143.204.55.112

200 OK

1.6 kB

URL GET HTTP/2
cf.bstatic.com/static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 91 x 26, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1628 bytes)
Hash
3e32efd25ac0214b375fc8a6a32890f2
cd46a79db7e53e19d5869b3cb3e7aa22ee523479
807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd

HTTP Headers

GET /static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1628
server: nginx
date: Tue, 19 Mar 2024 02:07:46 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-65c"
expires: Thu, 18 Apr 2024 02:07:46 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ndDI8uw1IXLW3rQ-Is7vfCtAXGDJ-TekoqXWu0IcEcilBA_oHKDZTg==
age: 2475750
X-Firefox-Spdy: h2

cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png

143.204.55.112

200 OK

1.6 kB

URL GET HTTP/2
cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 91 x 26, 8-bit colormap, non-interlaced
Size
1.6 kB (1591 bytes)
Hash
b6d0b31340d7a113f63b936e23d06f78
268e3856da737f7e56e679258949ef70ddde47f4
18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5

HTTP Headers

GET /static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1591
server: nginx
date: Wed, 10 Apr 2024 22:50:42 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
expires: Fri, 10 May 2024 22:50:42 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "5cadd1d3-637"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Gmd9jW59Tf3EwE9HJHAxohA5JDXDePQ8rrR9cdit_CRpDSNlalxzCA==
age: 500374
X-Firefox-Spdy: h2

cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png

143.204.55.112

200 OK

1.2 kB

URL GET HTTP/2
cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 79 x 26, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1154 bytes)
Hash
6384185cbe9a4f106857a3cb85caea98
0e31a4fe2ce98a8b4fda60687aa71079b4d3a95b
5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42

HTTP Headers

GET /static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1154
server: nginx
date: Mon, 18 Mar 2024 04:19:21 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-482"
expires: Wed, 17 Apr 2024 04:19:21 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ennhT52KlhX7jPLVieUqsnxEvW-ktQ1lQjeXV1sdgrviVvaGtT-ixQ==
age: 2554255
X-Firefox-Spdy: h2

cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png

143.204.55.112

200 OK

2.1 kB

URL GET HTTP/2
cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 70 x 26, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2146 bytes)
Hash
27e71a5124018e16eae0b8897618623d
d0d54d88b04edfc71f338c19eab9994632bc6ced
1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20

HTTP Headers

GET /static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 2146
server: nginx
date: Mon, 18 Mar 2024 01:17:42 GMT
last-modified: Thu, 12 Mar 2020 10:15:57 GMT
etag: "5e6a0bdd-862"
expires: Wed, 17 Apr 2024 01:17:42 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9AqhFOlS6-8RsuiWieKn55Z4dSlzKy58mKRhGbu6avI_4cDZrTvuFQ==
age: 2565154
X-Firefox-Spdy: h2

cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png

143.204.55.112

200 OK

2.3 kB

URL GET HTTP/2
cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 95 x 26, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2344 bytes)
Hash
d05a0ab9bf394439a1584a2b0d44db5c
183c28023d3ba3358a7a5df1db887582ae5340ed
b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974

HTTP Headers

GET /static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 2344
server: nginx
date: Thu, 28 Mar 2024 14:18:54 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-928"
expires: Sat, 27 Apr 2024 14:18:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CG1avAesI7emKnOxp96w-JIBU-LgVZFvziQdzFJnZRdRM5VZZxKXdA==
age: 1654282
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json

104.19.177.52

200 OK

2.1 kB

URL GET HTTP/2
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.booking.com/
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
2.1 kB (2099 bytes)
Hash
6423e909e49bc79f7e172b98ede32a8c
50ea38c0c32ad97c5394d842956636d6273fb4c6
b2130491497d5247fb189d0bb749e789a463db29274290325e065e9fb50bcb01

HTTP Headers

GET /consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:50:16 GMT
content-type: application/x-javascript
content-length: 2099
cf-ray: 87560448cc540b4d-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 19822
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC5A2192C00438
expires: Wed, 17 Apr 2024 17:50:16 GMT
last-modified: Thu, 11 Apr 2024 12:19:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: vvdnZW6WirMnzof2WS54RQ==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 7bdbea1b-901e-0012-420a-8c4253000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/remoteEntry.f0866eea.client.js

143.204.55.112

200 OK

14 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/remoteEntry.f0866eea.client.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
14 kB (14051 bytes)
Hash
101e8d5c59895659359af7ea3116eddc
673026dd6239504dba04a4ffe6d93065cc11ff3c
cbe6b67080708dc52749b1ec174574c7fee4733a8914fb06ecabceac29008f56

HTTP Headers

GET /psb/capla/static/js/remoteEntry.f0866eea.client.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 14 Dec 2023 12:49:05 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: 0Gkt0CnTnvxOJEfeuYQEpbPR8W9fMbME
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 04:45:22 GMT
etag: W/"d78c34e2dbec204465921f484c1997f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zSw-v2Isray29i7_KxR6mVO23_mGCsiOgtVeeMQTH7hsSb2HQlxWiA==
age: 47095
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/59306dc3.9d1d8b5a.chunk.css

143.204.55.112

200 OK

42 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/59306dc3.9d1d8b5a.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
42 kB (41965 bytes)
Hash
49831bac9d544c579356e2fda7dc3af7
88bfbebcaddb0274f2a251e07dd599477fe7b2ca
554e101d4cb0e305a0f79fdfc13befd0787a68af27f98cd5d42e2aef482fbb20

HTTP Headers

GET /psb/capla/static/css/59306dc3.9d1d8b5a.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 14:39:45 GMT
etag: W/"2f27651e0e87ed4659f91b2a550d7dfa"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: LEzQ4h0w4OgDv_ijHfloANJB_BNqXCtq
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZrjYLftE-2XBFutcAz6HOa6RIIm9i8qi1G1g1SD0_2dablotxZJWtg==
age: 81337
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

t-cf.bstatic.com/design-assets/assets/v3.81.0/fonts-brand/BookingRegular.woff

143.204.55.112

200 OK

40 kB

URL GET HTTP/2
t-cf.bstatic.com/design-assets/assets/v3.81.0/fonts-brand/BookingRegular.woff
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 40120, version 2.0
Size
40 kB (40120 bytes)
Hash
f2953af89807609f49b87237180bb450
bcef01e9e586a9a6c567602272c1a7955b77b0ca
b02a3f6dfeb4ebf05d30eaecc8473664f1720190639cbfe43b2a7f9a00246e56

HTTP Headers

GET /design-assets/assets/v3.81.0/fonts-brand/BookingRegular.woff HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://cf.bstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 40120
last-modified: Tue, 25 Jul 2023 15:38:06 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 01:55:30 GMT
etag: "f2953af89807609f49b87237180bb450"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HbC8urT4OG9PC5eDok9aIcUnlZbO8aBJFdWh4WpYgkZ7Y7JXt3H-Vw==
age: 57286
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/0acd2ada6c74d5dec978a04ea837952bdf050cd2.js

143.204.55.112

200 OK

45 kB

URL GET HTTP/2
cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/0acd2ada6c74d5dec978a04ea837952bdf050cd2.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6155), with no line terminators
Size
45 kB (45116 bytes)
Hash
1e32438142fcd82e3c2aea1ec4900c2e
70f7f4732872c739c76969d77fe36d1d53333950
c3f06cf6ded52069a79551343aca5f2269a048cedb9fbacd3cfff7136980659c

HTTP Headers

GET /static/js/error_catcher_bec_cloudfront_sd/0acd2ada6c74d5dec978a04ea837952bdf050cd2.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 19 Mar 2024 02:01:56 GMT
last-modified: Wed, 21 Dec 2022 14:29:30 GMT
etag: W/"63a3184a-180b"
expires: Thu, 18 Apr 2024 02:01:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xRPLv_8Qg2MN0euSa-vjinoq_dNzoB6limt81XdLQmtyd8Z_0p39Pw==
age: 2476099
X-Firefox-Spdy: h2

cf.bstatic.com/static/img/favicon/4a3b40c4059be39cbf1ebaa5f97dbb7d150926b9.png

143.204.55.112

200 OK

3.3 kB

URL GET HTTP/2
cf.bstatic.com/static/img/favicon/4a3b40c4059be39cbf1ebaa5f97dbb7d150926b9.png
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3323 bytes)
Hash
799af703ff428e33a7db434613c9c030
75648638d71e25179744da725db599612e6d983e
6d71962600b1166ed95cf3f5af9298da2d3cd134466350b41202eb1dd17447c8

HTTP Headers

GET /static/img/favicon/4a3b40c4059be39cbf1ebaa5f97dbb7d150926b9.png HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3323
server: nginx
date: Fri, 29 Mar 2024 04:49:08 GMT
last-modified: Thu, 29 Jun 2023 10:02:49 GMT
etag: "649d56c9-cfb"
expires: Sun, 28 Apr 2024 04:49:08 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D71mF1uA5g5QVXyljB2hrrMoyrH-gHWVwvdbHrcaWH9Y9qSqM86CRg==
age: 1602068
X-Firefox-Spdy: h2

account.booking.com/privacy-consents/implicit

54.230.111.34

200 OK

0 B

URL POST HTTP/2
account.booking.com/privacy-consents/implicit
IP
54.230.111.34:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /privacy-consents/implicit HTTP/1.1
Host: account.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.booking.com/
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: envoy
date: Tue, 16 Apr 2024 17:50:16 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.booking.com
access-control-max-age: 1728000
set-cookie: bkng_sso_session=e30; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:16 GMT; secure; HttpOnly
bkng_sso_ses=e30; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:16 GMT; secure; HttpOnly
bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiI5Mjg1M2U0Yi03ZWIyLTRkYzUtODI5YS01OTMzYmEyMDExNGQiLCJzZXNzaW9ucyI6W119fQ; domain=account.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:16 GMT; SameSite=Lax; secure; HttpOnly
content-security-policy: frame-ancestors https://*.booking.com 'self'; report-uri https://nellie.booking.com/csp-report-uri?type=block&tag=212&pid=81f67d6c93cf0128&e=UmFuZG9tSVYkc2RlIyh9YSWKtKO5TxgOpTwVTPfHZKNW3Hcrm1RLgTDT2V-m21UMJ4KxJTAfD3k6vpGGyphNZUfy-f31chCZb8612iO9R_UYhDOKZTX9f9H49t8PnK2N6xuOIDHFf7YVeF6LUX15hL168-A5oXiN8dPgab0XZ4c
content-security-policy-report-only: base-uri 'none'; connect-src saa.booking.com secure.booking.com reports.booking.com privacyportal-eu.onetrust.com geolocation.onetrust.com cdn.cookielaw.org www.google-analytics.com *.perimeterx.net *.pxchk.net *.px-cdn.net *.px-client.net *.px-cloud.net 'self' 'report-sample'; default-src *.bstatic.com bstatic.com 'self'; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com www.booking.com secure.booking.com paymentcomponent.booking.com 'self'; img-src 'self' data: www.booking.com graph.facebook.com cdn.cookielaw.org account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net *.px-cloud.net *.perimeterx.net www.gstatic.com; object-src 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=213&pid=81f67d6c93cf0128&e=UmFuZG9tSVYkc2RlIyh9YSWKtKO5TxgOpTwVTPfHZKNW3Hcrm1RLgTDT2V-m21UMJ4KxJTAfD3k6vpGGyphNZUfy-f31chCZb8612iO9R_UYhDOKZTX9f9H49t8PnK2N6xuOIDHFf7YVeF6LUX15hL168-A5oXiN8dPgab0XZ4c; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google.com www.google-analytics.com cdn.cookielaw.org geolocation.onetrust.com 'self' 'nonce-Es4YSU2Togtstx1' 'report-sample'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'unsafe-inline'
x-xss-protection: 1; mode=block
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BoX6XdQgm-HiY3sFDqXgMvaKkRjLLFdNqw7nRI7kyZdvnu3gZUEabw==
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/3c29a897.3b72a564.chunk.css

143.204.55.112

200 OK

314 B

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/3c29a897.3b72a564.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
314 B (314 bytes)
Hash
947cebda090d0c44bcbed31c2248f147
0c0971623cc843d4550df421ced06d8ff4bbad76
0de77ddd00e3d21bc508e9e7345d6f69a522a8fd43685c105087b35d7421c1a1

HTTP Headers

GET /psb/capla/static/css/3c29a897.3b72a564.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 314
date: Mon, 15 Apr 2024 17:54:00 GMT
last-modified: Mon, 15 Apr 2024 13:34:53 GMT
etag: "947cebda090d0c44bcbed31c2248f147"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: h_UOzINABjAFr0QMq1ADT3rsn5pAyDN.
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KdCJsf9Dgy8oE38hG8fon36ziGXm25fZVT4x55swRiFMbhkt3z_NRQ==
age: 86178
vary: Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/3c29a897.18d442f5.chunk.js

143.204.55.112

200 OK

12 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/3c29a897.18d442f5.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
12 kB (11651 bytes)
Hash
875d857dfe2f20aabef2f9bf9d4ea2bb
7f577b06559fa1ce37690e6fe0685fcc139c6995
5ca83a49905f495f2eb5f6f0ed387689dc570cc74e7640457643600aab8d8e0c

HTTP Headers

GET /psb/capla/static/js/3c29a897.18d442f5.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 17:54:00 GMT
last-modified: Tue, 09 Apr 2024 05:24:41 GMT
etag: W/"0b633dfa4929ccab601b08cd99ab80d4"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: ozNAkinsEdW_MwkrTnAj.9krgAJ9jmmU
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BufEvhmZ1D4xWfLHp3Ym4tMmvlSAWp3h2DuPkr104aePDh967wRuOA==
age: 86178
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/51ee1383.6c7ab1e9.chunk.js

143.204.55.112

200 OK

9.2 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/51ee1383.6c7ab1e9.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (26081)
Size
9.2 kB (9242 bytes)
Hash
81d8b730dc8b63b677e2e2f1ba62dc38
2d05257b39a9b2b048f5031d4074baf8f59d5771
55319bfbc387c0fe5d806968e88c39e22c9433a6ecb4b9f9c05fbf9d447c1309

HTTP Headers

GET /psb/capla/static/js/51ee1383.6c7ab1e9.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 18:12:33 GMT
last-modified: Mon, 18 Mar 2024 08:03:33 GMT
etag: W/"81d8b730dc8b63b677e2e2f1ba62dc38"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: OCK_CRUf_nqzEbUk.gDrOy8vQWpjafi7
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: slmF2B7nqFasBXhXOW9lli-fpSgxo3KBFlVtO4YKujrRzL4c8snwQQ==
age: 85065
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/540x405/292056369.webp?k=358d8cd9ede268c8a9660de4debc48b68fe5777bddce07972ac30ae28ab8b8f2&o=

143.204.55.112

200 OK

42 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/540x405/292056369.webp?k=358d8cd9ede268c8a9660de4debc48b68fe5777bddce07972ac30ae28ab8b8f2&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 540x405, Scaling: [none]x[none], YUV color, decoders should clamp
Size
42 kB (42508 bytes)
Hash
9ea57e9d0adecd448348a26e32490417
47d5b94cb5d844cdbcf3bad484e4d60f260b1b8d
07801de2ab9e131c7608fb3fad2e5f548f543b2afb8c03ad491a539782587ffa

HTTP Headers

GET /xdata/images/xphoto/540x405/292056369.webp?k=358d8cd9ede268c8a9660de4debc48b68fe5777bddce07972ac30ae28ab8b8f2&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Fri, 22 Mar 2024 05:07:52 GMT
content-language: 28618
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "1f14817c780d1c1b251591b8136e75e4c103f32f"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: s5TccXRAkpEE3LVk0zald4BjFIUD4l-vTO8IPEng9SCUfSdyPcDzBg==
age: 2205744
X-Firefox-Spdy: h2

accommodations.booking.com/orca/chunk-metadata?chunk=51ee1383&mfe=b-index-lp-web-mfe&lang=en-us&namespace=NdHKJSSU

54.230.111.123

200 OK

0 B

URL GET HTTP/2
accommodations.booking.com/orca/chunk-metadata?chunk=51ee1383&mfe=b-index-lp-web-mfe&lang=en-us&namespace=NdHKJSSU
IP
54.230.111.123:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /orca/chunk-metadata?chunk=51ee1383&mfe=b-index-lp-web-mfe&lang=en-us&namespace=NdHKJSSU HTTP/1.1
Host: accommodations.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-booking-et-serialized-state
Referer: https://www.booking.com/
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 0
server: nginx
date: Tue, 16 Apr 2024 17:50:17 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-methods: HEAD,OPTIONS,GET,POST
access-control-allow-headers: x-booking-et-serialized-state
vary: Origin
access-control-allow-origin: https://www.booking.com
x-xss-protection: 1; mode=block
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IWPDBdWg8I-IRROcKop3qF5WNwV8iIwV9uLgrAN8YmnnrFiMq7P0Iw==
X-Firefox-Spdy: h2

www.booking.com/js_tracking?pid=e1027d6b28d009d9&aid=304142&ver=2&lang=en-us&sid=6310d4b1432373d4128c998e03fdd1fb&stype=1&ref_action=index&m=UmFuZG9tSVYkc2RlIyh9YarGvSH9iz-oGWKFtShNeeoqe1cG6IkIoA5kVtRxMLz8SIBmNjlEWUkLyzRwqIkkRhUVhJLQypTfjIpOvjalfQPZTmH3Es26rzloPODMe6mxIxcFaHj9j1KOyQVKIVwTUWJr16-8TuncgONgtad466Vx87yDcNZvBRLi7qfDXOCuYsEH5_SkphPcwOEzMI4IbLm03cBQmx9vBDGIW9XpD_mvhVYKh2OEfUn2PUKksMtFCfGRf_Bjw6ORLMmX2uw93qX__AnU14ONzpvYMrvZVzvDG6ZROwMzwcNI8HZ4GgL31-6X4270go8LGN4usz683g&etgwv=js_onload_resource_transfer_size%7C1716&_=1713289817230

54.230.111.57

200 OK

35 B

URL POST HTTP/2
www.booking.com/js_tracking?pid=e1027d6b28d009d9&aid=304142&ver=2&lang=en-us&sid=6310d4b1432373d4128c998e03fdd1fb&stype=1&ref_action=index&m=UmFuZG9tSVYkc2RlIyh9YarGvSH9iz-oGWKFtShNeeoqe1cG6IkIoA5kVtRxMLz8SIBmNjlEWUkLyzRwqIkkRhUVhJLQypTfjIpOvjalfQPZTmH3Es26rzloPODMe6mxIxcFaHj9j1KOyQVKIVwTUWJr16-8TuncgONgtad466Vx87yDcNZvBRLi7qfDXOCuYsEH5_SkphPcwOEzMI4IbLm03cBQmx9vBDGIW9XpD_mvhVYKh2OEfUn2PUKksMtFCfGRf_Bjw6ORLMmX2uw93qX__AnU14ONzpvYMrvZVzvDG6ZROwMzwcNI8HZ4GgL31-6X4270go8LGN4usz683g&etgwv=js_onload_resource_transfer_size%7C1716&_=1713289817230
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
data
Size
35 B (35 bytes)
Hash
79a611524d7c43a354c589264cc2376e
2e25649d9a8a208302be0502b47a0e44b07bc7c1
c7a9af81f3467d3c95760df18d0853bda8c191f612fb2e8b2b5c4ed941fbaf1a

HTTP Headers

POST /js_tracking?pid=e1027d6b28d009d9&aid=304142&ver=2&lang=en-us&sid=6310d4b1432373d4128c998e03fdd1fb&stype=1&ref_action=index&m=UmFuZG9tSVYkc2RlIyh9YarGvSH9iz-oGWKFtShNeeoqe1cG6IkIoA5kVtRxMLz8SIBmNjlEWUkLyzRwqIkkRhUVhJLQypTfjIpOvjalfQPZTmH3Es26rzloPODMe6mxIxcFaHj9j1KOyQVKIVwTUWJr16-8TuncgONgtad466Vx87yDcNZvBRLi7qfDXOCuYsEH5_SkphPcwOEzMI4IbLm03cBQmx9vBDGIW9XpD_mvhVYKh2OEfUn2PUKksMtFCfGRf_Bjw6ORLMmX2uw93qX__AnU14ONzpvYMrvZVzvDG6ZROwMzwcNI8HZ4GgL31-6X4270go8LGN4usz683g&etgwv=js_onload_resource_transfer_size%7C1716&_=1713289817230 HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 35
server: nginx
date: Tue, 16 Apr 2024 17:50:17 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=68a37d6c2b8e02f2&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejLCkk7veANI9ToS9JlFyAu37MCWnYYIXiw
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t6sbjtwtraa2GjR0CtYazvJev6buy9Lh2LV4Z6QpZEpfUu-I__ef4w==
X-Firefox-Spdy: h2

cf.bstatic.com/libs/privacy-consent/releases/2.1.54/customer/cookie-banner.min.js

143.204.55.112

200 OK

18 kB

URL GET HTTP/2
cf.bstatic.com/libs/privacy-consent/releases/2.1.54/customer/cookie-banner.min.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (11685), with no line terminators
Size
18 kB (18121 bytes)
Hash
d6b9ab496a18e87f581c766e6529293d
38d452ceed7161e97c51b5fd5df73712f73d6c54
2625e54668c91ff7e2afdc3284790a21391ba240580a9f872817a76fee719b4f

HTTP Headers

GET /libs/privacy-consent/releases/2.1.54/customer/cookie-banner.min.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 14 Apr 2024 09:48:13 GMT
last-modified: Thu, 28 Mar 2024 00:50:47 GMT
etag: W/"6604bee7-2da5"
expires: Tue, 14 May 2024 09:48:13 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PKSwzxaTdNH5Y684jjY_F-SoKvpJJGVaT3UFrHTQUfmfWC095uRWbg==
age: 201722
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js

104.19.177.52

200 OK

111 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.booking.com/
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
111 kB (110887 bytes)
Hash
fa5c95d8306a66b4eb13eef3a634f8e1
534157a808dc08f7cabfbd36967566f03dbabf3d
7e90effe2c4b60df553e50c5e65bcf113ad7a2ddf3d5e7a594f2b8a9ccfd4523

HTTP Headers

GET /scripttemplates/202403.2.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:50:17 GMT
content-type: application/javascript
content-length: 110887
content-encoding: gzip
content-md5: NaqcG2ILVJmSrG/q1ZpJ7w==
last-modified: Thu, 11 Apr 2024 16:21:24 GMT
etag: 0x8DC5A436EB059CF
x-ms-request-id: c707afac-901e-003d-0eb2-8c4f98000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 68664
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8756044ededa0b4d-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/e6419570-52cc-432d-ba1e-7300290f1970/en-us.json

104.19.177.52

200 OK

23 kB

URL GET HTTP/2
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/e6419570-52cc-432d-ba1e-7300290f1970/en-us.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.booking.com/
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
23 kB (22791 bytes)
Hash
62a35ad8a80d611892bff5676257b217
d7d9ed10b9a763cb6e5c940ad740347fb925eaff
b431bc3a00414d00189dc04b1e7927a28b51d8a8c6f567112aef7e3dd912e997

HTTP Headers

GET /consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/e6419570-52cc-432d-ba1e-7300290f1970/en-us.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:50:17 GMT
content-type: application/x-javascript
content-length: 22791
cf-ray: 8756044f88440b4d-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 19777
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC5A21A15B50A2
expires: Wed, 17 Apr 2024 17:50:17 GMT
last-modified: Thu, 11 Apr 2024 12:19:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: jkmlfX45zinbAuvqLt6A+A==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 14e1907d-f01e-0014-3a0a-8c71ec000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/searchresults_cloudfront_sd/506a73edd0964fce2cd78d40726eddbb0a993c77.js

143.204.55.112

200 OK

46 kB

URL GET HTTP/2
cf.bstatic.com/static/js/searchresults_cloudfront_sd/506a73edd0964fce2cd78d40726eddbb0a993c77.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
46 kB (46410 bytes)
Hash
ab64aeac72c7d3b130d38c5d32d2f96d
b975c200ee731f1f01a33eb38aa475da46819d11
f712b667c8085df48133ab789eb42e3c4213fba50f456a2ee9456466d4b08534

HTTP Headers

GET /static/js/searchresults_cloudfront_sd/506a73edd0964fce2cd78d40726eddbb0a993c77.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 16 Apr 2024 12:53:36 GMT
last-modified: Fri, 12 Apr 2024 09:06:46 GMT
etag: W/"6618f9a6-30dbe"
expires: Thu, 16 May 2024 12:53:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 55s5nibMvFB4coaEylXSRYFzjdK-VHzdcyP2DEhda5TObGZTrs0zTQ==
age: 17801
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/sp-on-maps_cloudfront_sd/6ed4742ed4775eef0e92f036b430325ef3c02600.js

143.204.55.112

200 OK

2.9 kB

URL GET HTTP/2
cf.bstatic.com/static/js/sp-on-maps_cloudfront_sd/6ed4742ed4775eef0e92f036b430325ef3c02600.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6888), with no line terminators
Size
2.9 kB (2876 bytes)
Hash
6e92b927b80092c11a3485586f60a6b3
ca568f2dace76dbe3f9bf9ddb0e8e40983613504
8217780f54c886be220309f995907784baa5771c7dd94b800925ce9670cfccce

HTTP Headers

GET /static/js/sp-on-maps_cloudfront_sd/6ed4742ed4775eef0e92f036b430325ef3c02600.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 07 Apr 2024 21:04:24 GMT
last-modified: Fri, 10 Dec 2021 14:00:50 GMT
etag: W/"61b35d92-1ae8"
expires: Tue, 07 May 2024 21:04:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WJRLpdGPCqo5JMGbeGT0FHBWQWYeRct5r5CKRlVlKEvSyLg5Vn5I8g==
age: 765952
X-Firefox-Spdy: h2

cf.bstatic.com/static/css/searchresults_cloudfront_sd.iq_ltr/a80f32e7f9693f304c247b0f22b0f109a5fd7dd6.css

143.204.55.112

200 OK

139 kB

URL GET HTTP/2
cf.bstatic.com/static/css/searchresults_cloudfront_sd.iq_ltr/a80f32e7f9693f304c247b0f22b0f109a5fd7dd6.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
139 kB (139371 bytes)
Hash
ee4c10728223a6d6cf06cc033be3b6b8
a98479776c10c2c700910912903064e6ca7de294
ed997e027b30559c9be44193fd0bd581b0c4e79162180b61f1ff30395b1425fa

HTTP Headers

GET /static/css/searchresults_cloudfront_sd.iq_ltr/a80f32e7f9693f304c247b0f22b0f109a5fd7dd6.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 12 Apr 2024 18:01:55 GMT
last-modified: Tue, 23 Jan 2024 12:08:23 GMT
etag: W/"65afac37-57cce"
expires: Sun, 12 May 2024 18:01:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4V93W4Et4WpuBy758zNfl3eYUleYGJadEcoOpXleFWhXNDalotZzXQ==
age: 344902
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/0d919837.df55bc38.chunk.css

143.204.55.112

200 OK

96 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/0d919837.df55bc38.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
96 kB (95724 bytes)
Hash
bfe703feef5ac75fc6aba8fa247381a1
9f05c5fbf8a82dc65e1930af1edecd83e0330e6b
acbf1918ffa97b7b81728124e7ff3c44c44dcc5e0cfa47bd0a10cbd9adc79a9b

HTTP Headers

GET /psb/capla/static/css/0d919837.df55bc38.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Sun, 14 Apr 2024 05:17:41 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: UVJN.H9otWRQrZ3wzKC3byeL9kWcF5N.
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 01:35:23 GMT
etag: W/"c36b55ea413183d9ade2d87d587aad8f"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jggvsq796bGseTAo_wUTYSqdqB60OhJJT9L3Rah2hLVBOHpj2U5Fow==
age: 58494
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

t-cf.bstatic.com/design-assets/assets/v3.109.0/illustrations-traveller/GlobeGeniusBadge.png

143.204.55.112

200 OK

20 kB

URL GET HTTP/2
t-cf.bstatic.com/design-assets/assets/v3.109.0/illustrations-traveller/GlobeGeniusBadge.png
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 260 x 260, 8-bit colormap, non-interlaced
Size
20 kB (19613 bytes)
Hash
46a2de536918e78228ad39f6c9bced54
bd29519e8b65591aed18adc02a3ed6c8354000a8
d0e96c1281514494c432a9dcd3059ed824047abcf10ad228c6bb7ae7c7d58c0b

HTTP Headers

GET /design-assets/assets/v3.109.0/illustrations-traveller/GlobeGeniusBadge.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 19613
last-modified: Tue, 05 Dec 2023 13:24:03 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 07:15:10 GMT
etag: "46a2de536918e78228ad39f6c9bced54"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EfnSKMuHzUUKrp50M1XMhophruXP-upTehjaU0eut0E6zelji4nEIQ==
age: 38118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

t-cf.bstatic.com/design-assets/assets/v3.109.0/images-flags/Us@3x.png

143.204.55.112

200 OK

950 B

URL GET HTTP/2
t-cf.bstatic.com/design-assets/assets/v3.109.0/images-flags/Us@3x.png
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit colormap, non-interlaced
Size
950 B (950 bytes)
Hash
025b409525836b9e0913038b2556d2cf
187b28fad3a710b3712b56e53be8fc4e142d9abc
bf146c2fcd8c33fdea4570acc5f92bc73b337b1efbbb2c318089f7bea5396672

HTTP Headers

GET /design-assets/assets/v3.109.0/images-flags/Us@3x.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 950
last-modified: Tue, 05 Dec 2023 13:24:05 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 09:33:31 GMT
etag: "025b409525836b9e0913038b2556d2cf"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: l5vUeWNdKXeDtrlEuc4ox8LmmeVooPrtCWyTSpsJbyeNdHwoZZpIEQ==
age: 29808
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/media/bh_aw_cpg_main_image.b4347622.png

143.204.55.112

200 OK

62 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/media/bh_aw_cpg_main_image.b4347622.png
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 714 x 471, 8-bit/color RGBA, non-interlaced
Size
62 kB (62401 bytes)
Hash
d8c78bb4aa47ab6ae3df9d9e2fd9501e
8c959e1da33c4eee451ef13e2cd0f8b2327b7f76
34643ff9ca4b3ea1209f72b31dfcf85c0d23a9d389766bd908eff7a8dfd51f8a

HTTP Headers

GET /psb/capla/static/media/bh_aw_cpg_main_image.b4347622.png HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 62401
last-modified: Mon, 15 Apr 2024 05:19:50 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: .Aql5iySP3TkXokQ4t1jLTGSiCep44aK
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 13:14:49 GMT
etag: "d8c78bb4aa47ab6ae3df9d9e2fd9501e"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wXWLQFsDiRteTxepM133WJK6pHqsxvk6uBWMtWPEWdaWue1kn1MdcA==
age: 16530
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/2880x868/324562486.jpeg?k=981efa07850cd8e3935d5290488927e5db02da5873dcc63f1bc194699d10dc08&o=

143.204.55.112

200 OK

405 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/2880x868/324562486.jpeg?k=981efa07850cd8e3935d5290488927e5db02da5873dcc63f1bc194699d10dc08&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2880x868, components 3
Size
405 kB (405218 bytes)
Hash
5f138f61a34cc8879deab71113298ab3
c3ad834cc3457260075854c6a545ff8c8ae04904
151421cdf88f1461d39bc12ba778ceb3dda0b26591fdb901d161d100fd574cb9

HTTP Headers

GET /xdata/images/xphoto/2880x868/324562486.jpeg?k=981efa07850cd8e3935d5290488927e5db02da5873dcc63f1bc194699d10dc08&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Wed, 10 Apr 2024 12:50:40 GMT
etag: "d1bb5f957443c138ebd87fa2b8898bb461eae947"
content-language: 385605
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0FpXOaECrccSIiQxc7ji5-almFOiwrq0pAzNBZ4A9TUJ27SlHHj-ZQ==
age: 536377
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js

143.204.55.112

200 OK

42 kB

URL GET HTTP/2
cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (60582)
Size
42 kB (42483 bytes)
Hash
1a16f971ed98c047c8fa288987383922
04200a6f3b25cdfa04551f635d025fc64743b4ff
5ad7526d50b7586ddfaee62b3fc95e71207136dc08f6a2b7ffd671ded73fab83

HTTP Headers

GET /static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 19 Mar 2024 02:01:56 GMT
last-modified: Tue, 28 Jun 2022 15:19:38 GMT
etag: W/"62bb1c0a-19a42"
expires: Thu, 18 Apr 2024 02:01:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: b0-1o3Pn1Zoraf47wJitVWuQJ2HgZbgtg9Vag90AvkY5sGQvqBeoJQ==
age: 2476099
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/540x405/281113733.webp?k=43768154acdf2261706ad890b1e6196e0b261f88de846c23d3bf5693de202238&o=

143.204.55.112

200 OK

188 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/540x405/281113733.webp?k=43768154acdf2261706ad890b1e6196e0b261f88de846c23d3bf5693de202238&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 540x405, Scaling: [none]x[none], YUV color, decoders should clamp
Size
188 kB (187863 bytes)
Hash
7cb4ccdd574d1dff39aa26e64730ff0f
d57f1613c7ea3a17913fdf6966a6d0225e1f2d3c
18bbdc548080192baec7462712a73442938b0036af76b811ff70d3a5a3fcba52

HTTP Headers

GET /xdata/images/xphoto/540x405/281113733.webp?k=43768154acdf2261706ad890b1e6196e0b261f88de846c23d3bf5693de202238&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Fri, 22 Mar 2024 05:07:52 GMT
content-language: 47044
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "fade909831cdda8e557d517b4aec62b3721f38e5"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TUz04y73HW4NNbkw-1Pe_piBJVUtuaqXNrBpAXFOynql_I1Jp0dO0A==
age: 2205744
X-Firefox-Spdy: h2

www.booking.com/c360/v1/track

54.230.111.57

200 OK

52 B

URL POST HTTP/2
www.booking.com/c360/v1/track
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
JSON text data
Size
52 B (52 bytes)
Hash
194888d619d9dab4144b5c724a1e0048
571a166272b8fd6ba3ef502bf94f6d34189e31ac
a354484f9301eb3ec58f71ce3c97228c19ae9289303d4943dcdaffb4100d981d

HTTP Headers

POST /c360/v1/track HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Booking-Pageview-Id: e1027d6b28d009d9
X-Booking-AID: 304142
X-Booking-Session-Id: 6310d4b1432373d4128c998e03fdd1fb
X-Booking-SiteType-Id: 1
X-Partner-Channel-Id: 3
X-Booking-Label: gen173rf-1FCAEoggI46AdIM1gDaKoBiAEBmAExuAEZyAEP2AEB6AEB-AECiAIBogISYWlyLmJuYi1pZDMyMDQuY29tqAIDuALX9PqwBsACAdICJDZlNTEzYjA2LThjNjUtNDc5ZS04NWM1LTNlZDdkMzhmNDdjONgCBeACAQ
X-Booking-CSRF: l/IeZgAAAAA=BVyfpIXbtEd8ikiwCPMc1R90gP_w1JDkxjMOqcOosVmOZ_HShux4glJ448KpmPXdfw3jBZjuS13ilZlMmLqs8j3A5AHRbrPNhbUDas0v6AfRbJwVwbbYPUqO20I0c9I4IH1y4W9LLjko2G4BDArKrUIFVT1J7_lA05m3dNrSC50cP-BGQi5MMj-MrP3XCa_HG1ijPkdKRLf1Pkvr
X-Booking-Language-Code: en-us
X-Booking-Client-Info: cCHObXKeNJAbINFPIWBccCcCcCC|4,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2
X-Booking-Info: 1856950,1865390,1931000,1932080,1932100,1932110,1939730,1943090,1946400,1958000,1959390,1960550,1960640,1962740,cCHObTULHfAFFQZcfHSdFaLbFFRURURHe|1,cCHObXKeNJAbINFPIWBccCcCcCC|4,1960550|1,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2,dDfPWPHDDZSOBJbKYfNIfPTDWe|1,YTTHbXeeVJWcFKJPFNJQVVEbMKXe|1,YTTHbXeeVJWcFKJPFNJQVVEbMKXe|5,aXTfOFJZMYeKTcABVYUfFdHMPVWCGTQJQJET|1,aXTfOFJZMYeKTcABVYUfFdHMPVWCGTQJQJET|2,aXTfMZMYeKTcNGEcfFdHMPVUPHET|1,TZUfONebEWAUFccRMVIZdRRT|1,aXTfMZMYeKTcNGEcfFdHMPVUPHET|3,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|1,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|7,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|8,NAFLeOeJHSCQQGPLUPHBeZdRNYYdTUWe|1,cCHObVZMYCMKdFEVJTNIKdFHaO|1,cCHObVZMYCMKdFEVJTNIKdFHaO|3,NAFLeOeJcQEcVOdWNeYZdfdbJae|1,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|1,cCHObKdBdUHINPSXeHDALOLOLMO|1,cCHObKdBdUHINPSXeHDALOLOLMO|5,cCeIVOMPWAEeIcFARSYSbZDQSXbaTaTaET|3,cCeIVOOLfOECVVDFRURURHe|1,cCeIVOOLfOECVVDFRURURHe|2,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|1,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|2,YTTHbXeeVeCFZAcbRbROfLMTeCYHDRFcO|4,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|1,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|1,cCHObdRdJJVdfUSCEcdNHMddKNKNKWe|1,cCHObdRdJJVdfUJGFDSeBcZFLMFRURURHe|1,cCHObdRdJJVdfUJGFDSeBcZFLMFRURURHe|3,cCeIVOTeJUNSMTfIMLebaTaTaET|1,cCeIVOTeJUNSMTaSdNdKNKNKWe|1,cCHOGAQHSMSXUDeLcffIVXBPKAFRURURHe|1,cCHOGAQHSMSXUDeLcffIVXBPKAFRURURHe|5,cCHOGAQPXafJCfSFeMZXZAQeRfXPRQNIKdFHaO|1,cCHObKdBZXZAVCMIQRMebfTIbRZaTaTaET|1,cCeIVOdJEVOAeZTbQNPcZRALOLOLMO|1,cCHObCBWaEdIPPSfDcXLYSfDccCcCcCC|2,NAFLeOeJcQEcVOdWNeYZdfdbJae|2,NAFLeOeJcQEcVOdWNeYZdfdbJae|4,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|2,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|4,cCHObVZMYCMKdFEVJTNIKdFHaO|4,cCHObVZMYCMKdFEVJTNIKdFHaO|6,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|9,cCeIVOOLfOECVVDFRURURHe|3,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|3,cCeIVOdJEVOAeZTbQNPcZRALOLOLMO|2,cCeIVOTeJUNSMTfIMLebaTaTaET|2,cCeIVOTeJUNSMTaSdNdKNKNKWe|2
X-Requested-With: XMLHttpRequest
Content-Length: 1138
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 52
server: nginx
date: Tue, 16 Apr 2024 17:50:18 GMT
vary: Accept-Encoding, User-Agent
content-encoding: br
access-control-allow-credentials: true
access-control-allow-origin: https://www.booking.com
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPedQbj6gJ91YLqjhOOZS86e37UfsoO3uO2F411N%2BjzDPo7bLKiMcc6cYHAC1FjOSF9CBZPZQCkCSDJRPk0cow1ZCx3kKt6LE0cicr1WuXwHxm1OSuOesIrMgMR1SHLNzfWLVN91vAXkSP6cLpN%2Fl2uYVdG93hjDS7%2Bk%3D; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=2592000; includeSubDomains
x-content-options: nosniff
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=89577d6d78010025&e=UmFuZG9tSVYkc2RlIyh9YaKT1Ar0s2gSEmakdtrUqsuv76jkxA5iEB9UCeVLmaJV-aeeXKxbKHQ
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QS1Pa-ZNX7k6p8goFPPyUUNKbIdebUnGDeh1HY8btj5Zo7LiYxrKsA==
X-Firefox-Spdy: h2

www.booking.com/dml/graphql?lang=en-us

54.230.111.57

200 OK

3.1 kB

URL POST HTTP/2
www.booking.com/dml/graphql?lang=en-us
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
JSON text data
Size
3.1 kB (3103 bytes)
Hash
07e223863d13a56df934071709e9d7e4
45feb438205ce040d75cfa9058b2ea0ffb4aa4e6
52e22c7ad1cab995363a8943843e27d3fe37610dd2094d8004421a16a645dcfa

HTTP Headers

POST /dml/graphql?lang=en-us HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
content-type: application/json
x-booking-context-action-name: index
x-booking-context-aid: 304142
x-booking-csrf-token: eyJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJjb250ZXh0LWVucmljaG1lbnQtYXBpIiwic3ViIjoiY3NyZi10b2tlbiIsImlhdCI6MTcxMzI4OTgxNSwiZXhwIjoxNzEzMzc2MjE1fQ.l8_gkzMbBcoRl3xohIWWgV9sIgQrsAy-TmL_BbZUfVk_rRtj2XJpbttVq0ARptvCnEzNbmVs0l1xyNSK3JDzKw
x-booking-et-serialized-state: E8zvz6OpxgXskSsmsqpm8DXDuFKQccDOKfpjXS_j0phxn8F2I21Og-8o2qwaEPsHa
x-booking-pageview-id: e1027d6b28d009d9
x-booking-site-type-id: 1
x-booking-timeout-budget-ms: 1500
x-booking-timeout-ms: 1500
x-booking-topic: capla_browser_b-index-lp-web-mfe
x-envoy-expected-rq-timeout-ms: 1500
Content-Length: 7115
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 3103
server: nginx
date: Tue, 16 Apr 2024 17:50:18 GMT
vary: Accept-Encoding, User-Agent
content-encoding: br
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbiKbS0JOgDBJDp4pXZqR0KQZF2T4%2BBmpyt3vB5pTs%2FFXhUA7hfTB2S%2F9c%2BTGc%2FQhtaMrGPmM6bQShNq%2FBbXQXR7oHoSSzNC45yDrJsuWjNRjR8M1CXzfF9jkuBvvJiP39JQiKw82HRvk6NF0qF%2Bs%2BiVYc0ohiPF6gBUWn9xMFrIQ%3D; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=2592000; includeSubDomains
x-content-options: nosniff
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=ac247d6d9a2e0278&e=UmFuZG9tSVYkc2RlIyh9YQyOc33qmp8WHR7A8UUx6hbHIfwfMgQDGYteJD36SXR1TcJ_0eMhU70YyRX5BEnu6Q
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PepFPBIKwAHItwUKWzDuWq8v_BjlP0C25BYXi9NfNG4i6FQL6IGCDQ==
X-Firefox-Spdy: h2

www.booking.com/dml/graphql?lang=en-us

54.230.111.57

200 OK

1.6 kB

URL POST HTTP/2
www.booking.com/dml/graphql?lang=en-us
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
JSON text data
Size
1.6 kB (1579 bytes)
Hash
f6c3e4b39af4e811c57e50cb586e518c
9c4e04264e9b84b29d2c7d62e74197bf2c14b8fe
6a30a873fb8acfe60f40f5421d722029e99712437264088d87d724080e70279e

HTTP Headers

POST /dml/graphql?lang=en-us HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
content-type: application/json
x-booking-context-action-name: index
x-booking-context-aid: 304142
x-booking-csrf-token: eyJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJjb250ZXh0LWVucmljaG1lbnQtYXBpIiwic3ViIjoiY3NyZi10b2tlbiIsImlhdCI6MTcxMzI4OTgxNSwiZXhwIjoxNzEzMzc2MjE1fQ.l8_gkzMbBcoRl3xohIWWgV9sIgQrsAy-TmL_BbZUfVk_rRtj2XJpbttVq0ARptvCnEzNbmVs0l1xyNSK3JDzKw
x-booking-et-serialized-state: E8zvz6OpxgXskSsmsqpm8DXDuFKQccDOKfpjXS_j0phxn8F2I21Og-8o2qwaEPsHa
x-booking-pageview-id: e1027d6b28d009d9
x-booking-site-type-id: 1
x-booking-timeout-budget-ms: 1500
x-booking-timeout-ms: 1500
x-booking-topic: capla_browser_b-index-lp-web-mfe
x-envoy-expected-rq-timeout-ms: 1500
Content-Length: 7115
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 1579
server: nginx
date: Tue, 16 Apr 2024 17:50:18 GMT
vary: Accept-Encoding, User-Agent
content-encoding: br
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3UMopcv79pntoQi6Cz3p8ztYQ9QULqA7qtrDANmNlqAaiVWJCCqigVAiw6ikSGOrWYX9h2G9m8XpihaNu2PwM8jFnS%2FXVFPtLGXCjXq89GlMZ2y7APzSSEGQd1p7H98c3tDgoj9ctZoKczaozJF%2BEpryEl2N3T50%2Bs%3D; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=2592000; includeSubDomains
x-content-options: nosniff
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=ea4e7d6d84210329&e=UmFuZG9tSVYkc2RlIyh9YQyOc33qmp8WHR7A8UUx6hbHIfwfMgQDGdh1ofitwuZ-jz8Plxm1A3MJJCz0qsPtgw
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cM86KKfbVl51HNecwOZdftzZUUDGO7BLR7g5vd3YB9AOPaa1tt2f2A==
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/59306dc3.201acd28.chunk.js

143.204.55.112

200 OK

41 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/59306dc3.201acd28.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
41 kB (41331 bytes)
Hash
44d281c621d3299632d2b3f3df9594ed
907a8d1ed3e14d72b4d2d380d05a8332cf04a717
c0cba5fcd1784070bf9fd139f487dcef8db12aff7a43f2d43ede6baa83761ea1

HTTP Headers

GET /psb/capla/static/js/59306dc3.201acd28.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 17:54:00 GMT
last-modified: Fri, 12 Apr 2024 12:28:09 GMT
etag: W/"44d281c621d3299632d2b3f3df9594ed"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: yAaQVgkCgy5Rias9CUAKRyxBq5LzJZkk
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vXCcBggW-H9MN11w3qld_1BnS39tTNCJYgmm731cmiEp5lFdI3tIdw==
age: 86177
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

www.booking.com/dml/graphql?lang=en-us

54.230.111.57

200 OK

3.7 kB

URL POST HTTP/2
www.booking.com/dml/graphql?lang=en-us
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
JSON text data
Size
3.7 kB (3692 bytes)
Hash
c692780e6a804d136e74c84af7bc6916
f6f8e63d0b88bc7280ed152557ca338bb29679dc
d1cc73d6c21062a2f2ab150ff3580c7b8c5c566daf0b751b5539afb853914c89

HTTP Headers

POST /dml/graphql?lang=en-us HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
content-type: application/json
x-booking-context-action-name: index
x-booking-context-aid: 304142
x-booking-csrf-token: eyJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJjb250ZXh0LWVucmljaG1lbnQtYXBpIiwic3ViIjoiY3NyZi10b2tlbiIsImlhdCI6MTcxMzI4OTgxNSwiZXhwIjoxNzEzMzc2MjE1fQ.l8_gkzMbBcoRl3xohIWWgV9sIgQrsAy-TmL_BbZUfVk_rRtj2XJpbttVq0ARptvCnEzNbmVs0l1xyNSK3JDzKw
x-booking-et-serialized-state: E8zvz6OpxgXskSsmsqpm8DXDuFKQccDOKfpjXS_j0phxn8F2I21Og-8o2qwaEPsHa
x-booking-pageview-id: e1027d6b28d009d9
x-booking-site-type-id: 1
x-booking-topic: capla_browser_b-index-lp-web-mfe
Content-Length: 540
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 3692
server: nginx
date: Tue, 16 Apr 2024 17:50:18 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCo0rw0J4Z52mANP5uu6kPYHfu0JO3CMz3gN1CaYisrZVxZ6zS%2BI%2FE2fk8NK4KPVQ%2FPGHqqKLDb8XPyGkzH0XxmAxo35Ad%2BMQRQnX0VElAdaAuMejWVCGjBMOAitow4sQd%2F620Su%2BCOMGsP4Gg56K3wgrcwpswli%2FN4%3D; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=2592000; includeSubDomains
x-content-options: nosniff
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=df407d6d1df103f7&e=UmFuZG9tSVYkc2RlIyh9YQyOc33qmp8WHR7A8UUx6hbHIfwfMgQDGXJV5s8IfcWiaGQTaUJGaHhfb8uhsUGTVw
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RAmS0g4GoBXFLbHam1mzLvYXSRpWRLL5fyJRloQpSDCJ4a6G7n4azQ==
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/0a098284.036ea833.chunk.js

143.204.55.112

200 OK

11 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/0a098284.036ea833.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
11 kB (11415 bytes)
Hash
9b1b8bfe934d2fa18dba3b7b3fc6c265
f25330a8ebda3048beccf5077d81582b667ffa7b
91f14fa4bebc160dabba118caad6f8f6752e2c45170c2ae9926fe0765c545b76

HTTP Headers

GET /psb/capla/static/js/0a098284.036ea833.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 14 Apr 2024 05:22:18 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: QhEkf4j5uyrvxFxynyD.bQ14vv5R_rZ6
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 01:31:08 GMT
etag: W/"fc5c3100b0f235ccd3243ffa5ac8be4b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wELcq4YLWmUTxjeblY3D2dR6SvyPN71D12XGRjgGe0HQe9XQjntm-A==
age: 58749
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

www.booking.com/dml/graphql?lang=en-us

54.230.111.57

200 OK

122 B

URL POST HTTP/2
www.booking.com/dml/graphql?lang=en-us
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
JSON text data
Size
122 B (122 bytes)
Hash
0b2dfda53552405aac624c0767e18064
f577904e7b28bb5b79d91d1871b3b64446ab2dc7
7e58c7ba7e2d769f768b24fd40c7628bb6fda6045ee48d6d0ea4cb7728f1d973

HTTP Headers

POST /dml/graphql?lang=en-us HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
content-type: application/json
x-booking-context-action-name: index
x-booking-context-aid: 304142
x-booking-csrf-token: eyJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJjb250ZXh0LWVucmljaG1lbnQtYXBpIiwic3ViIjoiY3NyZi10b2tlbiIsImlhdCI6MTcxMzI4OTgxNSwiZXhwIjoxNzEzMzc2MjE1fQ.l8_gkzMbBcoRl3xohIWWgV9sIgQrsAy-TmL_BbZUfVk_rRtj2XJpbttVq0ARptvCnEzNbmVs0l1xyNSK3JDzKw
x-booking-et-serialized-state: E8zvz6OpxgXskSsmsqpm8DXDuFKQccDOKfpjXS_j0phxn8F2I21Og-8o2qwaEPsHa
x-booking-pageview-id: e1027d6b28d009d9
x-booking-site-type-id: 1
x-booking-timeout-budget-ms: 1500
x-booking-timeout-ms: 1500
x-booking-topic: capla_browser_b-index-lp-web-mfe
x-envoy-expected-rq-timeout-ms: 1500
Content-Length: 1948
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPedQbj6gJ91YLqjhOOZS86e37UfsoO3uO2F411N%2BjzDPo7bLKiMcc6cYHAC1FjOSF9CBZPZQCkCSDJRPk0cow1ZCx3kKt6LE0cicr1WuXwHxm1OSuOesIrMgMR1SHLNzfWLVN91vAXkSP6cLpN%2Fl2uYVdG93hjDS7%2Bk%3D; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238&isGpcEnabled=0&datestamp=Tue+Apr+16+2024+17%3A50%3A18+GMT%2B0000+(GMT)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=956986c8-8261-4674-9326-f3228b804c7f&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.booking.com%2F; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 122
server: nginx
date: Tue, 16 Apr 2024 17:50:18 GMT
vary: Accept-Encoding, User-Agent
content-encoding: br
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCo0rw0J4Z52mIGh1LtKFaKljeRYKlRPo6wKrazk1qBPjUyt%2BGfkfaoqyO8zr8ceNaPKA4clPTIXbLP0DlqhqNWOiXAe8JGMxtBOMluTXZICSY6va91iUHU5K7bFuiDIJAL0MG4hwfjtcL3%2FdbLoDZD4OsUHerw8Ww0%3D; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=2592000; includeSubDomains
x-content-options: nosniff
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=68d07d6d07100141&e=UmFuZG9tSVYkc2RlIyh9YQyOc33qmp8WHR7A8UUx6hbHIfwfMgQDGRAalCPpi8IlkmdOG2Km0SUSKDxu4KOIsg
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2oUytjUWuCY6khXGlgGCS_7ccUxcuQIUDgC_CBDDg8qnJxfsYFnKFQ==
X-Firefox-Spdy: h2

accounts.google.com/gsi/style

108.177.14.84

200 OK

3.5 kB

URL GET HTTP/3
accounts.google.com/gsi/style
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://www.booking.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
gzip compressed data, max compression
Size
3.5 kB (3549 bytes)
Hash
95e009c357d94afdfffa6f586b369e9d
51cfb73a8bc6939ebfecfdb3028c7e4a156873ac
caef834b94c1cc295dae2bcebc13f2109c043a424c4ce77cbb9b9137e1dd19b3

HTTP Headers

GET /gsi/style HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
expires: Tue, 16 Apr 2024 17:50:18 GMT
date: Tue, 16 Apr 2024 17:50:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-anJnfHGKn66ME4nyWw4wGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

privacyportal-eu.onetrust.com/request/v1/consentreceipts

104.18.32.137

200 OK

0 B

URL POST HTTP/2
privacyportal-eu.onetrust.com/request/v1/consentreceipts
IP
104.18.32.137:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.booking.com/
Certificate
IssuerCloudflare, Inc.
Subjectonetrust.com
FingerprintE1:4A:A6:D2:7B:E2:17:F0:B0:12:1F:CA:54:02:7D:C1:0A:96:A1:E4
ValiditySun, 21 May 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /request/v1/consentreceipts HTTP/1.1
Host: privacyportal-eu.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.booking.com/
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:50:18 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
access-control-allow-headers: content-type
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87560455ce3a5688-OSL
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/714x300/316455553.jpeg?k=33c0362560b6aa7ff9ba2afc3ef8d120728107cf56cd1c006fcf0da8c1821735&o=

143.204.55.112

200 OK

138 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/714x300/316455553.jpeg?k=33c0362560b6aa7ff9ba2afc3ef8d120728107cf56cd1c006fcf0da8c1821735&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 714x300, components 3
Size
138 kB (138312 bytes)
Hash
b70d03fef489d61ac2be2ed5b08d1c23
4b43f437480ae3532a73afae3fc24d0be840c4d1
55a62f250615c97ebcb25a932d79285dd947dbd664f966936c0a29530ff616cc

HTTP Headers

GET /xdata/images/xphoto/714x300/316455553.jpeg?k=33c0362560b6aa7ff9ba2afc3ef8d120728107cf56cd1c006fcf0da8c1821735&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-language: 29725
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Fri, 12 Apr 2024 09:45:12 GMT
cache-control: max-age=2592000
etag: "5b80b753d41f161d6177b49c93a30481ddafbb2a"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 92yvodXuPtXgQ6wteKDAn28LEL13VsNeg9jF-nvsgDXWsYg66BX4ow==
age: 374706
X-Firefox-Spdy: h2

www.booking.com/dml/graphql?lang=en-us

54.230.111.57

200 OK

2.4 kB

URL POST HTTP/2
www.booking.com/dml/graphql?lang=en-us
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
JSON text data
Size
2.4 kB (2410 bytes)
Hash
b6739193326e02af6f9c9801c243753f
5356d443d9dc5df3b85ce5576527419835ccc4b0
6422eaf2cc6e2278225fc17c386ebdcb7f225f21a26f5522df369de881f20d44

HTTP Headers

POST /dml/graphql?lang=en-us HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
content-type: application/json
x-booking-context-action-name: index
x-booking-context-aid: 304142
x-booking-csrf-token: eyJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJjb250ZXh0LWVucmljaG1lbnQtYXBpIiwic3ViIjoiY3NyZi10b2tlbiIsImlhdCI6MTcxMzI4OTgxNSwiZXhwIjoxNzEzMzc2MjE1fQ.l8_gkzMbBcoRl3xohIWWgV9sIgQrsAy-TmL_BbZUfVk_rRtj2XJpbttVq0ARptvCnEzNbmVs0l1xyNSK3JDzKw
x-booking-et-serialized-state: E8zvz6OpxgXskSsmsqpm8DXDuFKQccDOKfpjXS_j0phxn8F2I21Og-8o2qwaEPsHa
x-booking-pageview-id: e1027d6b28d009d9
x-booking-site-type-id: 1
x-booking-timeout-budget-ms: 1500
x-booking-timeout-ms: 1500
x-booking-topic: capla_browser_b-index-lp-web-mfe
x-envoy-expected-rq-timeout-ms: 1500
Content-Length: 2005
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238&isGpcEnabled=0&datestamp=Tue+Apr+16+2024+17%3A50%3A18+GMT%2B0000+(GMT)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=956986c8-8261-4674-9326-f3228b804c7f&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.booking.com%2F; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 2410
server: nginx
date: Tue, 16 Apr 2024 17:50:18 GMT
vary: Accept-Encoding, User-Agent
content-encoding: br
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT8n2szUGLR3NChP0ToJA0eO1nasTdu6vPSz0hpGzgI9Eua7RFW3jbZdMduS4E6YNibKfeckQdnTYRikNuBuv5Tvs2TgZqqk2AVaguvny8bEzrOrtCE49w9Y4ODOa1Rh1p5keLKdpXT76NCStFHJABLG%2F0h2xaecqkY%3D; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=2592000; includeSubDomains
x-content-options: nosniff
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=42c57d6d7c3802a6&e=UmFuZG9tSVYkc2RlIyh9YQyOc33qmp8WHR7A8UUx6hbHIfwfMgQDGfKuMJ0D2iNjP1UDzBezPXTredtm3LfV5Q
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FqdbzFQ0XhIJ-kHiXG8A9KB8IIzooPP4Yzq3ofq07NY0zUyME4I5bg==
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450082.jpeg?k=beb101b827a729065964523184f4db6cac42900c2415d71d516999af40beb7aa&o=

143.204.55.112

200 OK

30 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450082.jpeg?k=beb101b827a729065964523184f4db6cac42900c2415d71d516999af40beb7aa&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
30 kB (30545 bytes)
Hash
9968403297af83cbcd95a2372271346b
8756cce2c985c6332ccae0cff6577a19f96d5d43
bcb5e93825d1936b99265a0c310039b22fbcd1231d8947f76e396e17a286a097

HTTP Headers

GET /xdata/images/xphoto/263x210/45450082.jpeg?k=beb101b827a729065964523184f4db6cac42900c2415d71d516999af40beb7aa&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 18 Mar 2024 19:17:18 GMT
etag: "dc7c5b4b80a5725d17634bed31f74382f04698fd"
content-language: 10776
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U-P_Ff8wtKBjbmOV8aBr6gXRmvF10mmeHkzac6g6k9vj8-iwYzSc9g==
age: 2500380
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/city/170x136/644293.jpg?k=24c08396bd44343c9dcc78f0df41e114bf7e6aeda3d339101c37e7ba3aa707db&o=

143.204.55.112

200 OK

5.4 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/city/170x136/644293.jpg?k=24c08396bd44343c9dcc78f0df41e114bf7e6aeda3d339101c37e7ba3aa707db&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x136, components 3
Size
5.4 kB (5421 bytes)
Hash
2500c3ceb70ede8cd27aa8104b6ba08d
171e77bfa910c602acd969ad5a2d6240764a01e2
85d4039adc55e4225f4f70866622be1d30a8978738539db37085264adff1c3d2

HTTP Headers

GET /xdata/images/city/170x136/644293.jpg?k=24c08396bd44343c9dcc78f0df41e114bf7e6aeda3d339101c37e7ba3aa707db&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 5421
server: nginx
content-language: 5421
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Sat, 30 Mar 2024 06:11:33 GMT
cache-control: max-age=2592000
etag: "0cc34fa50815c534b0e6a4a3db51d7118e56da40"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0aOe5MJASu6LggvUnqVixbrrXUafHcDJqWqYDNJYjg8BL4lRkUi5EQ==
age: 1510725
X-Firefox-Spdy: h2

privacyportal-eu.onetrust.com/request/v1/consentreceipts

104.18.32.137

200 OK

17 kB

URL POST HTTP/2
privacyportal-eu.onetrust.com/request/v1/consentreceipts
IP
104.18.32.137:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.booking.com/
Certificate
IssuerCloudflare, Inc.
Subjectonetrust.com
FingerprintE1:4A:A6:D2:7B:E2:17:F0:B0:12:1F:CA:54:02:7D:C1:0A:96:A1:E4
ValiditySun, 21 May 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
17 kB (17134 bytes)
Hash
c08f360513a2a11e8b593c4f95634aad
26a1fcbad6bcbcbcb5c7827a70da21e4cc5fe2a5
a71840af6f1965c73c81177072bc4b0d445d04bc1376f3055016ece996039ede

HTTP Headers

POST /request/v1/consentreceipts HTTP/1.1
Host: privacyportal-eu.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 11164
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:50:18 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-onetrust-receiptid: 7ba9dfab-7548-4f19-827d-01d560929fc2
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 875604564f2b5688-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/57584488.jpeg?k=d8d4706fc72ee789d870eb6b05c0e546fd4ad85d72a3af3e30fb80ca72f0ba57&o=

143.204.55.112

200 OK

62 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/57584488.jpeg?k=d8d4706fc72ee789d870eb6b05c0e546fd4ad85d72a3af3e30fb80ca72f0ba57&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
62 kB (61649 bytes)
Hash
3ed8d37eba1334392ba1a7017a37840e
8267e9352080ec9f2c5f36878b6718fdfecdf36f
2ce236d33fdbe5855c672f3746f2f69d7259ef5ca12b0319705d2766948d450a

HTTP Headers

GET /xdata/images/xphoto/263x210/57584488.jpeg?k=d8d4706fc72ee789d870eb6b05c0e546fd4ad85d72a3af3e30fb80ca72f0ba57&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:05:20 GMT
content-language: 8621
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "196fea0ab45d56a1dbce18f3c3cd9eb1a591fb85"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RSDEpmpJO0xr4IfSZ53ZPW86IZzQJK4MD4ax1-3NhD4jG68wZHQ6gA==
age: 2274298
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/540x405/288300879.webp?k=20a291605b4d1cc6c15b1ee3f9598c22ddb81a8d5ed73135330e426f8d2b9629&o=

143.204.55.112

200 OK

49 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/540x405/288300879.webp?k=20a291605b4d1cc6c15b1ee3f9598c22ddb81a8d5ed73135330e426f8d2b9629&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 540x405, Scaling: [none]x[none], YUV color, decoders should clamp
Size
49 kB (48653 bytes)
Hash
3279115d5b6a8b7d0e5b786246fafdaf
85fb80d3c3a86df639b3464af0d9c11909bfe0b4
ea0848efbab836e5653eb0458327d62e0ad78b48a7ccb8c57405185051fefdb6

HTTP Headers

GET /xdata/images/xphoto/540x405/288300879.webp?k=20a291605b4d1cc6c15b1ee3f9598c22ddb81a8d5ed73135330e426f8d2b9629&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Wed, 03 Apr 2024 04:47:08 GMT
content-language: 33828
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "295b294e3a0689b395787df4e43c129bf4669e6d"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dTU1ggDmSI8MLR4LVYO-WSAW7OGH1lQoKJD6vNvDbXGwkJmz06Enyw==
age: 1170188
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/5f127cf4.97c2b1a6.chunk.js

143.204.55.112

200 OK

70 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/5f127cf4.97c2b1a6.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
70 kB (69798 bytes)
Hash
c1cccc5c3ec9b9629482c5d0ab19d734
68636423f4410fa926eba5c13510bc2306e1a620
e0040116e9a3387b0123faa12d490239e0fb4b0819dd5c058935570e64f7dc0e

HTTP Headers

GET /psb/capla/static/js/5f127cf4.97c2b1a6.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 18:12:33 GMT
last-modified: Mon, 15 Apr 2024 14:39:49 GMT
etag: W/"10cab819aad9c043a475f5e4ea56c8d6"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: Bsls4.jsxY8G5KW_7qu8vOxFI5Gj.IBe
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kDRRnkQmFV41fYiLRpc1MJDsZDtzjQCT6_mcmC898Sf3eWOvGwqgCQ==
age: 85064
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/0d073a5f.c1d66f4e.chunk.js

143.204.55.112

200 OK

27 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/0d073a5f.c1d66f4e.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
27 kB (27256 bytes)
Hash
176cda007c642184377e813406adb352
80793da8d8e2a243f439ca14a20729263b0b7f22
d75a63e38b543644cb001dff84062c69724e8687d8c60db35f0b3bd94cae4786

HTTP Headers

GET /psb/capla/static/js/0d073a5f.c1d66f4e.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 14:39:47 GMT
etag: W/"a0925d92c4c9528c77ba1b4a91e95e34"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: uaR70o68yJBIEBJZM3GxV6waj9uOo6Xq
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XS1tu6cVLCs979XYsgSs5j2aQbyZO0Y49c9IiSGLdd_0QNe_y3s9Kw==
age: 81337
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/6b631c3f.4ad2f2c7.chunk.js

143.204.55.112

200 OK

54 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/6b631c3f.4ad2f2c7.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
54 kB (54212 bytes)
Hash
88cd31e190ba24a023398ebbea8349bb
442a4127b0e69ca8bc5bdc63e0db60b85e224743
10542e65d7fc10f657a64b3683749e6a2f320b6ab4c7923c35b84981d32181a8

HTTP Headers

GET /psb/capla/static/js/6b631c3f.4ad2f2c7.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 17:54:00 GMT
last-modified: Mon, 15 Apr 2024 14:39:49 GMT
etag: W/"8222121ade8cc64dad7e00376c36088a"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: VW6JgNyhsrZ9hYqpK73gPrBojYUCqu68
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fW8MO_yJJ1JCimBTvExYqTlvioXU8S5jSMHiKCbBBAKqtsugW8CbNg==
age: 86177
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/remoteEntry.431ad6f4.client.js

143.204.55.112

200 OK

43 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/remoteEntry.431ad6f4.client.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
43 kB (42949 bytes)
Hash
b9c095fc191583560428278b8b5ede2b
5be636945d2d97f330be85c5c677b2f423962f6e
3891a139843d6938b07d11d538ae079be3d3bde5bc5bc0ea6ab33be10017db0d

HTTP Headers

GET /psb/capla/static/js/remoteEntry.431ad6f4.client.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 18:14:26 GMT
last-modified: Fri, 05 Apr 2024 08:49:14 GMT
etag: W/"526e1b9efddd7dcdef6e271cf5d6624f"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: hnJW8X3TIobxhZsuKfVc2eaN1I4wNW0l
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6Sc3YG36nuUFgJldJ6FhrZ_r5t8DMkgShADi50XF0OxBqTgoOPfOOA==
age: 84951
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450093.jpeg?k=aa5cc7703f3866af8ffd6de346c21161804a26c3d0a508d3999c11c337506ae1&o=

143.204.55.112

200 OK

14 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450093.jpeg?k=aa5cc7703f3866af8ffd6de346c21161804a26c3d0a508d3999c11c337506ae1&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
14 kB (14246 bytes)
Hash
cdb8612b2e4eccd2df70a8d60567edd4
ea0e2c779927f210bee3ad7189da94a2eaa8f2a0
a7637d7f72c7b6fd7b97fa7cfa57bb721f2c6d3146a128dc00ce2d7907340161

HTTP Headers

GET /xdata/images/xphoto/263x210/45450093.jpeg?k=aa5cc7703f3866af8ffd6de346c21161804a26c3d0a508d3999c11c337506ae1&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 01 Apr 2024 15:31:08 GMT
content-language: 10434
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "bc90e8a63896c558548037ab9e0dad7d0ee94fca"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1UbaENee3nzY6ixZWztr4pOalLd-7AF-1toM2LyYg5DyKGhS6L5x0g==
age: 1304350
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450074.jpeg?k=7039b03a94f3b99262c4b3054b0edcbbb91e9dade85b6efc880d45288a06c126&o=

143.204.55.112

200 OK

34 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450074.jpeg?k=7039b03a94f3b99262c4b3054b0edcbbb91e9dade85b6efc880d45288a06c126&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
34 kB (33727 bytes)
Hash
afdf99f0f15abba61263aba681433958
c7ed4694517215619e41ba3700225fd81208d982
4d4f570e288f2f38efb72e455ff566e1abe9044386aaa638d6642f40dcf27467

HTTP Headers

GET /xdata/images/xphoto/263x210/45450074.jpeg?k=7039b03a94f3b99262c4b3054b0edcbbb91e9dade85b6efc880d45288a06c126&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:52:51 GMT
etag: "b20b1dc7e36ae82b6a50902c9ab2912586cb4c09"
content-language: 16100
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Jk64vxLie7YsJdJhoC2MDZbT8qZ5L3WyHXufBpuo_yHPKREHVV_pEA==
age: 2271447
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450064.jpeg?k=4d4ea22dc4828fd55a3889e90531c9841ddb2d9abf460c420cdd24f2a9b658d2&o=

143.204.55.112

200 OK

15 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450064.jpeg?k=4d4ea22dc4828fd55a3889e90531c9841ddb2d9abf460c420cdd24f2a9b658d2&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
15 kB (14890 bytes)
Hash
d7c3269bdfc17775eff5515ed1c5be14
6e082a68394a004c261561ea6c1f5fb265f1e873
ea31828c83518e6e4feb797ef72c7e5ecf1d1221190c829d5c1369f04683a84f

HTTP Headers

GET /xdata/images/xphoto/263x210/45450064.jpeg?k=4d4ea22dc4828fd55a3889e90531c9841ddb2d9abf460c420cdd24f2a9b658d2&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Tue, 09 Apr 2024 06:57:37 GMT
content-language: 14855
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "a2e688bec1fbee393df26f05a03c77c9d1bb9e79"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hDua_4y1gdOmvGcvIgtA3kO8Yeg4Vx4AQkvPiIq0PHxTssg1ifm31Q==
age: 643961
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450073.jpeg?k=795a94c30433de1858ea52375e8190a962b302376be2e68aa08be345d936557d&o=

143.204.55.112

200 OK

23 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450073.jpeg?k=795a94c30433de1858ea52375e8190a962b302376be2e68aa08be345d936557d&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
23 kB (22620 bytes)
Hash
7409abbf9bf6145ac5e4fd42bf9100bd
35449f7279bd01ca130fdf494c3ee567afe35cea
efa35ec0e4f6daf470a4d0afd968bd4ea63a8640434481dc9ef57c8093fcddbd

HTTP Headers

GET /xdata/images/xphoto/263x210/45450073.jpeg?k=795a94c30433de1858ea52375e8190a962b302376be2e68aa08be345d936557d&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sat, 06 Apr 2024 11:00:12 GMT
content-language: 8996
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "2a7fd6242a5eea5697aaeb5e0c88798f848bd51d"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JpRJNqVuZ9GrWz0gSKfAnJkLlqBZcZXPZMFA88WMcz-UlMdbcOaD6Q==
age: 888606
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040584.jpg?k=3b491418b21d27f8c16af8a77641a6e2e3b12f04c7324a3bb1685eceb7cc2418&o=

143.204.55.112

200 OK

99 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040584.jpg?k=3b491418b21d27f8c16af8a77641a6e2e3b12f04c7324a3bb1685eceb7cc2418&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
99 kB (99035 bytes)
Hash
3bb24ef8c1a2441a4ced012205ff370f
4765216b7ab2477b6409dce6117c052dc40ff03e
fbf156a318941b9cac3097894070c2311936edf02d78aa1368c5f508b6045c1f

HTTP Headers

GET /xdata/images/xphoto/300x240/140040584.jpg?k=3b491418b21d27f8c16af8a77641a6e2e3b12f04c7324a3bb1685eceb7cc2418&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 17 Mar 2024 21:33:18 GMT
etag: "db6955bf370d5501b267fe905c5e309bfc09ec0a"
content-language: 13632
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QRKtKcwQoQmzdGW7U_akDxbIvLYzWdPqsTDcVIkqMIqf7tzmWD7Qzw==
age: 2578620
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140052559.jpg?k=e5d20d58f64d0e9bce340c667038f11130c855e3cb60ca85dd6b91a5295433d5&o=

143.204.55.112

200 OK

60 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140052559.jpg?k=e5d20d58f64d0e9bce340c667038f11130c855e3cb60ca85dd6b91a5295433d5&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
60 kB (59515 bytes)
Hash
500a3c8e358b806d0940a8bc424b981f
c3af1dac5d14754e965cfe8b0ad5d47c208ddf37
9b4cbf320feef4a84d0e6809930758392c6878612460b70ac7cb2dd4da03884b

HTTP Headers

GET /xdata/images/xphoto/300x240/140052559.jpg?k=e5d20d58f64d0e9bce340c667038f11130c855e3cb60ca85dd6b91a5295433d5&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Tue, 19 Mar 2024 13:17:03 GMT
etag: "2d62131878c505b6ac46e35472f061a6afdd5026"
content-language: 8741
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Z3Yu-5mdR_4IqwaVYh6ataiA98cAUQhNpkiiw3wg0JVDva0ppmE83g==
age: 2435595
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040837.jpg?k=154f1c361fa53f635e5be2e40bb85c396eab774a01d7187f9e15f4b2554d0306&o=

143.204.55.112

200 OK

83 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040837.jpg?k=154f1c361fa53f635e5be2e40bb85c396eab774a01d7187f9e15f4b2554d0306&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
83 kB (83170 bytes)
Hash
1eb910bbe3a581fdf4db85d961064b2d
71d96cf3d9534d467b1b9573adbfc128a79f564b
0e2da613f9cfcab644ab9103c3f6a836ef408ef170feacd197d6da4813ff50ca

HTTP Headers

GET /xdata/images/xphoto/300x240/140040837.jpg?k=154f1c361fa53f635e5be2e40bb85c396eab774a01d7187f9e15f4b2554d0306&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sat, 30 Mar 2024 07:36:18 GMT
etag: "9db7c946fd8c4c903cdb75a9a2691ccf50dd20ac"
content-language: 16571
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DagaxoV9XvtGVeZNH0vXZc-PRhvaCsb5iaER1SOq9LQAW1nQ1l-LbQ==
age: 1505640
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x197/321923131.jpeg?k=acb99a7c8201734e0264ee1fa70cde287f371269b9741958b0519b00be443123&o=

143.204.55.112

200 OK

13 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x197/321923131.jpeg?k=acb99a7c8201734e0264ee1fa70cde287f371269b9741958b0519b00be443123&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Size
13 kB (12876 bytes)
Hash
c091f2160b9656336d3c129c957145fc
faa53f3dc5cbead91af9c21b29b78aac172c91db
86b04eed5ee602f11161b8bd73bbae038b85fa0df4a43ca95ef180076632ae5d

HTTP Headers

GET /xdata/images/xphoto/263x197/321923131.jpeg?k=acb99a7c8201734e0264ee1fa70cde287f371269b9741958b0519b00be443123&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 05 Apr 2024 12:48:09 GMT
etag: "e1b0d69aefe2e4f8b126a6cbadd8e07064514ac4"
content-language: 12837
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hLGwwTYSWHdAFzDgHRPYVj-lFMXPYg80sF9ycadFRtC68POmPApjjg==
age: 968529
X-Firefox-Spdy: h2

www.booking.com/sendlayoutevents

54.230.111.57

200 OK

18 B

URL POST HTTP/2
www.booking.com/sendlayoutevents
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
JSON text data
Size
18 B (18 bytes)
Hash
81a3741954559ea5a2af17ab488aa906
83d235a4128e9828371fad4e5e22d55f168a3d6e
2e7f2cc2c0508d98633eb152c7625085e0cad3a9ca467575ae2b7056e49822dc

HTTP Headers

POST /sendlayoutevents HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Booking-Pageview-Id: e1027d6b28d009d9
X-Booking-AID: 304142
X-Booking-Session-Id: 6310d4b1432373d4128c998e03fdd1fb
X-Booking-SiteType-Id: 1
X-Partner-Channel-Id: 3
X-Booking-Label: gen173rf-1FCAEoggI46AdIM1gDaKoBiAEBmAExuAEZyAEP2AEB6AEB-AECiAIBogISYWlyLmJuYi1pZDMyMDQuY29tqAIDuALX9PqwBsACAdICJDZlNTEzYjA2LThjNjUtNDc5ZS04NWM1LTNlZDdkMzhmNDdjONgCBeACAQ
X-Booking-CSRF: l/IeZgAAAAA=BVyfpIXbtEd8ikiwCPMc1R90gP_w1JDkxjMOqcOosVmOZ_HShux4glJ448KpmPXdfw3jBZjuS13ilZlMmLqs8j3A5AHRbrPNhbUDas0v6AfRbJwVwbbYPUqO20I0c9I4IH1y4W9LLjko2G4BDArKrUIFVT1J7_lA05m3dNrSC50cP-BGQi5MMj-MrP3XCa_HG1ijPkdKRLf1Pkvr
X-Booking-Language-Code: en-us
X-Booking-Client-Info: cCHObXKeNJAbINFPIWBccCcCcCC|4,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2
X-Booking-Info: 1856950,1865390,1931000,1932080,1932100,1932110,1939730,1943090,1946400,1958000,1959390,1960550,1960640,1962740,cCHObTULHfAFFQZcfHSdFaLbFFRURURHe|1,cCHObXKeNJAbINFPIWBccCcCcCC|4,1960550|1,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2,dDfPWPHDDZSOBJbKYfNIfPTDWe|1,YTTHbXeeVJWcFKJPFNJQVVEbMKXe|1,YTTHbXeeVJWcFKJPFNJQVVEbMKXe|5,aXTfOFJZMYeKTcABVYUfFdHMPVWCGTQJQJET|1,aXTfOFJZMYeKTcABVYUfFdHMPVWCGTQJQJET|2,aXTfMZMYeKTcNGEcfFdHMPVUPHET|1,TZUfONebEWAUFccRMVIZdRRT|1,aXTfMZMYeKTcNGEcfFdHMPVUPHET|3,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|1,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|7,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|8,NAFLeOeJHSCQQGPLUPHBeZdRNYYdTUWe|1,cCHObVZMYCMKdFEVJTNIKdFHaO|1,cCHObVZMYCMKdFEVJTNIKdFHaO|3,NAFLeOeJcQEcVOdWNeYZdfdbJae|1,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|1,cCHObKdBdUHINPSXeHDALOLOLMO|1,cCHObKdBdUHINPSXeHDALOLOLMO|5,cCeIVOMPWAEeIcFARSYSbZDQSXbaTaTaET|3,cCeIVOOLfOECVVDFRURURHe|1,cCeIVOOLfOECVVDFRURURHe|2,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|1,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|2,YTTHbXeeVeCFZAcbRbROfLMTeCYHDRFcO|4,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|1,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|1,cCHObdRdJJVdfUSCEcdNHMddKNKNKWe|1,cCHObdRdJJVdfUJGFDSeBcZFLMFRURURHe|1,cCHObdRdJJVdfUJGFDSeBcZFLMFRURURHe|3,cCeIVOTeJUNSMTfIMLebaTaTaET|1,cCeIVOTeJUNSMTaSdNdKNKNKWe|1,cCHOGAQHSMSXUDeLcffIVXBPKAFRURURHe|1,cCHOGAQHSMSXUDeLcffIVXBPKAFRURURHe|5,cCHOGAQPXafJCfSFeMZXZAQeRfXPRQNIKdFHaO|1,cCHObKdBZXZAVCMIQRMebfTIbRZaTaTaET|1,cCeIVOdJEVOAeZTbQNPcZRALOLOLMO|1,cCHObCBWaEdIPPSfDcXLYSfDccCcCcCC|2,NAFLeOeJcQEcVOdWNeYZdfdbJae|2,NAFLeOeJcQEcVOdWNeYZdfdbJae|4,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|2,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|4,cCHObVZMYCMKdFEVJTNIKdFHaO|4,cCHObVZMYCMKdFEVJTNIKdFHaO|6,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|9,cCeIVOOLfOECVVDFRURURHe|3,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|3,cCeIVOdJEVOAeZTbQNPcZRALOLOLMO|2,cCeIVOTeJUNSMTfIMLebaTaTaET|2,cCeIVOTeJUNSMTaSdNdKNKNKWe|2
X-Requested-With: XMLHttpRequest
Content-Length: 122
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCrDNarsX3upzJexxC6USJTo2DtgoB2CmTsGL51ku7prl9Y5duUC1JqvvUsqBuworhtqLOkXf83YbgB9%2FOZ3SY2UzNhvWDeeYv3ZreOGclH%2Ft4xy%2FAgy714WQqhm5PRRC5Wh7zxlgtnDnzxNRr4DJ8J2lTkCintHdI8%3D; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRp4xLLXtlhoLfGdmRF/jrtQYBT9a+TQvuSxcUEmoSSGj6tY+f9fXUn9xT7o9Gu6cXSSfVjRXfyG+BEBj/dQbDfviQvaZGArVZBatlnQPE+X96SeAUZ64kIcngKLGfqULzYB204FLMYv4wntJP8J+34Qov/KCMERlEQE; pcm_consent=consentedAt%3D2024-04-16T17%3A50%3A18.921Z%26countryCode%3DNO%26expiresAt%3D2024-10-13T17%3A50%3A18.921Z%26implicit%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr%26consentId%3D712732a3-340a-410d-89ec-16567804029d%26analytical%3Dfalse%26marketing%3Dfalse; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=eyJib29raW5nX2dsb2JhbCI6W3siYSI6MSwiaCI6ImRYYm5EQWVrUGNoWitQcG05ZStvMHRYSkl6RGIreWpmYkYrUUwxTmwvVkkifV19; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238&isGpcEnabled=0&datestamp=Tue+Apr+16+2024+17%3A50%3A18+GMT%2B0000+(GMT)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=956986c8-8261-4674-9326-f3228b804c7f&interactionCount=0&isAnonUser=1&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&backfilled_at=1713289819066&backfilled_seed=1; BJS=-; 11_srd=%7B%22features%22%3A%5B%7B%22id%22%3A16%7D%5D%2C%22score%22%3A3%2C%22detected%22%3Afalse%7D; OptanonAlertBoxClosed=2024-04-16T17:50:18.495Z; bkng_sso_auth_1713289818=CAIQsOnuTRp4xLLXtlhoLfGdmRF/jrtQYBT9a+TQvuSxcUEmoSSGj6tY+f9fXUn9xT7o9Gu6cXSSfVjRXfyG+BEBj/dQbDfviQvaZGArVZBatlnQPE+X96SeAUZ64kIcngKLGfqULzYB204FLMYv4wntJP8J+34Qov/KCMERlEQE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 18
server: nginx
date: Tue, 16 Apr 2024 17:50:22 GMT
vary: Accept-Encoding, User-Agent
content-encoding: br
access-control-allow-credentials: true
access-control-allow-origin: https://www.booking.com
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCqNxbwLL6XpaQPf9Rc5%2FQBFVF4oeO%2BbhS6RUpdBzPmQ1GKI%2BHOzTXZlTszk9DgRsWiMZA%2FYmg6x6faWo68w3fUMokMiyjQmxGGpiL0sIBogt0S6AlZyKoSCxbj2TSRti1KeXQBJqf2yDCKo3lhy1PYfUGS6tzMts%2BM%3D; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:22 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=2592000; includeSubDomains
x-content-options: nosniff
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=058e7d6fdbbf0809&e=UmFuZG9tSVYkc2RlIyh9YReXsVhv1rQKB4Zv_9za_vfe2q-QyefqVZ3qTmxOfpEvKC3dj9WXuGg
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nvfV3Ga0p8sw8ai4119RrCByVMesCOdEyDw9XVDb9_5mK8B9JyQjCg==
X-Firefox-Spdy: h2

cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/f1558a6e9832a4eb8cfe1d3d14db176bd3564335.css

143.204.55.112

200 OK

35 kB

URL GET HTTP/2
cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/f1558a6e9832a4eb8cfe1d3d14db176bd3564335.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7107), with no line terminators
Size
35 kB (34846 bytes)
Hash
f841b7b83eae48fbf4574d3c0d53f4c3
e104126e57648ff6d51bf6ade1357bc03cb500c5
0a5447d9be398da3541fe01668f81b332fd26812c2842aa53deb5c7883d58f73

HTTP Headers

GET /static/css/incentives_cloudfront_sd.iq_ltr/f1558a6e9832a4eb8cfe1d3d14db176bd3564335.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 21 Mar 2024 09:45:16 GMT
last-modified: Fri, 28 Jul 2023 11:29:02 GMT
etag: W/"64c3a67e-1bc3"
expires: Sat, 20 Apr 2024 09:45:16 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CdJeTXdvJumvhLX_Idq5PJoYM2FZyZqaErwjc7ZfSMirS-xX2fAJtA==
age: 2275499
X-Firefox-Spdy: h2

cf.bstatic.com/static/img/favicon/9ca83ba2a5a3293ff07452cb24949a5843af4592.svg

143.204.55.112

200 OK

727 B

URL GET HTTP/2
cf.bstatic.com/static/img/favicon/9ca83ba2a5a3293ff07452cb24949a5843af4592.svg
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
gzip compressed data, max compression, from Unix
Size
727 B (727 bytes)
Hash
75056ad25b3386158d4543edaf1241e2
9d0d65cf9cd6985929dad1ea9c88eb341f6608dc
8179f231bb63e84d446ba78695f9cd1f872af8f8bfc3d7d3d7e4431b02fc6686

HTTP Headers

GET /static/img/favicon/9ca83ba2a5a3293ff07452cb24949a5843af4592.svg HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Thu, 28 Mar 2024 10:34:26 GMT
last-modified: Tue, 21 Mar 2023 13:15:52 GMT
expires: Sat, 27 Apr 2024 10:34:26 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: gzip
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: W/"6419ae08-4ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fVdkAoIUC1MyThSG7Iv3mbLvosC9Zxlc71aVXARrUBEAwnvDLCHSWA==
age: 1667750
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140051306.jpg?k=e9fd0663f3532480edef1e8636018e145154bb30885a089024b9032ab0b5e351&o=

143.204.55.112

200 OK

12 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140051306.jpg?k=e9fd0663f3532480edef1e8636018e145154bb30885a089024b9032ab0b5e351&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
12 kB (11754 bytes)
Hash
f8582e652a2e96c49993cc1b234155a5
5ddd88de015af27baa68da353120fd6e0d4e2bcb
598616ab19021e2c66cd9462b500464ea2ef37841557e96104bc1692b0803548

HTTP Headers

GET /xdata/images/xphoto/300x240/140051306.jpg?k=e9fd0663f3532480edef1e8636018e145154bb30885a089024b9032ab0b5e351&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Tue, 16 Apr 2024 16:53:29 GMT
content-language: 11754
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "8d9e8d41c06f02e3b6528f450f3ae659af53e890"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cB9GhazkrGmSfN2uZz2H-E97dGZZIdHNg2oaY9hU_Y2HjwlV3JBUYw==
age: 3409
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/d9560671.56175cb4.chunk.css

143.204.55.112

200 OK

2.5 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/d9560671.56175cb4.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2480), with no line terminators
Size
2.5 kB (2479 bytes)
Hash
eed6dd96c7dac840e31a49cf36316d63
70a0af36a8d4d177640e05804d3a2211bbee4b56
0bf4da97bb0f8595c54296aa04c4954fe18c11e685a7702702162e2d1b526c94

HTTP Headers

GET /psb/capla/static/css/d9560671.56175cb4.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 15 Apr 2024 18:12:29 GMT
last-modified: Mon, 15 Apr 2024 14:39:46 GMT
etag: W/"7ba1380eb8cc5b339a991dcde3a14385"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: odErWhI1qo9oDglTgkOfIQoowp3AbLu6
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RnxzTYG4wXY5d0b4jVgJuWCycEbrKEzc2atfvCUYKuKIQwbZ-AXfXQ==
age: 85068
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/searchresults_slick_cloudfront_sd/528359eb9f21194adf8c26f81e07c6eb21a2cc89.js

143.204.55.112

200 OK

37 kB

URL GET HTTP/2
cf.bstatic.com/static/js/searchresults_slick_cloudfront_sd/528359eb9f21194adf8c26f81e07c6eb21a2cc89.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (36716), with no line terminators
Size
37 kB (36716 bytes)
Hash
83450205fdae53d35568c0b20ebd7823
b767e5626f5c78a36e8267adce0eb4770cc7af54
0916f90ffe5b1eb07948b9f85568c812d3ccbb8a05d3b39d10f4d59fcc9e168d

HTTP Headers

GET /static/js/searchresults_slick_cloudfront_sd/528359eb9f21194adf8c26f81e07c6eb21a2cc89.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 06 Apr 2024 19:51:28 GMT
last-modified: Tue, 04 Feb 2020 10:19:58 GMT
etag: W/"5e39454e-8f6c"
expires: Mon, 06 May 2024 19:51:28 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6yyfCOT-Ab7rYIhkOmmH9PLHuB3Oxl_tHNC49z8Yka-eLcH9v7UQJg==
age: 856729
X-Firefox-Spdy: h2

cf.bstatic.com/static/css/fonticons_clean/base64/woff/5d61b8a7156073e5e3e9741f65dda44ae3eef7d2.css

143.204.55.112

200 OK

227 kB

URL GET HTTP/2
cf.bstatic.com/static/css/fonticons_clean/base64/woff/5d61b8a7156073e5e3e9741f65dda44ae3eef7d2.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65487)
Size
227 kB (226735 bytes)
Hash
cad5fe4c499f7568e14e7ab6ff9b3361
7cf66966b26c499b535efd53c77f65df7da14338
83f4228d1d92171186e8b8ccce6e69b32ad6b322db4af7e4b6f54ce50e299587

HTTP Headers

GET /static/css/fonticons_clean/base64/woff/5d61b8a7156073e5e3e9741f65dda44ae3eef7d2.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 29 Mar 2024 06:34:31 GMT
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
etag: W/"5cadd1cc-375af"
expires: Sun, 28 Apr 2024 06:34:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fyn9Ox1sDUXm6z7_zMtBUuFE10xmLApZ5mD5V6mVxH_LGQELmhSQ7Q==
age: 1595747
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450095.jpeg?k=cd5e46e632dab722d22217813485efde31fbe82f5f26a624166edccdbe8187bc&o=

143.204.55.112

200 OK

16 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450095.jpeg?k=cd5e46e632dab722d22217813485efde31fbe82f5f26a624166edccdbe8187bc&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
16 kB (16076 bytes)
Hash
4a3d6681973906a15cf25575a34149c5
5cc846e08d4262f3b8d21a4fda93422e59e77519
911bb77dbdce93cc64009eb78b150865f1c5e6aec0e1d8c1a55ccd6d04154a2d

HTTP Headers

GET /xdata/images/xphoto/263x210/45450095.jpeg?k=cd5e46e632dab722d22217813485efde31fbe82f5f26a624166edccdbe8187bc&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-language: 16076
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Thu, 21 Mar 2024 10:09:05 GMT
cache-control: max-age=2592000
etag: "dc73c2969c0c57d5e4a2210826ddcf376beb4276"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kYH0T3v3wtHQbSjB-dgogMe7omvQ6pO0po3hlMvO4arbgJkqdTuVVA==
age: 2274073
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/126764303.webp?k=46a8a949ef420510834df06d0d88e293fbaae80cd1e17883cb78c1bba3eb0366&o=

143.204.55.112

200 OK

46 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/126764303.webp?k=46a8a949ef420510834df06d0d88e293fbaae80cd1e17883cb78c1bba3eb0366&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
46 kB (46510 bytes)
Hash
7f55300f63d9903ef33cc17dfb484201
38407a046f7cb9cb19222b613f5951b75e0a030e
3e921e9f54c90099f5d3345213b23135aaa9b085dea4ef37d7e82401aa67a4a0

HTTP Headers

GET /xdata/images/hotel/square600/126764303.webp?k=46a8a949ef420510834df06d0d88e293fbaae80cd1e17883cb78c1bba3eb0366&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Thu, 28 Mar 2024 17:29:24 GMT
content-language: 46510
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "39ea26bd89db5c26630a463d2538ea129de64a55"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WVAPPoeNGPtf80PZ18H2ivkKZwAbIDbI69WSMtzEz0dWgJd2SYSKjg==
age: 1642855
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/121402222.webp?k=f7f266ab09f90ddea4464309eca14d79429afe4218ced6887cb52f82c42c03dc&o=

143.204.55.112

200 OK

34 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/121402222.webp?k=f7f266ab09f90ddea4464309eca14d79429afe4218ced6887cb52f82c42c03dc&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
34 kB (34306 bytes)
Hash
eab69748348b340551f3cfc8774f9910
0c69822157945be93772cdc86c779d5132c37376
a7297900e4808b3bdc9b4032ed0428423704f3257032f319f5827a92b2d1fa49

HTTP Headers

GET /xdata/images/hotel/square600/121402222.webp?k=f7f266ab09f90ddea4464309eca14d79429afe4218ced6887cb52f82c42c03dc&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Wed, 27 Mar 2024 00:23:52 GMT
etag: "fbf68e72bd156917d0dac6260bace82885dfe51a"
content-language: 34306
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: piwoIZLz8XK7UqqgmpoZ8doyjdBV1I_2q390pX00f-y18KmH1EFb5g==
age: 1790786
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/782ad794.9ef2b884.chunk.js

143.204.55.112

200 OK

886 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/782ad794.9ef2b884.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
886 kB (886023 bytes)
Hash
c68b080c6a3e2c34a72f5fba4e317922
946787767c852380e81f795e03d3f352faac23e6
2b04761641f16d28378ecb6f38e832b8918c5167d32b4419bef5a8eecdd895df

HTTP Headers

GET /psb/capla/static/js/782ad794.9ef2b884.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 14:39:52 GMT
etag: W/"c68b080c6a3e2c34a72f5fba4e317922"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: GkhDQzIz2KrQr54d6YeyXR7cyJYoNbPy
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QJxDJfkDxiQ2aQKqpdy6anqh79RkpHLxjSoNoQyo8G55rdqllxHWCA==
age: 81337
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x197/321937076.jpeg?k=262d01bd753957b8aaca3a616835fa2c91f2d0bc072881510a3affd16ed28494&o=

143.204.55.112

200 OK

13 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x197/321937076.jpeg?k=262d01bd753957b8aaca3a616835fa2c91f2d0bc072881510a3affd16ed28494&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Size
13 kB (13300 bytes)
Hash
94505dfb2603d14936faea5f82e51ccc
8a93145adc3aa47802f19f1278caefa37e47bbb8
bddc0087374193ed1c288ced9836cc3c05a758a39f64ec3bba76f85e2c534a9e

HTTP Headers

GET /xdata/images/xphoto/263x197/321937076.jpeg?k=262d01bd753957b8aaca3a616835fa2c91f2d0bc072881510a3affd16ed28494&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 05 Apr 2024 12:48:37 GMT
etag: "7935d4eda5666a055d26f43b4703f5a346bd21e8"
content-language: 13300
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kc9NappdaqUOAacyzAH83LX8vZUligLTNexgGsYR6TJugHXWnlwJog==
age: 968501
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x197/321951865.jpeg?k=bcb000795aa46b2bef9088f41794f64dee98b38d4ebc4d5f6f14dbda4e3ba06e&o=

143.204.55.112

200 OK

8.9 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x197/321951865.jpeg?k=bcb000795aa46b2bef9088f41794f64dee98b38d4ebc4d5f6f14dbda4e3ba06e&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Size
8.9 kB (8947 bytes)
Hash
16110eb0185294a02573f75a732cdef5
5828ccdff58b596b636ab30d235f706112a3ae98
4be4ecf5342a8f4d75f4679e93ea4e4e65664596bef8e02aaa2687110d103337

HTTP Headers

GET /xdata/images/xphoto/263x197/321951865.jpeg?k=bcb000795aa46b2bef9088f41794f64dee98b38d4ebc4d5f6f14dbda4e3ba06e&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 05 Apr 2024 12:48:37 GMT
etag: "6d15c6972d30dcd53f13482705b0c2ad815985e9"
content-language: 8947
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FpuWVakKsKvM7ksXocW4pxlHXkeSVNf8jXvaPDnRacIe3XafyxZyNw==
age: 968501
X-Firefox-Spdy: h2

cf.bstatic.com/static/css/fonticons_clean/base64/woff/5d61b8a7156073e5e3e9741f65dda44ae3eef7d2.css

143.204.55.112

200 OK

227 kB

URL GET HTTP/2
cf.bstatic.com/static/css/fonticons_clean/base64/woff/5d61b8a7156073e5e3e9741f65dda44ae3eef7d2.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65487)
Size
227 kB (226735 bytes)
Hash
cad5fe4c499f7568e14e7ab6ff9b3361
7cf66966b26c499b535efd53c77f65df7da14338
83f4228d1d92171186e8b8ccce6e69b32ad6b322db4af7e4b6f54ce50e299587

HTTP Headers

GET /static/css/fonticons_clean/base64/woff/5d61b8a7156073e5e3e9741f65dda44ae3eef7d2.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 29 Mar 2024 06:34:31 GMT
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
etag: W/"5cadd1cc-375af"
expires: Sun, 28 Apr 2024 06:34:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 49ukdRbindbLFvIteVkh7BxOiaJ6fLSrGShBs2y3pJJw0Y35-E72YA==
age: 1595747
X-Firefox-Spdy: h2

account.booking.com/privacy-consents

54.230.111.34

204 No Content

0 B

URL OPTIONS HTTP/2
account.booking.com/privacy-consents
IP
54.230.111.34:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /privacy-consents HTTP/1.1
Host: account.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.booking.com/
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: envoy
date: Tue, 16 Apr 2024 17:50:18 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.booking.com
access-control-max-age: 1728000
set-cookie: bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiI2NDJmMDNjMC01NmVjLTQ3ZmMtOTE2OC1iZDQwNjJiYWUwOTAiLCJzZXNzaW9ucyI6W119fQ; domain=account.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; SameSite=Lax; secure; HttpOnly
bkng_sso_session=e30; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; secure; HttpOnly
bkng_sso_ses=e30; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; secure; HttpOnly
content-security-policy: frame-ancestors https://*.booking.com 'self'; report-uri https://nellie.booking.com/csp-report-uri?type=block&tag=212&pid=32287d6da51c0027&e=UmFuZG9tSVYkc2RlIyh9YSWKtKO5TxgOpTwVTPfHZKNW3Hcrm1RLgTDT2V-m21UMJ4KxJTAfD3k6vpGGyphNZUfy-f31chCZb8612iO9R_UYhDOKZTX9f9H49t8PnK2NKsU5bIamzFNkB8FVqOsyfSFFmyZRUySf
content-security-policy-report-only: base-uri 'none'; connect-src saa.booking.com secure.booking.com reports.booking.com privacyportal-eu.onetrust.com geolocation.onetrust.com cdn.cookielaw.org www.google-analytics.com *.perimeterx.net *.pxchk.net *.px-cdn.net *.px-client.net *.px-cloud.net 'self' 'report-sample'; default-src *.bstatic.com bstatic.com 'self'; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com www.booking.com secure.booking.com paymentcomponent.booking.com 'self'; img-src 'self' data: www.booking.com graph.facebook.com cdn.cookielaw.org account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net *.px-cloud.net *.perimeterx.net www.gstatic.com; object-src 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=213&pid=32287d6da51c0027&e=UmFuZG9tSVYkc2RlIyh9YSWKtKO5TxgOpTwVTPfHZKNW3Hcrm1RLgTDT2V-m21UMJ4KxJTAfD3k6vpGGyphNZUfy-f31chCZb8612iO9R_UYhDOKZTX9f9H49t8PnK2NKsU5bIamzFNkB8FVqOsyfSFFmyZRUySf; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google.com www.google-analytics.com cdn.cookielaw.org geolocation.onetrust.com 'self' 'nonce-3xfizDXQaj2D9Bn' 'report-sample'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'unsafe-inline'
x-xss-protection: 1; mode=block
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IL6gu7x2DrJmJJyTdAPk3h4ZuyXjCeXT1tpdVwVcJa9KQpXywAjWrA==
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/index_cloudfront_sd/5209e63d7382e58bb460e3d4ed665e5a0d34479f.js

143.204.55.112

200 OK

24 kB

URL GET HTTP/2
cf.bstatic.com/static/js/index_cloudfront_sd/5209e63d7382e58bb460e3d4ed665e5a0d34479f.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (23658), with no line terminators
Size
24 kB (23658 bytes)
Hash
29c39d9aab2e18068e29d75c062f0a71
c3b754794b158d7aec26b55aa8f75de786fe1747
d1917c930b1d85f73fb2e889ad9664980b76d07260527753622a040b1ea48e0a

HTTP Headers

GET /static/js/index_cloudfront_sd/5209e63d7382e58bb460e3d4ed665e5a0d34479f.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 16 Apr 2024 06:02:16 GMT
last-modified: Fri, 01 Mar 2024 08:38:07 GMT
expires: Thu, 16 May 2024 06:02:16 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: W/"65e193ef-5c6a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oL5QZV3cimgb91RayPgqpbHlb7oT21mLhw-wOHDchBtkYHrOtUvtSA==
age: 42479
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/f41dcaf5.b35264fb.chunk.js

143.204.55.112

200 OK

1.6 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/f41dcaf5.b35264fb.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1652), with no line terminators
Size
1.6 kB (1605 bytes)
Hash
f4b4dd416b955a546844c76d144f7b1a
96d45cad8eea94ac9d4bbbbe594e3bb48fb14e7e
db670f983aab597db7c9c0ff457e6007723ef1935783532de2be9729711cccdd

HTTP Headers

GET /psb/capla/static/js/f41dcaf5.b35264fb.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 14:39:52 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: VIZm471BXUr8VqrSAyBxcVO.oJWfao1j
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 14:41:22 GMT
etag: W/"cc59273043247cb6caee92360ecbc12e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: grWkJWsqZLyab1p4okXQ3OWUxwwKY4wubddqrG0E482yy43gS9AT5Q==
age: 11335
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x197/321935343.jpeg?k=2057e8fd66d0b5f641b41e63abd28f2889d0fa4ba52328c7b4c9d9672515d8e1&o=

143.204.55.112

200 OK

8.9 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x197/321935343.jpeg?k=2057e8fd66d0b5f641b41e63abd28f2889d0fa4ba52328c7b4c9d9672515d8e1&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Size
8.9 kB (8924 bytes)
Hash
a283a8b3287a5a30283ae4ea8416cdff
2df76bb0b658ed28268705bc6de20d36922abb4c
a97002448493aa6fb889b516fff83cf85a1ae4065e76bb06c5f948a727b31dd8

HTTP Headers

GET /xdata/images/xphoto/263x197/321935343.jpeg?k=2057e8fd66d0b5f641b41e63abd28f2889d0fa4ba52328c7b4c9d9672515d8e1&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 05 Apr 2024 12:48:37 GMT
etag: "1bb67872cc203a8680b2d89bd01aee56b0f4c93f"
content-language: 8924
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a6Kzfa5EzVZQjV0BKO1S6eUfM7swUmjhcyvEbNPcj392zoMat_yPVQ==
age: 968501
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/9fc72199a3b8ae2b967821deb6fa10d92ce308fc.js

143.204.55.112

200 OK

50 kB

URL GET HTTP/2
cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/9fc72199a3b8ae2b967821deb6fa10d92ce308fc.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
50 kB (50379 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/js/core-deps-inlinedet_cloudfront_sd/9fc72199a3b8ae2b967821deb6fa10d92ce308fc.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 09 Apr 2024 09:15:59 GMT
last-modified: Tue, 09 Apr 2024 08:42:28 GMT
etag: W/"6614ff74-c4cb"
expires: Thu, 09 May 2024 09:15:59 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jdyBcYyCeR1VvReqrd-u8DH_TcrkV0epYiVcym4sPA1EQwVB1AfXSQ==
age: 635656
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/city/170x136/737551.jpg?k=ad4ef19a2b979ef794b56d1901e6937b874b4726a4085d8ddbe795f5c6bfed73&o=

143.204.55.112

200 OK

6.2 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/city/170x136/737551.jpg?k=ad4ef19a2b979ef794b56d1901e6937b874b4726a4085d8ddbe795f5c6bfed73&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x136, components 3
Size
6.2 kB (6204 bytes)
Hash
033e02e916d5f3791fb0edcde629ef86
d5cc83fc9698814ff92bf752ac0cbb004439f614
1815ead7ea4f562bb51ec2e39ee38db0e120120d1f8b98096dc60583c493e4d4

HTTP Headers

GET /xdata/images/city/170x136/737551.jpg?k=ad4ef19a2b979ef794b56d1901e6937b874b4726a4085d8ddbe795f5c6bfed73&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 6204
server: nginx
content-language: 6204
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Sat, 30 Mar 2024 06:11:33 GMT
cache-control: max-age=2592000
etag: "695c818f24fef509fad771a67c8002e1622b09f9"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TLLqkh-4DbX7k-shLOwdPMjKjStQ1GFGoAQGlSnw7TE7MMmOWA5dcA==
age: 1510725
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040746.jpg?k=6de5c327ade203a8a661b9c765a4678015f1d533ad418aca1f02433446a340ec&o=

143.204.55.112

200 OK

12 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040746.jpg?k=6de5c327ade203a8a661b9c765a4678015f1d533ad418aca1f02433446a340ec&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
12 kB (12508 bytes)
Hash
6be829edc94031de1872ed0411c0bcc3
2ff651c13ce9c128019a2d5a1eee1810ec3b1135
c2714428325de3f782349ba354c5752ba80dcca95a5d8383127efa5c372db7bd

HTTP Headers

GET /xdata/images/xphoto/300x240/140040746.jpg?k=6de5c327ade203a8a661b9c765a4678015f1d533ad418aca1f02433446a340ec&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 22 Mar 2024 11:38:55 GMT
etag: "5fb9971f2a9531301384399040ec640b8ed16aa3"
content-language: 12508
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: l2qmio_8TbZ40yZf-h5v2UhTLFA5X4ZsxbE422-4yB4Mhwiz8ZYdrg==
age: 2182283
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x197/321937727.jpeg?k=913b26b10a6a45707d87b259b54c61e430a19c136db0ae3c0fd4e3a29f7f7b67&o=

143.204.55.112

200 OK

10 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x197/321937727.jpeg?k=913b26b10a6a45707d87b259b54c61e430a19c136db0ae3c0fd4e3a29f7f7b67&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Size
10 kB (10487 bytes)
Hash
ad1d43182ad58b0d789ff8f1477a659b
5586c9dea59cde27e89d06e1c9381f852bad92e1
0ccf90cf6210fb218d29c3b4c85d160b6d221ae8271e2e6f5d2118569e44f091

HTTP Headers

GET /xdata/images/xphoto/263x197/321937727.jpeg?k=913b26b10a6a45707d87b259b54c61e430a19c136db0ae3c0fd4e3a29f7f7b67&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 05 Apr 2024 12:48:37 GMT
etag: "a1b6483ef47e249a4830000e7400bbfd9c756833"
content-language: 10487
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i18SO8G9gnfRrtyxTYQ4H2g0UcYZkXyG78zIR4Ev5V4y-yRFjfq-GA==
age: 968501
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/156801685.webp?k=02499ffda30e83b23ddf0ddf20ce0e98c9869385064e2ac53ccc8681afb6cfa7&o=

143.204.55.112

200 OK

95 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/156801685.webp?k=02499ffda30e83b23ddf0ddf20ce0e98c9869385064e2ac53ccc8681afb6cfa7&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
95 kB (94682 bytes)
Hash
85259fd7a6f5087b2af0f94e4feee469
3b7987d2825f42d8e7a34a7905b49b4da169b2af
b999fa9e942914c279d9c9290b9e7aee59cbd4354c9182f8545d4d12509459d9

HTTP Headers

GET /xdata/images/hotel/square600/156801685.webp?k=02499ffda30e83b23ddf0ddf20ce0e98c9869385064e2ac53ccc8681afb6cfa7&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Thu, 21 Mar 2024 07:21:04 GMT
etag: "662428788346d30d5ec29cf3fb93333841edee63"
content-language: 94682
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PkWlrZCqb6CLaBquTcKCDAS8DhYRaNAGdNLJVSYUFG-eOmhTcQEFOw==
age: 2284155
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/6b631c3f.41fa5dc0.chunk.css

143.204.55.112

200 OK

4.3 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/6b631c3f.41fa5dc0.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4345), with no line terminators
Size
4.3 kB (4344 bytes)
Hash
207a148071df40350d0b864f6913f131
f70796d70fb058cc23ffcc9d6911283fc05f30e5
f4bda0baa9ecc2d7964ff2d210e6cdb881bd9f4cade594975ec822f284ce92a1

HTTP Headers

GET /psb/capla/static/css/6b631c3f.41fa5dc0.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 14:39:46 GMT
etag: W/"2b0df6b9b4104b680d94f5c04e572c2d"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: k7CEn8oeJAyTmpQpWuwmyXNvzonvocyy
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tFdfmLcc0dzJOOY61_E86tp7EeHMV2EWKOs7OVEehLU8P42SpGF_4A==
age: 81337
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/remoteEntry.7d304f63.client.js

143.204.55.112

200 OK

19 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/remoteEntry.7d304f63.client.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18493)
Size
19 kB (18609 bytes)
Hash
e0d84a9728bb874ea91659520664f873
e2e4087e27f1cfa8536c98d724008024b058ea44
0c2f297095e3da28207aff0bd511a9d77f8766cce89e70e52728b0a6e56294c6

HTTP Headers

GET /psb/capla/static/js/remoteEntry.7d304f63.client.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 10:15:26 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: teg1K4DOsrQ6HhBVsTSgm8uF.hik2md4
server: AmazonS3
content-encoding: br
date: Tue, 16 Apr 2024 11:22:35 GMT
etag: W/"e0d84a9728bb874ea91659520664f873"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SNPCxhpdOWSh806wH5QIB9v6ObmsrvMv_vgifwy4mQiMMzRsv5-Gew==
age: 23262
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/city/170x136/954959.jpg?k=37410091e9d0e74278ef7710d594a8ef5882decaf47e8f9a7ca30f9e85bbab75&o=

143.204.55.112

200 OK

3.8 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/city/170x136/954959.jpg?k=37410091e9d0e74278ef7710d594a8ef5882decaf47e8f9a7ca30f9e85bbab75&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x136, components 3
Size
3.8 kB (3812 bytes)
Hash
e4ebb57e831518d499a91657b0e1aec6
d232947d401ce3b2aa52c6a71d626fdcc5316c7b
9a5f2fe3143566a8aaf079959b5ee63c55b4b916fe1f3791f4b46f6ef65dcbfe

HTTP Headers

GET /xdata/images/city/170x136/954959.jpg?k=37410091e9d0e74278ef7710d594a8ef5882decaf47e8f9a7ca30f9e85bbab75&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 3812
server: nginx
date: Sat, 30 Mar 2024 12:31:19 GMT
etag: "d1c209fe9f7916aa3fdfb45c5b3804f0d97d2014"
content-language: 3812
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Nbtwq36VecniWG2LLBQi8bctGQC7__h4z2HoNJx1KvKDrAXt2k9d3w==
age: 1487939
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/467167582.webp?k=8190946ffdd138b82898fb5381f6bfd638f5897fa1ce24307eb2051338bc66e5&o=

143.204.55.112

200 OK

53 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/467167582.webp?k=8190946ffdd138b82898fb5381f6bfd638f5897fa1ce24307eb2051338bc66e5&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
53 kB (53362 bytes)
Hash
8bfe15f5529789baa643943635ea92f6
9708adef63de0787d7a574937b7fc825eb7ee1e0
812e906630a8a88cac0746ec08c6adfe9bfe8e4771300e3def801f1af6bc1342

HTTP Headers

GET /xdata/images/hotel/square600/467167582.webp?k=8190946ffdd138b82898fb5381f6bfd638f5897fa1ce24307eb2051338bc66e5&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Sat, 30 Mar 2024 12:31:19 GMT
etag: "b394b5da7c02a7484a883425b687034d0cc77048"
content-language: 53362
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jFPCiJGkN9Qk4vrTE2V7XL3TAhOUTmbsBtVbG7P2c8tPY6-Wu0KbGw==
age: 1487940
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040602.jpg?k=e5ad57053f0bb18f51822fe9ee16ee17ea28bde1dcd593f0643fea340584d85f&o=

143.204.55.112

200 OK

18 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040602.jpg?k=e5ad57053f0bb18f51822fe9ee16ee17ea28bde1dcd593f0643fea340584d85f&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
18 kB (18526 bytes)
Hash
a92581736e924996ea87bd939fa1539d
fb4d4a025058472b455802c0308a6d5ad8ff1b2b
8eec565de5f7ebab83260bfaa9e5f33a8b7d425254c8d3b3a255ae2904344b7b

HTTP Headers

GET /xdata/images/xphoto/300x240/140040602.jpg?k=e5ad57053f0bb18f51822fe9ee16ee17ea28bde1dcd593f0643fea340584d85f&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 18 Mar 2024 16:27:47 GMT
etag: "91d4bccf3f1732459a0d13f1766d05e69bcb595e"
content-language: 18526
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ml571D3NVFUUMKdcKElSVt76XwKZ8SXp-ElYxVZk94h9yKurYBn6qw==
age: 2510551
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otFlat.json

104.19.177.52

200 OK

14 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otFlat.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.booking.com/
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
14 kB (13614 bytes)
Hash
9b1f8ddf85fb0cbfd926faacb1fc0405
ade7f952c70f07fd3497cd3e8656ca1f28c78633
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

HTTP Headers

GET /scripttemplates/202403.2.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:50:18 GMT
content-type: application/json
content-length: 3041
content-encoding: gzip
content-md5: wV78mAWw6KBtzfNUzHQTew==
last-modified: Thu, 11 Apr 2024 16:21:17 GMT
etag: 0x8DC5A436A5FEE94
x-ms-request-id: e51f7e7c-c01e-006d-61bc-8c8dc8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 29587
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875604541fb30b4d-OSL
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450103.jpeg?k=a1fa72362160b1df6e288050afa7ce1aade80871acd368ddd4a4ebf6ad87764e&o=

143.204.55.112

200 OK

0 B

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450103.jpeg?k=a1fa72362160b1df6e288050afa7ce1aade80871acd368ddd4a4ebf6ad87764e&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xdata/images/xphoto/263x210/45450103.jpeg?k=a1fa72362160b1df6e288050afa7ce1aade80871acd368ddd4a4ebf6ad87764e&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:53:27 GMT
etag: "3aa59d890ba68033df6a63b6535f31d7b2a23d10"
content-language: 16555
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8phxBwWBsrS9L2oeD1mmF7_8n4irrx5xSCgr7hHiH03afyllKxFyNA==
age: 2271411
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/city/170x136/644297.jpg?k=1ec66dc12696bc2551f325c7318ab5d1cfec23c955b375a30e5d466cf23f6d87&o=

143.204.55.112

200 OK

7.1 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/city/170x136/644297.jpg?k=1ec66dc12696bc2551f325c7318ab5d1cfec23c955b375a30e5d466cf23f6d87&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x136, components 3
Size
7.1 kB (7131 bytes)
Hash
bcabc853805644c852b5e28ceb4da21f
85e9e9be45cd209187f883151d869f07dce4a016
0e9deb49e94a0a7b46e1300d00ff66abc515bf83f77c53d322457e1cce9d3d5c

HTTP Headers

GET /xdata/images/city/170x136/644297.jpg?k=1ec66dc12696bc2551f325c7318ab5d1cfec23c955b375a30e5d466cf23f6d87&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 7131
server: nginx
content-language: 7131
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Fri, 29 Mar 2024 06:49:23 GMT
cache-control: max-age=2592000
etag: "60f73638035955e1146cb48ccdf11c7523940a2c"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S80DKGe4ehpNBUp_1CZjtfa2jckAHv1M9t5evCgt7DvEKx-bVJwToA==
age: 1594855
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/18cad957.25886bdc.chunk.css

143.204.55.112

200 OK

374 B

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/18cad957.25886bdc.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (375), with no line terminators
Size
374 B (374 bytes)
Hash
1d5b7e4293a0330cdda97a799012895f
7b1d7cd4d1cda47df03341f90903e736764189b7
1f5190587cc8f66acce037188d95897e39a7ad41876a3ea5cb0cf631b8d947b5

HTTP Headers

GET /psb/capla/static/css/18cad957.25886bdc.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 374
last-modified: Mon, 15 Apr 2024 10:15:25 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: iGIf1k13UMk62DXQGKNb6wznIc0dv2dI
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 12:38:21 GMT
etag: "cbbfc6e25cbe00c996ec7a05ba299022"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EicqCUYf8y_I07_V0B19ANck013Tt7ulSBXnliy9NJ5XAraacVS2yw==
age: 18716
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/366855457.webp?k=ef25b0c640c7c2f4fcac4c79509ef1dbb484c19f21a7c8cba18d9270d7f790e9&o=

143.204.55.112

200 OK

85 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/366855457.webp?k=ef25b0c640c7c2f4fcac4c79509ef1dbb484c19f21a7c8cba18d9270d7f790e9&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
85 kB (85342 bytes)
Hash
d5d61e502701d626a44f71041bc3aa23
50523eff5efe9749abd76b9b94872c6f12b1362a
71dd9c06a63fe4d5a0ed46409f1555ae9a809146324cb47a3cb1bcfa2139b1d5

HTTP Headers

GET /xdata/images/hotel/square600/366855457.webp?k=ef25b0c640c7c2f4fcac4c79509ef1dbb484c19f21a7c8cba18d9270d7f790e9&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Wed, 03 Apr 2024 22:37:08 GMT
etag: "4cbedb5194f2d7933b6939f70bbc0f5cd2ded19f"
content-language: 85342
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8ZhEAORDO-Q0-ua39suADKcFOvUVn1AUTgoDPdIyhDns2QHxXGRvlg==
age: 1105991
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/154511781.webp?k=96a999df5a226a5d946bdaf98cc1ef8050a0efc6d365924580983dfddc253f78&o=

143.204.55.112

200 OK

33 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/154511781.webp?k=96a999df5a226a5d946bdaf98cc1ef8050a0efc6d365924580983dfddc253f78&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
33 kB (33118 bytes)
Hash
47e96ea3f99ecd7cd6515f48436dea37
709fe2e9ede042724882caf5604627e73b522dbe
f7f154d509bb190c8462c615876cce1fb417696c32155cb4bd01903c50eeff90

HTTP Headers

GET /xdata/images/hotel/square600/154511781.webp?k=96a999df5a226a5d946bdaf98cc1ef8050a0efc6d365924580983dfddc253f78&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Mon, 18 Mar 2024 08:16:22 GMT
etag: "43bd47345ff82cc44d62259bdd2a8158663a0b2a"
content-language: 33118
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zu_Hd3eCba9jzVVVB3hPSM3LYXEMdZF5t9t5MY2o24mG6qFSXshAIQ==
age: 2540037
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/13125860.webp?k=35b70a7e8a17a71896996cd55d84f742cd15724c3aebaed0d9b5ba19c53c430b&o=

143.204.55.112

200 OK

63 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/13125860.webp?k=35b70a7e8a17a71896996cd55d84f742cd15724c3aebaed0d9b5ba19c53c430b&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
63 kB (63344 bytes)
Hash
e965ab8e189b47c2552636ab3e7f7cb2
a558424ed2187f317d0bb28cf7e5924bff250bd7
28e8056b22b0dd18679873e59d4d0ddf9233236584922bfbc0346cb4864b5e33

HTTP Headers

GET /xdata/images/hotel/square600/13125860.webp?k=35b70a7e8a17a71896996cd55d84f742cd15724c3aebaed0d9b5ba19c53c430b&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Thu, 28 Mar 2024 14:58:52 GMT
etag: "ab8b7d74b7a68414c25e711fee70e7eba3ef2ff8"
content-language: 63344
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Rz9mbZJrlukxNmkqEr1s8UBA5qnmTdjw4ZwKJ3YvADXUyJPscZlkhg==
age: 1651887
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/hotel/263x210/100235855.jpeg?k=5b6e6cff16cfd290e953768d63ee15f633b56348238a705c45759aa3a81ba82b&o=

143.204.55.112

200 OK

12 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/hotel/263x210/100235855.jpeg?k=5b6e6cff16cfd290e953768d63ee15f633b56348238a705c45759aa3a81ba82b&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
12 kB (12530 bytes)
Hash
0ec8a6acafd2ff94ead2387aac012c13
697cbd26baa47a35a86eb6feab2a7d9a9720947f
48f88e754655911d3a8885792052da8dddccd607f64f7e030ffad6fb2d283a37

HTTP Headers

GET /xdata/images/hotel/263x210/100235855.jpeg?k=5b6e6cff16cfd290e953768d63ee15f633b56348238a705c45759aa3a81ba82b&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Wed, 03 Apr 2024 06:31:22 GMT
content-language: 12530
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "9aff9e5c9b69d9442b7f563196b1a2235d432b9f"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6lcqqB7ZJxNXBpH76vime0fIiaUzIQfv5DYGZA3YvcsnLlFhIdqXbg==
age: 1163936
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/34405073.webp?k=fec9d1956d8581db5bb623e7e3b3f9129c2e230b21ec428b542a242347526db0&o=

143.204.55.112

200 OK

20 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/34405073.webp?k=fec9d1956d8581db5bb623e7e3b3f9129c2e230b21ec428b542a242347526db0&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
20 kB (19596 bytes)
Hash
ee49e7e6ff0533eee10a6d9db30ac3c0
2355d4dec9a6cb6925e49b0fd19fa97a7ee2971d
31e988f46466aebc518dbc3b1401eaaf77dcb17acf6534514f76704ce715b9d8

HTTP Headers

GET /xdata/images/hotel/square600/34405073.webp?k=fec9d1956d8581db5bb623e7e3b3f9129c2e230b21ec428b542a242347526db0&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Fri, 05 Apr 2024 11:41:38 GMT
etag: "3ddc8a8fce6c693d8dac83c4963d3b72866ee6bf"
content-language: 19596
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rnXOT3X2S96DZinDyq_zaP2crBOzlpV0Iq4lD9FzeXAEPBPxH_p2Zg==
age: 972521
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/genius_vip_cloudfront_sd/aae975495cc56436f4f59463b9ea4e594bdb102a.js

143.204.55.112

200 OK

3.4 kB

URL GET HTTP/2
cf.bstatic.com/static/js/genius_vip_cloudfront_sd/aae975495cc56436f4f59463b9ea4e594bdb102a.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3590), with no line terminators
Size
3.4 kB (3448 bytes)
Hash
b25b78915f27efe38c7124529f289703
a86abb1566b57bf2ff44892a863a710d27858a21
b9485b47a16c343fb4ef11e02dbe56d724a156b5daff01bfa056ddd1f291ee20

HTTP Headers

GET /static/js/genius_vip_cloudfront_sd/aae975495cc56436f4f59463b9ea4e594bdb102a.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 13 Apr 2024 01:07:29 GMT
last-modified: Wed, 01 Nov 2023 08:40:16 GMT
etag: W/"65420ef0-d78"
expires: Mon, 13 May 2024 01:07:29 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4wRTP_SjHl2PCibOTDamO0MxoFhXOvxHDm5KmJYTOIWWpqW34fwaBA==
age: 319367
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/97a643cd.b0e8ae10.chunk.js

143.204.55.112

200 OK

20 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/97a643cd.b0e8ae10.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19646)
Size
20 kB (19758 bytes)
Hash
b2c124026779587267b8fc0e4e153201
2b2cf1f1c0eca138a50c812517e90652a5b4aea8
7fa3b2674b0fba4cdf547e0d4198cb75b2357250ecd09df64c940556da52fe5c

HTTP Headers

GET /psb/capla/static/js/97a643cd.b0e8ae10.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 05:19:50 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: 0I2LPFyRW0WDHFu2m6sWM5Z.lkpSNcVZ
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 12:38:22 GMT
etag: W/"b2c124026779587267b8fc0e4e153201"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: USCTVOCWKyqstb1XHZP0rJOoGlVVhnj5TRIpmAzKcqLyApfG2FyZVQ==
age: 18715
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450113.jpeg?k=76b3780a0e4aacb9d02ac3569b05b3c5e85e0fd875287e9ac334e3b569f320c7&o=

143.204.55.112

200 OK

9.3 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450113.jpeg?k=76b3780a0e4aacb9d02ac3569b05b3c5e85e0fd875287e9ac334e3b569f320c7&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
9.3 kB (9274 bytes)
Hash
688b2d746bad439cade3efaa688d426b
de138925fb4975a2538828cc47b674ba4cba76bb
24f12dfd0c5f3d491c3ccb07c49c47cf79a245fe7e03f7dc8e4c99b547ccf0df

HTTP Headers

GET /xdata/images/xphoto/263x210/45450113.jpeg?k=76b3780a0e4aacb9d02ac3569b05b3c5e85e0fd875287e9ac334e3b569f320c7&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Tue, 02 Apr 2024 01:33:10 GMT
content-language: 9274
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "f54682fe18b2242ab1e391471df4e81e848b0a88"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 907iS68ARV63j8agJMSYD3B6wlNC-pq5_IN0XMHtcaZfU_XF2ICPpA==
age: 1268228
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450113.jpeg?k=76b3780a0e4aacb9d02ac3569b05b3c5e85e0fd875287e9ac334e3b569f320c7&o=

143.204.55.112

200 OK

9.3 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450113.jpeg?k=76b3780a0e4aacb9d02ac3569b05b3c5e85e0fd875287e9ac334e3b569f320c7&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
9.3 kB (9274 bytes)
Hash
688b2d746bad439cade3efaa688d426b
de138925fb4975a2538828cc47b674ba4cba76bb
24f12dfd0c5f3d491c3ccb07c49c47cf79a245fe7e03f7dc8e4c99b547ccf0df

HTTP Headers

GET /xdata/images/xphoto/263x210/45450113.jpeg?k=76b3780a0e4aacb9d02ac3569b05b3c5e85e0fd875287e9ac334e3b569f320c7&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Tue, 02 Apr 2024 01:33:10 GMT
content-language: 9274
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "f54682fe18b2242ab1e391471df4e81e848b0a88"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hbEuA_oAUrJY0GFVk9Ber1TPJjwLkXeFt5eEVVvjQopGBBGy8rnF_g==
age: 1268228
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/398620320.webp?k=10e476830ecfd5a062072a6318612393bc414bd75c10bb44dd29a1d6de5b225b&o=

143.204.55.112

200 OK

32 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/398620320.webp?k=10e476830ecfd5a062072a6318612393bc414bd75c10bb44dd29a1d6de5b225b&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
32 kB (31994 bytes)
Hash
de64ee81621ba1ad3857b0a50de527a4
a49fc890be0160a580e6581046dd8e6942dca3ff
f96309d4f154c0668d61e54c4f2f634c7e47a5b6546b250eb5205950c1e75577

HTTP Headers

GET /xdata/images/hotel/square600/398620320.webp?k=10e476830ecfd5a062072a6318612393bc414bd75c10bb44dd29a1d6de5b225b&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Fri, 29 Mar 2024 04:57:26 GMT
etag: "de0ee137ea2de702fb246777996bd787657681ca"
content-language: 31994
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _QcG7XqPk79a6YVID52gsLSE6Ns08moNAhljDekpGIELEjr7_6WuxQ==
age: 1601573
X-Firefox-Spdy: h2

accommodations.booking.com/orca/chunk-metadata?chunk=b9a82cb8&mfe=b-index-lp-web-mfe&lang=en-us&namespace=NdHKJSSU

54.230.111.123

200 OK

6.8 kB

URL GET HTTP/2
accommodations.booking.com/orca/chunk-metadata?chunk=b9a82cb8&mfe=b-index-lp-web-mfe&lang=en-us&namespace=NdHKJSSU
IP
54.230.111.123:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (7190), with no line terminators
Size
6.8 kB (6834 bytes)
Hash
f4a08798c4c309b183707757011eebe9
f7d8df51f749e5821e276ea7c42ff625c7ddaa94
14f8b2a3a56dd42d70bd498d0a99c8f64a6ae564107ae2e12ad9bf2da85e3fe4

HTTP Headers

GET /orca/chunk-metadata?chunk=b9a82cb8&mfe=b-index-lp-web-mfe&lang=en-us&namespace=NdHKJSSU HTTP/1.1
Host: accommodations.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
x-booking-et-serialized-state: E8zvz6OpxgXskSsmsqpm8DXDuFKQccDOKfpjXS_j0phxn8F2I21Og-8o2qwaEPsHa
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
server: nginx
date: Tue, 16 Apr 2024 17:50:17 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
vary: Accept-Encoding
referrer-policy: no-referrer
content-encoding: gzip
x-xss-protection: 1; mode=block
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b_slTAsdcnH7lSEqqEUYMox-vrahi-Wut_BZTaJI1VfI0tZd6GBi1w==
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/87428762.webp?k=de5db8fe94cbfe08d3bf16d3c86def035fd73b43ee497cffe27b03363764e0e2&o=

143.204.55.112

200 OK

51 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/87428762.webp?k=de5db8fe94cbfe08d3bf16d3c86def035fd73b43ee497cffe27b03363764e0e2&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
51 kB (50654 bytes)
Hash
b78a0ad601d2cc6e533af5437a41fb00
23b3fa91abc6e4ef7013a96dee0ada79733d17f0
1c730f4c5d2b6a5e5f7a5f354a807fa4fd2c013cec9695bc9a92e5547cb8a75a

HTTP Headers

GET /xdata/images/hotel/square600/87428762.webp?k=de5db8fe94cbfe08d3bf16d3c86def035fd73b43ee497cffe27b03363764e0e2&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Thu, 28 Mar 2024 14:58:52 GMT
etag: "a9bafcb9600caeddef6df26171d5f5713b83b75a"
content-language: 50654
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J0JCmnnW3aNWdDnOGMR-YhvnjMw0Q572qQhlwCR97s0UIoGUuCfJ6w==
age: 1651887
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/18cad957.827e1cbd.chunk.js

143.204.55.112

200 OK

38 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/18cad957.827e1cbd.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (37896)
Size
38 kB (38089 bytes)
Hash
e3e91829ee2579db9788e879a8b9e307
9c9f55838a0d3d30e4b011fee038f55ac5efb353
c4d4fd41208c7f61a878cf00bff4f1f7e55d411239181ad6646b20d2d1e04ecd

HTTP Headers

GET /psb/capla/static/js/18cad957.827e1cbd.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 10:15:25 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: wMB8HNBqoiKOLYC9lHQXqe9rDWaoQI3O
server: AmazonS3
content-encoding: br
date: Tue, 16 Apr 2024 11:24:01 GMT
etag: W/"e3e91829ee2579db9788e879a8b9e307"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 79Go4h0j4Ft8jjYhlVNEyDOsRb0vIxG8rRsDiwMimQJxX_5h0ZBtUw==
age: 23176
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/d9560671.5c8217f2.chunk.js

143.204.55.112

200 OK

221 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/d9560671.5c8217f2.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
221 kB (220596 bytes)
Hash
a1b0c4116f3cee9d0fe211cc73d499fe
83e60173e4366765518fe3f8a6c1da477b40def6
ed26f55485733699a5edb850c534030150a1700bdcbbe2f60e60b4fc66f875a6

HTTP Headers

GET /psb/capla/static/js/d9560671.5c8217f2.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 17:54:00 GMT
last-modified: Mon, 15 Apr 2024 14:39:52 GMT
etag: W/"a1b0c4116f3cee9d0fe211cc73d499fe"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: O8X5OF803FB557K45CV856wJSbO_wSMt
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9eBLJetJG1rsFGsprpKGRXKKlwqK8YlFwWkeLCHf0wTJJhXBOgB1pg==
age: 86177
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/210792809.webp?k=6170b51b1f9356c201baa66e7baac73172a8469c3172fa778807440c35bdb7b9&o=

143.204.55.112

200 OK

38 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/210792809.webp?k=6170b51b1f9356c201baa66e7baac73172a8469c3172fa778807440c35bdb7b9&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
38 kB (38024 bytes)
Hash
d7bd697a145dca7e96b74b2e22b675fc
d7d6250840e0c0669ac303575a8cdc6363569133
7b8714f40119313ded2df56f244ce398edfb8c4c133e948a34daf441d11af8c1

HTTP Headers

GET /xdata/images/hotel/square600/210792809.webp?k=6170b51b1f9356c201baa66e7baac73172a8469c3172fa778807440c35bdb7b9&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Sat, 30 Mar 2024 06:30:13 GMT
content-language: 38024
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "b48b1f0a21d2a22eb3678afffd092603f86a0391"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -FfnZ2qfTsbi4oJIZ_i3vYixBmPrxHMJGA2eb7aZNATesnnK3RoUaA==
age: 1509606
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/8067d7e4.25886bdc.chunk.css

143.204.55.112

200 OK

374 B

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/8067d7e4.25886bdc.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (375), with no line terminators
Size
374 B (374 bytes)
Hash
876eed025a54d6b93698053149e966dc
9e68a406affb46a4f0d09a528ab39d6d35b59e2d
33888a808fe6645148c2d3c53ebcba6c4925b23ba0acbbaab50dccce8b0df84c

HTTP Headers

GET /psb/capla/static/css/8067d7e4.25886bdc.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 374
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 13:39:46 GMT
etag: "016566cf5ecce0a1e5c9c10bd57404ff"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: 9t2Y4wQOSeuS.35YsnCRPM_krtyWa9CL
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hlmNFrQmsa_JSbUHpoa03D06z8djP3V0oWjxd9zd462eHSTov7myww==
age: 81337
vary: Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/6758081d.ab2a4c1c.chunk.js

143.204.55.112

200 OK

1.5 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/6758081d.ab2a4c1c.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1554), with no line terminators
Size
1.5 kB (1521 bytes)
Hash
e9af4c0eba6de90521f53aecaf1308e2
9f34260f3f88f9ec3c8b2d25abc014f542fe8fef
fcccbcbde03dd0adec9117620201257dc3f07baad91d654f455040bb6f042071

HTTP Headers

GET /psb/capla/static/js/6758081d.ab2a4c1c.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 14:39:48 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: cUNH7wbXpkki.C0AI9EBUo6xx2vURhEq
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 14:41:30 GMT
etag: W/"e9dc307f20d8d6f88a02a01a0616effb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: th8CbY9Iy6lDBzt6g65NQGq2o3sLfezldg3rkp5Jjas_w-xD0rZXjg==
age: 11327
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/hotel/263x210/52979454.jpeg?k=6ac6d0afd28e4ce00a8f817cc3045039e064469a3f9a88059706c0b45adf2e7d&o=

143.204.55.112

200 OK

9.0 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/hotel/263x210/52979454.jpeg?k=6ac6d0afd28e4ce00a8f817cc3045039e064469a3f9a88059706c0b45adf2e7d&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
9.0 kB (8970 bytes)
Hash
75b0d53918deea91a4ea3288097be7ee
1d53635cf9a9dba8f817fb350a3fe1ad7b12cd01
5298b0b9ba74933e25102c551f6db4aa703a251a85ec56ca940d589cb4c9ad45

HTTP Headers

GET /xdata/images/hotel/263x210/52979454.jpeg?k=6ac6d0afd28e4ce00a8f817cc3045039e064469a3f9a88059706c0b45adf2e7d&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sat, 06 Apr 2024 12:54:56 GMT
content-language: 8970
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "1842ab68bb857fcaf0b89118d9a34c5f6e21b909"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BEj4zs3Dtb18Yo1fKjYYgaga1yoJB0Q4kxY7P9UYFjW5eK_itYqpIw==
age: 881722
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/region/170x136/48107.jpg?k=bc7ff9cf4d26882ff93f92643455885a88b9b0ae37b9ed109687ad0890af2dfd&o=

143.204.55.112

200 OK

4.8 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/region/170x136/48107.jpg?k=bc7ff9cf4d26882ff93f92643455885a88b9b0ae37b9ed109687ad0890af2dfd&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x136, components 3
Size
4.8 kB (4829 bytes)
Hash
618f36c6dca24c1e13f65743924ad4d6
1cdfec657ca8b3ce961107de24a0a3c467cfc161
fc9631742c03f76f2df1dc803bff39e7c53ae024541dcfbed7b8c05f45dbf180

HTTP Headers

GET /xdata/images/region/170x136/48107.jpg?k=bc7ff9cf4d26882ff93f92643455885a88b9b0ae37b9ed109687ad0890af2dfd&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 4829
server: nginx
date: Sun, 31 Mar 2024 14:27:54 GMT
etag: "1f2e06af21700f3a8c1ef023dbce26ff576102bf"
content-language: 4829
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T1gYCyEQ8LXOh4ImdsVi5bD2EaDeIBmAO7cEkKX9i9kDrLPvZC5kpw==
age: 1394544
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040615.jpg?k=449a43427323361965f4047b330de433db635dc8c25aa18a0197f7d59d8d7365&o=

143.204.55.112

200 OK

10 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040615.jpg?k=449a43427323361965f4047b330de433db635dc8c25aa18a0197f7d59d8d7365&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
10 kB (10315 bytes)
Hash
91c7fdd6505867c0ee9e13a3017647a5
444ead4326d2c5f8edb01d1d2abbd78181919b28
f1d64eeb728a91edae9882323eb2e22ca48cc0b783d1a82a81a8f888dea57e49

HTTP Headers

GET /xdata/images/xphoto/300x240/140040615.jpg?k=449a43427323361965f4047b330de433db635dc8c25aa18a0197f7d59d8d7365&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 31 Mar 2024 04:42:25 GMT
etag: "db55823b3464614d960927640949f29f8777024c"
content-language: 10315
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3UVhm_1ZUUA2fzrOYxNMoJiYXadzT6qfKJ-mIGN--vJVi0-0enTL_g==
age: 1429673
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/7943e0ea.68af9cf4.chunk.js

143.204.55.112

200 OK

170 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/7943e0ea.68af9cf4.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
170 kB (170528 bytes)
Hash
2a3b093fb92ff5e685b8ff752b752857
4d9c094da023640ebc9648ceab6af08c2ca19756
a2666fd5a9ec118e7222dcacd1488c84cd9b10db76afc182753ad964839b9973

HTTP Headers

GET /psb/capla/static/js/7943e0ea.68af9cf4.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 14:39:49 GMT
etag: W/"2a3b093fb92ff5e685b8ff752b752857"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: Apmmw4gZjcKvjJJQJZTjO09oLvPD0Z5E
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QuNd-Av3JEkWx_AKAJNWy51bGxlZB4ypnewwjLLUOCtpelSzuSMzZw==
age: 81337
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/b9a82cb8.c62928a4.chunk.css

143.204.55.112

200 OK

374 B

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/b9a82cb8.c62928a4.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (375), with no line terminators
Size
374 B (374 bytes)
Hash
8a79199c4daf624a64d5be8a9b8a6ef6
99b40fe2471f0e7ce73e4d0f4d91a1995315e538
7b0d19a1b2e9f2616ead88bb18b67d5cbf3a5c2a44e7977aba8dae27825f5c23

HTTP Headers

GET /psb/capla/static/css/b9a82cb8.c62928a4.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 374
last-modified: Sun, 14 Apr 2024 05:17:16 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: _y2UsAhYOEsXL1dhoH_iPUgHRWIiaYLH
accept-ranges: bytes
server: AmazonS3
date: Mon, 15 Apr 2024 20:02:27 GMT
etag: "d4cb397172a601054d15e416b713f8b5"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mxxQKqFRWN_3GcW853cm_0zf6ty6DFboyC-H5RxglliXja5c6d5CmA==
age: 78471
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450056.jpeg?k=251e2507d43a24a4c58bb961b8d157147d56efbf91b49f9606bc768c58f581e4&o=

143.204.55.112

200 OK

0 B

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450056.jpeg?k=251e2507d43a24a4c58bb961b8d157147d56efbf91b49f9606bc768c58f581e4&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xdata/images/xphoto/263x210/45450056.jpeg?k=251e2507d43a24a4c58bb961b8d157147d56efbf91b49f9606bc768c58f581e4&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 08 Apr 2024 10:45:21 GMT
content-language: 13102
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "c408c193e9cbf1666a3bde4c62115b2ece30df49"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RISj21mCgRmRGQQzJwnuOjR-a4PwjeB8XJEdoZGddzSOsTQykkrjHw==
age: 716697
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040830.jpg?k=5e4e2a3394abd905f48731725d0fec5d55946e3cff69a4c3206ea2a42854ff3f&o=

143.204.55.112

200 OK

7.2 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040830.jpg?k=5e4e2a3394abd905f48731725d0fec5d55946e3cff69a4c3206ea2a42854ff3f&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
7.2 kB (7193 bytes)
Hash
009346c9db58c2efaf230dd0ca503ed9
932f2979facd8e638bfd3d3fc0eaa518ace62c92
a14cbf97c0e94bb86942954126cd1c2e5d4b6782e3f0279c2854e8e3f4925d9b

HTTP Headers

GET /xdata/images/xphoto/300x240/140040830.jpg?k=5e4e2a3394abd905f48731725d0fec5d55946e3cff69a4c3206ea2a42854ff3f&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 7193
server: nginx
date: Tue, 19 Mar 2024 07:43:23 GMT
etag: "fbe6335d71a9b23ceb76103ae65730e41b98e3e9"
content-language: 7193
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C9qAuSeJv9Al069lS_1ZI0OaIHw1b-BupJohWbhlVrKQ8QyBjCgK7w==
age: 2455615
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040604.jpg?k=d978d29cb4842114c24f6a0de7c43aa2537ddc60901aa4f416f95eb872dacc80&o=

143.204.55.112

200 OK

17 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040604.jpg?k=d978d29cb4842114c24f6a0de7c43aa2537ddc60901aa4f416f95eb872dacc80&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
17 kB (17395 bytes)
Hash
c3c3b65b5c56377b4d22b5d57d1da69d
593fee72c5137db43c9d8070e57ffe1da290ab25
4d94514369b76008e8b4db81d84cc5fcb12a2f0182be1fd2a198ec89dbe37a63

HTTP Headers

GET /xdata/images/xphoto/300x240/140040604.jpg?k=d978d29cb4842114c24f6a0de7c43aa2537ddc60901aa4f416f95eb872dacc80&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 28 Mar 2024 18:20:10 GMT
etag: "ef632193f412ba80c249d7e30e2872817e29246f"
content-language: 17395
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Rvz5jF8EDYCSbIO0xfuSuATtGDWUsTahHvsao8IvANsAi676Lgrsgg==
age: 1639808
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450097.jpeg?k=eac0f917a53dc395bd379fef8c191e7d5e37012b68e60232e4f6bba2a2901b7a&o=

143.204.55.112

200 OK

13 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450097.jpeg?k=eac0f917a53dc395bd379fef8c191e7d5e37012b68e60232e4f6bba2a2901b7a&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
13 kB (12638 bytes)
Hash
04512024ddb6c46c1f3ac299772afb1a
ff8a0c294780539fe8f873dad046bb227a4bf4db
75db3132568d756598728736eb981bfb3c05f7337c54ad5113ce1a3c8f3791cd

HTTP Headers

GET /xdata/images/xphoto/263x210/45450097.jpeg?k=eac0f917a53dc395bd379fef8c191e7d5e37012b68e60232e4f6bba2a2901b7a&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 01 Apr 2024 15:31:08 GMT
etag: "dc84adde45484260042e63cb655e57653dd37ff8"
content-language: 12638
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fDSm992oUTsX4TCvGojbK9PA7WpLj2wb0-jFhgZ9jBC-OP6Adc0LHA==
age: 1304350
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/city/170x136/740935.jpg?k=d90fa40b53bd16d8d06214496648ebbbccb96cff3946793c569e50103d363ec1&o=

143.204.55.112

200 OK

5.5 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/city/170x136/740935.jpg?k=d90fa40b53bd16d8d06214496648ebbbccb96cff3946793c569e50103d363ec1&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x136, components 3
Size
5.5 kB (5506 bytes)
Hash
afd71fd06632ac473b4c251dffc12f63
e9d7fc8cf381fa446a6c32178db4de8c5eaf7262
c9a8fd71cb76919e8b749e4b4055810bb6f6ab84f1171d06bdd70b02893c95cb

HTTP Headers

GET /xdata/images/city/170x136/740935.jpg?k=d90fa40b53bd16d8d06214496648ebbbccb96cff3946793c569e50103d363ec1&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 5506
server: nginx
content-language: 5506
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Thu, 28 Mar 2024 06:03:52 GMT
cache-control: max-age=2592000
etag: "f5b49c8fdf8a6456146164dfee48119609520783"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Nw4xx6YoBcz8biC9RnxHEj-nhRop3gHZUortBVWNBErvhpPwnMmuOg==
age: 1683986
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/city/600x600/977262.jpg?k=2b852648c76ccaff8be05333057712eda873343dfaa79cd23e55534a1a55aecc&o=

143.204.55.112

200 OK

104 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/city/600x600/977262.jpg?k=2b852648c76ccaff8be05333057712eda873343dfaa79cd23e55534a1a55aecc&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x600, components 3
Size
104 kB (104054 bytes)
Hash
9e76748d372f43f3c70913db8fb4b4b6
8576bee89b25b0cf56805bd6d2e82cc5b11d5eae
4188b77ce80f546eebdb6c1d3dd95160b3d36b1e0fad8722c7e8c4591de87390

HTTP Headers

GET /xdata/images/city/600x600/977262.jpg?k=2b852648c76ccaff8be05333057712eda873343dfaa79cd23e55534a1a55aecc&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 04 Apr 2024 14:32:57 GMT
content-language: 104054
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "2082d51dfb19f44bdc31100a407237918470362f"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7qkjBpMoHpprCW2oJXKnSAq1JiqxQ-PipHCyZVSAlNC1IoOahOVMyw==
age: 1048638
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/atlas_cloudfront_sd/7aaea4329a86dd9e6dc4d51a92fef5573f6f9c09.js

143.204.55.112

200 OK

120 kB

URL GET HTTP/2
cf.bstatic.com/static/js/atlas_cloudfront_sd/7aaea4329a86dd9e6dc4d51a92fef5573f6f9c09.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
120 kB (120436 bytes)
Hash
666f1d5f09457615243bf4310f5c3e48
9b4f21312bbf59a1e30abf4e4db6ccc5a7aa597f
4edf6972e93e28d325080452b9e82a312493e68327e9cf374c27d9502f07176d

HTTP Headers

GET /static/js/atlas_cloudfront_sd/7aaea4329a86dd9e6dc4d51a92fef5573f6f9c09.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 21 Mar 2024 09:45:16 GMT
last-modified: Thu, 26 Oct 2023 09:29:15 GMT
etag: W/"653a316b-1d674"
expires: Sat, 20 Apr 2024 09:45:16 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f09DMNsHV7DjwAzG3nsJq5BxMcPt8eUMs1EDY4TQYeS6Fec5-p9UCg==
age: 2275501
X-Firefox-Spdy: h2

www.booking.com/navigation_times

54.230.111.57

202 Accepted

0 B

URL POST HTTP/2
www.booking.com/navigation_times
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /navigation_times HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Content-Type: application/x-www-form-urlencoded
X-Booking-CSRF: l/IeZgAAAAA=BVyfpIXbtEd8ikiwCPMc1R90gP_w1JDkxjMOqcOosVmOZ_HShux4glJ448KpmPXdfw3jBZjuS13ilZlMmLqs8j3A5AHRbrPNhbUDas0v6AfRbJwVwbbYPUqO20I0c9I4IH1y4W9LLjko2G4BDArKrUIFVT1J7_lA05m3dNrSC50cP-BGQi5MMj-MrP3XCa_HG1ijPkdKRLf1Pkvr
Content-Length: 492
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPedQbj6gJ91YLqjhOOZS86e37UfsoO3uO2F411N%2BjzDPo7bLKiMcc6cYHAC1FjOSF9CBZPZQCkCSDJRPk0cow1ZCx3kKt6LE0cicr1WuXwHxm1OSuOesIrMgMR1SHLNzfWLVN91vAXkSP6cLpN%2Fl2uYVdG93hjDS7%2Bk%3D; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238&isGpcEnabled=0&datestamp=Tue+Apr+16+2024+17%3A50%3A18+GMT%2B0000+(GMT)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=956986c8-8261-4674-9326-f3228b804c7f&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.booking.com%2F; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 202 Accepted
content-type: image/jpeg
content-length: 0
server: nginx
date: Tue, 16 Apr 2024 17:50:18 GMT
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3XzWn39Jg4pz1bhzg6bwMJgzGL58p43rckeDee3eAGYI%2FXbT5tBWDOv8K0jGSzMFdWj705TdoCS3iBes9Qqjsa4lWn%2FIVVJaDHNxaf6Aqa6jGYhZ3C%2FzS8OMk%2FX64utdaBgHDTRh2seuIe4WnxqQGRH8Wo6TNWMiCY%3D; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=2592000; includeSubDomains
x-content-options: nosniff
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=49c17d6d4f260312&e=UmFuZG9tSVYkc2RlIyh9YfnWSDpdIwKzDzbKZoiCiJvGOjz_02SNvdsRpz3hHcdKkLWJn3OJr9M
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5LOBcgyI0oYwee33twUb-ktvfU2BVgxdjHddt-_0OxCm5owkeC6sIA==
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/57175023.jpeg?k=dc0319d4d64ded9ee4b0ddb162a2e80db7899300b7bf21b34506888895d74c79&o=

143.204.55.112

200 OK

14 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/57175023.jpeg?k=dc0319d4d64ded9ee4b0ddb162a2e80db7899300b7bf21b34506888895d74c79&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
14 kB (13480 bytes)
Hash
838fddff0171ed1414657c25c01ecbbe
d5141d047b54962f9572d8647909b23bf971cb3b
b2d4d41198dc45e52894033452988cdfbec766e6d9c04089070db89033acc4bf

HTTP Headers

GET /xdata/images/xphoto/263x210/57175023.jpeg?k=dc0319d4d64ded9ee4b0ddb162a2e80db7899300b7bf21b34506888895d74c79&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:54:46 GMT
etag: "e9c81ccefec3df0c3ad1dfa69d4de520dfc7eb38"
content-language: 13480
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 75oE3O2cGvGRfyVkX4wBOjvL3V9DUwra4nKRxhQXIKeKtuiBUYHkZA==
age: 2271332
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x197/321668686.jpeg?k=7f37a8b44836211b20724e0deda325a49e5a39e4374e1460d85b4f72d72c43a4&o=

143.204.55.112

200 OK

13 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x197/321668686.jpeg?k=7f37a8b44836211b20724e0deda325a49e5a39e4374e1460d85b4f72d72c43a4&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Size
13 kB (12833 bytes)
Hash
49df705fd33f8055ce6b8a88771d2864
e04f658e97384e639896d9ab182cb6cd5fa62984
8cb60233644f026c2f214005887bfc82903f32314ff0a1ec5d97512decc80c23

HTTP Headers

GET /xdata/images/xphoto/263x197/321668686.jpeg?k=7f37a8b44836211b20724e0deda325a49e5a39e4374e1460d85b4f72d72c43a4&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 05 Apr 2024 12:48:09 GMT
etag: "7ab1ae7bf946f5b061188baabb9981ea6dd009dd"
content-language: 12833
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VP5D6M3u4QcyEs6N2qfTPEDm7ZIAC1VI6E3YH2rjTsi-bze9_dzsEQ==
age: 968529
X-Firefox-Spdy: h2

t-cf.bstatic.com/design-assets/assets/v3.81.0/fonts-brand/BookingExtraBold.woff

143.204.55.112

200 OK

41 kB

URL GET HTTP/2
t-cf.bstatic.com/design-assets/assets/v3.81.0/fonts-brand/BookingExtraBold.woff
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 40640, version 2.0
Size
41 kB (40640 bytes)
Hash
44bb644882b70aa9444e491e812d4a4b
65f9d0215301cecc36b1433e562b131f7d26ad24
96962b05c04ea77d8261a870a4cda2784fa137ec63350587eb46b75f40d126c2

HTTP Headers

GET /design-assets/assets/v3.81.0/fonts-brand/BookingExtraBold.woff HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://cf.bstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff
content-length: 40640
last-modified: Tue, 25 Jul 2023 15:38:05 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 04:59:41 GMT
etag: "44bb644882b70aa9444e491e812d4a4b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5DI2pHdElSVaNBKePhrF3-vOvj2hYayj05KcbRv_MrYsYVI1rMzk3Q==
age: 47465
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140050118.jpg?k=24b8c58d2c51a2a0cd7bd122e8003ada2f94b4084df1fce8766c6c5607220da5&o=

143.204.55.112

200 OK

21 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140050118.jpg?k=24b8c58d2c51a2a0cd7bd122e8003ada2f94b4084df1fce8766c6c5607220da5&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
21 kB (21135 bytes)
Hash
0b223f3bb39ab2af5f6804e9d933a609
40c9e3824acd25092d2e62521581799670e7aa8f
06810bf274bdd81b5e956187d12b4e74ae2c554222395d9d740542fb91da33b8

HTTP Headers

GET /xdata/images/xphoto/300x240/140050118.jpg?k=24b8c58d2c51a2a0cd7bd122e8003ada2f94b4084df1fce8766c6c5607220da5&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 22 Mar 2024 11:38:54 GMT
etag: "d7802e108c07ceca64cbbabcbaeb7bdf99839486"
content-language: 21135
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UGXxj0r4A6PV42gG4eftinXxvAdv7R9GFe4deFvzmuefzlyNJC9KQw==
age: 2182284
X-Firefox-Spdy: h2

accounts.google.com/gsi/status?client_id=901905703382-m88jn1h9ll89odkt6t5muc6h7ep83rlh.apps.googleusercontent.com&as=u%2BpcCicp4rW33FXhn%2Fa19Q&has_opted_out_fedcm=false

108.177.14.84

200 OK

40 B

URL GET HTTP/3
accounts.google.com/gsi/status?client_id=901905703382-m88jn1h9ll89odkt6t5muc6h7ep83rlh.apps.googleusercontent.com&as=u%2BpcCicp4rW33FXhn%2Fa19Q&has_opted_out_fedcm=false
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://www.booking.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
48f35a7ad54e56c3d4ce860412297e5c
31ec147bffe63dad88f46a786c48107fed53db64
abb4c112e466ec135af9cc5fa6cf2713840284279cd6e182243ffc60f62f1edf

HTTP Headers

GET /gsi/status?client_id=901905703382-m88jn1h9ll89odkt6t5muc6h7ep83rlh.apps.googleusercontent.com&as=u%2BpcCicp4rW33FXhn%2Fa19Q&has_opted_out_fedcm=false HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 17:50:19 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-emkOcLFbl4RdeB7rrpy5Jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accommodations.booking.com/orca/chunk-metadata?chunk=b9a82cb8&mfe=b-index-lp-web-mfe&lang=en-us&namespace=NdHKJSSU

54.230.111.123

200 OK

0 B

URL OPTIONS HTTP/2
accommodations.booking.com/orca/chunk-metadata?chunk=b9a82cb8&mfe=b-index-lp-web-mfe&lang=en-us&namespace=NdHKJSSU
IP
54.230.111.123:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /orca/chunk-metadata?chunk=b9a82cb8&mfe=b-index-lp-web-mfe&lang=en-us&namespace=NdHKJSSU HTTP/1.1
Host: accommodations.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-booking-et-serialized-state
Referer: https://www.booking.com/
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 0
server: nginx
date: Tue, 16 Apr 2024 17:50:17 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-origin: https://www.booking.com
vary: Origin
access-control-allow-headers: x-booking-et-serialized-state
access-control-allow-methods: HEAD,OPTIONS,GET,POST
x-xss-protection: 1; mode=block
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3kunEWLeYdWHHqM73f-1iu79qf-qMJX--4tIoBF5xfbIkXdDulK48w==
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450090.jpeg?k=52f6b8190edb5a9c91528f8e0f875752ce55a6beb35dc62873601e57944990e4&o=

143.204.55.112

200 OK

12 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450090.jpeg?k=52f6b8190edb5a9c91528f8e0f875752ce55a6beb35dc62873601e57944990e4&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
12 kB (11795 bytes)
Hash
2a361664cb305310a4358bcfd299217b
319d5dbe2e9a02af52292e2c94467fbd4bd954ef
772bb85697eb54a5a021864874190a475188ce98c1a8840bb1fe72515dbbcdd8

HTTP Headers

GET /xdata/images/xphoto/263x210/45450090.jpeg?k=52f6b8190edb5a9c91528f8e0f875752ce55a6beb35dc62873601e57944990e4&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:52:30 GMT
etag: "78c06c289b99410d719289fe5882090079338c7f"
content-language: 11795
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CT5w-1Dx04CxgyXRsN3n1ExhDW2kb2e0dR6-hkkoTkZr0S8AkNEYvg==
age: 2271468
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/88dc35d3.a3e92ca1.chunk.css

143.204.55.112

200 OK

1.2 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/88dc35d3.a3e92ca1.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1254), with no line terminators
Size
1.2 kB (1247 bytes)
Hash
80b8fd4c41ae3c9adaf79274fddb3887
f9bc198aa63b69989b4bf63d7d3e985ccb92da5b
5ec42b9fe8868f4d2f7dda3818059f1a629c12a5a279f5fcb1b37a9ad8fc128a

HTTP Headers

GET /psb/capla/static/css/88dc35d3.a3e92ca1.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 15 Apr 2024 13:34:53 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: __RZjctwpB9_Tg.d56JoKpI7KuIK2DII
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 14:41:22 GMT
etag: W/"8abcfb8663ce2ff1aa86e82a8f0ddc84"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NkFSEka-YrsjoVttGCMG2cwNhUWOJGd902_TEHatSjpYaRj-dquJPg==
age: 11335
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/atlas_cst_cloudfront_sd/138d388521c0fb45e14005cb8098ebebb7158dce.js

143.204.55.112

200 OK

621 kB

URL GET HTTP/2
cf.bstatic.com/static/js/atlas_cst_cloudfront_sd/138d388521c0fb45e14005cb8098ebebb7158dce.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
621 kB (621029 bytes)
Hash
3a5094ad3864e2147bddb05eca0e04dc
93c30c0d71f5288a413b52af75a39e50422b5cf6
62e782627287817fdc848a0946c282383dfb97f00888ad3dff6dd92d657d021b

HTTP Headers

GET /static/js/atlas_cst_cloudfront_sd/138d388521c0fb45e14005cb8098ebebb7158dce.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 07 Apr 2024 02:30:50 GMT
last-modified: Wed, 10 Jan 2024 11:45:34 GMT
etag: W/"659e835e-979e5"
expires: Tue, 07 May 2024 02:30:50 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F6E2rVCWrNi4-qTxfyCkcjwbGUS-JpRmL9ZvpI6bSWh2i_axsYXsRQ==
age: 832766
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450279.jpeg?k=cb9ab85ffe439f3030e00281f2d52583a398bf076e54f00f746e1d1baf62bf6e&o=

143.204.55.112

200 OK

0 B

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450279.jpeg?k=cb9ab85ffe439f3030e00281f2d52583a398bf076e54f00f746e1d1baf62bf6e&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xdata/images/xphoto/263x210/45450279.jpeg?k=cb9ab85ffe439f3030e00281f2d52583a398bf076e54f00f746e1d1baf62bf6e&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 01 Apr 2024 15:31:08 GMT
etag: "3d39cce4848578b728f54bd5cf1f1e1c6619cc2b"
content-language: 18465
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TRJyqWfZvWjlgS27u-zxFrJzRnmPtREWIJUdsPHqZ2NEjzko27R2IA==
age: 1304350
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450075.jpeg?k=d23cf8443780ac09f46f59e40393d75dbe64b06029b4959c60b81b7fdefc9be0&o=

143.204.55.112

200 OK

10 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450075.jpeg?k=d23cf8443780ac09f46f59e40393d75dbe64b06029b4959c60b81b7fdefc9be0&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
10 kB (10192 bytes)
Hash
e70f1d1992db27cada3baaf01be89329
379e6db7407215eec854ae8523b0a88f6134b293
2c67010b9f685164bd1cf6b5fab39fd9f7b3a165357b15a6ca3de2cef7c796e1

HTTP Headers

GET /xdata/images/xphoto/263x210/45450075.jpeg?k=d23cf8443780ac09f46f59e40393d75dbe64b06029b4959c60b81b7fdefc9be0&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Wed, 20 Mar 2024 06:50:53 GMT
etag: "f6c79f7236f1e41145c4686341201c716b203f84"
content-language: 10192
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ErPMos_4ATwOIC9Elgz0K3lnPKiMH2e9V6UgnmDHS9E5LxzSPV5kCA==
age: 2372365
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/720x217/324562486.jpeg?k=981efa07850cd8e3935d5290488927e5db02da5873dcc63f1bc194699d10dc08&o=

143.204.55.112

200 OK

38 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/720x217/324562486.jpeg?k=981efa07850cd8e3935d5290488927e5db02da5873dcc63f1bc194699d10dc08&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x217, components 3
Size
38 kB (38319 bytes)
Hash
692f6e8af229b6ca95b6e56710a30cc2
ac3feefd77e48777f42adcbbc36fd5c064d2acbb
328e6a1d79cd4b320000fbe8251f72034ddaaac71c3eb0f570a4b3722ee2fe75

HTTP Headers

GET /xdata/images/xphoto/720x217/324562486.jpeg?k=981efa07850cd8e3935d5290488927e5db02da5873dcc63f1bc194699d10dc08&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Wed, 10 Apr 2024 12:50:43 GMT
etag: "eef7404bd505bfcdeb940f5d5ac865c0de1ff615"
content-language: 38319
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vm8oV3LRhnngVmoLHelRW9MoLaxcwraDYl8Sf4kkcQUwunE3SBavtw==
age: 536373
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/210792809.webp?k=6170b51b1f9356c201baa66e7baac73172a8469c3172fa778807440c35bdb7b9&o=

0.0.0.0

0 B

URL GET
cf.bstatic.com/xdata/images/hotel/square600/210792809.webp?k=6170b51b1f9356c201baa66e7baac73172a8469c3172fa778807440c35bdb7b9&o=
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xdata/images/hotel/square600/210792809.webp?k=6170b51b1f9356c201baa66e7baac73172a8469c3172fa778807440c35bdb7b9&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cf.bstatic.com/psb/capla/static/css/dc32f6b7.116c3af7.chunk.css

143.204.55.112

200 OK

3.9 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/dc32f6b7.116c3af7.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3851), with no line terminators
Size
3.9 kB (3850 bytes)
Hash
b0376f7880c430c3476dfec9ce76e32b
839dce3dfd6ebd34c8320cf7a8cc85a5d9990b31
856a451134791d9e15feb3b09bd55be1df2c99f3a2ec195a732008054215e5e7

HTTP Headers

GET /psb/capla/static/css/dc32f6b7.116c3af7.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 15 Apr 2024 19:22:08 GMT
last-modified: Mon, 15 Apr 2024 13:37:00 GMT
etag: W/"396b5f57ede1b9aaabe3a03852662815"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: VW8vo7AGr8IkwPpO2Rb1g26OqUSC_Tbe
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5157qSAZVyBTAgdRdsY1PLmYPjfFDWtJgi6hqT8T8Sw9ZV6fG3S-Rw==
age: 80889
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

accommodations.booking.com/orca/chunk-metadata?chunk=3c29a897&mfe=b-index-lp-web-mfe&lang=en-us&namespace=ZeVaZXaY

54.230.111.123

200 OK

830 B

URL GET HTTP/2
accommodations.booking.com/orca/chunk-metadata?chunk=3c29a897&mfe=b-index-lp-web-mfe&lang=en-us&namespace=ZeVaZXaY
IP
54.230.111.123:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (888), with no line terminators
Size
830 B (830 bytes)
Hash
c51529b850c898860d8190647b188e55
a39606c21d7bb9c94e948f09c68f7cd36d121846
3f4add1d60a2466788d4fb1196bb71d3772625cd13df01b5af9e6cc540e0923c

HTTP Headers

GET /orca/chunk-metadata?chunk=3c29a897&mfe=b-index-lp-web-mfe&lang=en-us&namespace=ZeVaZXaY HTTP/1.1
Host: accommodations.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
x-booking-et-serialized-state: E8zvz6OpxgXskSsmsqpm8DXDuFKQccDOKfpjXS_j0phxn8F2I21Og-8o2qwaEPsHa
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
server: nginx
date: Tue, 16 Apr 2024 17:50:17 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://www.booking.com
referrer-policy: no-referrer
content-encoding: gzip
x-xss-protection: 1; mode=block
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CUsJSb2CorQRG-ngV1AfL4nwdCT026wbSVRViPpRJ3B0yMDore-3hQ==
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/63bff8e9.cb5a2cf8.chunk.css

143.204.55.112

200 OK

374 B

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/63bff8e9.cb5a2cf8.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (375), with no line terminators
Size
374 B (374 bytes)
Hash
5e29714bbd9cc49ff785493ec3d1a0cc
60ef13b61b8521e3f5ba516db373a8c11aee263d
7f34957632b2124b77cd18634e5880aef38835c563397b81b283ed79423ee38f

HTTP Headers

GET /psb/capla/static/css/63bff8e9.cb5a2cf8.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 374
date: Mon, 15 Apr 2024 18:39:59 GMT
last-modified: Mon, 15 Apr 2024 14:39:45 GMT
etag: "80a9f98db4f665f660b25291c66d4cd5"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: 2__tgJFAj42HqPvyCP4XT66PzDRvrJQy
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RuV2JBL-TGi350tkRVIu4E6_eAbii6V83mPMzzYvX-F7qkp_hz_vMw==
age: 83418
vary: Origin
X-Firefox-Spdy: h2

geolocation.onetrust.com/cookieconsentpub/v1/geo/location

104.18.32.137

200 OK

72 B

URL GET HTTP/2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP
104.18.32.137:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.booking.com/
Certificate
IssuerCloudflare, Inc.
Subjectonetrust.com
Fingerprint9B:BC:B4:A8:C7:6C:6C:02:0F:FD:9F:06:F2:67:FB:DD:A1:E0:3F:47
ValidityMon, 13 Nov 2023 00:00:00 GMT - Tue, 12 Nov 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
adf75b99dbbf416c627dfc5de30f9ad1
699f3845f7dfb3fa9968c2117b44c3f3eb728fff
a0e4a8f457272bd17d07ae2e1e09731df6cc6fdc3ea9e32e713ef4a8a012fc27

HTTP Headers

GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:50:17 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8756044e1c25b51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/540x405/266633264.webp?k=7f9eb9bcfb7cd9189036fd6b28f51eb2373fb877f2b10681ae8abbb7a0c63613&o=

143.204.55.112

200 OK

32 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/540x405/266633264.webp?k=7f9eb9bcfb7cd9189036fd6b28f51eb2373fb877f2b10681ae8abbb7a0c63613&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 540x405, Scaling: [none]x[none], YUV color, decoders should clamp
Size
32 kB (31784 bytes)
Hash
f7d32e8abcd959e1af6e05f8d7a515b9
bc2de937153625e6e5c76d720fcb512bf249d433
02c9ad6d3a1c9456039b7dc5279ebbbf831e3fe3890d125c0d19a1e422f7ecc6

HTTP Headers

GET /xdata/images/xphoto/540x405/266633264.webp?k=7f9eb9bcfb7cd9189036fd6b28f51eb2373fb877f2b10681ae8abbb7a0c63613&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
content-language: 31784
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Thu, 04 Apr 2024 06:50:31 GMT
cache-control: max-age=2592000
etag: "fd71ca1d4ae81d5c5ce8bc184e9100bca098389a"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2U1-7quqlNfb3g82Acx5HMfmD8giSsL1PJTQ2PaBZoA1NMuhhEWqcg==
age: 1076385
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/city/600x600/644293.jpg?k=24c08396bd44343c9dcc78f0df41e114bf7e6aeda3d339101c37e7ba3aa707db&o=

143.204.55.112

200 OK

58 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/city/600x600/644293.jpg?k=24c08396bd44343c9dcc78f0df41e114bf7e6aeda3d339101c37e7ba3aa707db&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x600, components 3
Size
58 kB (57860 bytes)
Hash
5df7a16eaf126a61fc720bc0fe9a4950
aaea273239d0ca07a03c21cc2ebfe8b1e2d2d554
b70d2a3a7b2fa6d8af81bccda306bf170e6b22a3b000fbbe1751b7786ce6c65b

HTTP Headers

GET /xdata/images/city/600x600/644293.jpg?k=24c08396bd44343c9dcc78f0df41e114bf7e6aeda3d339101c37e7ba3aa707db&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-language: 57860
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Thu, 21 Mar 2024 07:27:41 GMT
cache-control: max-age=2592000
etag: "9ef8ef8b3d685f8929e0a569f314cb7f2d7c7fbb"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zu1N7BtDjzDHNYEV2F-e2E9BXUgaIh7r2Lc72FnAUmwURDNDS3K4Cw==
age: 2283755
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450056.jpeg?k=251e2507d43a24a4c58bb961b8d157147d56efbf91b49f9606bc768c58f581e4&o=

143.204.55.112

200 OK

13 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450056.jpeg?k=251e2507d43a24a4c58bb961b8d157147d56efbf91b49f9606bc768c58f581e4&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
13 kB (13102 bytes)
Hash
046a6e4db3f4ea1dc3b0044b48f93093
e0997c00add73d0b3b38ccc79e9ba67b447e3f59
6676ced592b6b4e143ff6a71c0dd4a0a0d0f2c040d7d689f58b0053e09c82365

HTTP Headers

GET /xdata/images/xphoto/263x210/45450056.jpeg?k=251e2507d43a24a4c58bb961b8d157147d56efbf91b49f9606bc768c58f581e4&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 08 Apr 2024 10:45:21 GMT
content-language: 13102
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "c408c193e9cbf1666a3bde4c62115b2ece30df49"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FGZWvdJ7mbwtIsxDpTShmk8a7sxXChTmEPI-aqe-aBYJ24XXhK75_w==
age: 716697
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/city/170x136/967857.jpg?k=5733a245dbb186ec0986c0a5c533acc704650d51cdfed7410cf0bcef375e5bc4&o=

143.204.55.112

200 OK

5.9 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/city/170x136/967857.jpg?k=5733a245dbb186ec0986c0a5c533acc704650d51cdfed7410cf0bcef375e5bc4&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x136, components 3
Size
5.9 kB (5863 bytes)
Hash
974a5478069b3972c9d477165b0704bc
66e215dcdd7180200eb06c2e430c44946a10b6d0
b335582be21d666553adacdaa635dbeb6c92e93f0e8172fa7848ceb60008b1cf

HTTP Headers

GET /xdata/images/city/170x136/967857.jpg?k=5733a245dbb186ec0986c0a5c533acc704650d51cdfed7410cf0bcef375e5bc4&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 5863
server: nginx
date: Tue, 16 Apr 2024 10:12:56 GMT
content-language: 5863
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "8fb9b3e2a7f5dccf0a6d0a7392f409b135d2f3af"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UNTnEkVEsu29QEAKOK3Ebwl5lM6eXvBY4NZ3TY55UVy2zkXp6MIWfw==
age: 27442
X-Firefox-Spdy: h2

www.booking.com/

54.230.111.57

200 OK

606 kB

URL User Request GET HTTP/2
www.booking.com/
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type

Size
606 kB (605807 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://air.bnb-id3204.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Tue, 16 Apr 2024 17:50:15 GMT
cache-control: private
vary: Accept-Encoding, User-Agent
content-encoding: br
link: <https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/851d9d90e70b111207ec88dd198b5ea33b3330f9.css>; rel=preload; as=style, <https://cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/f1558a6e9832a4eb8cfe1d3d14db176bd3564335.css>; rel=preload; as=style, <https://cf.bstatic.com/static/css/index_cloudfront_sd.iq_ltr/b376a4c8f7809544f3c3100ecadbc9b3ab82d340.css>; rel=preload; as=style, <https://cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/82553e98ffae657c57463aa497e9d8933a2ebe7f.css>; rel=preload; as=style, <https://cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/c4cea6cc4a62eba0342cfa9f4b20714a610dd010.css>; rel=preload; as=style, <https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/5b5ab8ab66a5ce3092875d0725122439c4f2dfdd.css>; rel=preload; as=style
nel: {"report_to":"default","max_age":604800}
report-to: {"max_age":604800,"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}]}
set-cookie: _implmdnbl=2__1__0; path=/; expires=Thu, 18-Apr-2019 17:50:15 GMT; HttpOnly
px_init=0; domain=booking.com; expires=Fri, 30-Sep-2078 11:40:30 GMT; SameSite=Strict; secure; HttpOnly
bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:15 GMT; Secure; HTTPOnly; SameSite=None
pcm_personalization_disabled=0; domain=booking.com; path=/; expires=Sun, 13-Oct-2024 17:50:15 GMT; Secure; HTTPOnly
bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; Domain=.booking.com; Path=/; Expires=Thu, 16 Apr 2026 17:50:15 GMT; HttpOnly; Secure; SameSite=Lax
pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; Domain=.booking.com; Path=/; Expires=Wed, 16 Apr 2025 17:50:15 GMT; HttpOnly; Secure; SameSite=Lax
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
x-terms-of-service: https://www.booking.com/content/terms.html
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BNuEGYIgelkT1ztz7q4-QhNl2rN8Xq4rHSU-w58vgvllBKJSG6isvw==
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/client.8e4324b2.js

143.204.55.112

200 OK

1.1 MB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/client.8e4324b2.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
1.1 MB (1064928 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /psb/capla/static/js/client.8e4324b2.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Fri, 12 Apr 2024 11:23:19 GMT
etag: W/"2f6cb0d0621ef907df15cfca8fd8ac76"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: .mX5t9dgagyvs8OBIMKBWUcZK1YOdAvR
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8Y_3SPyM8Rp4gAgLF6OhJPV0zUh9GCPrqxCL6erJnZbL_1suSAum0A==
age: 81337
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/city/600x600/972788.jpg?k=17f14338090f7f5bbad0443f01a24aed1e17bfc4cee5c0b0c16c0cad94146f05&o=

143.204.55.112

200 OK

60 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/city/600x600/972788.jpg?k=17f14338090f7f5bbad0443f01a24aed1e17bfc4cee5c0b0c16c0cad94146f05&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x600, components 3
Size
60 kB (59835 bytes)
Hash
f9a97a83ad1b3c40f11941ebf3fdf167
4a42c453ab4501cca180b41218fcf687869e4c36
c4549af2757e801e973af777565eb760942d1d15756965daea3d10d734353758

HTTP Headers

GET /xdata/images/city/600x600/972788.jpg?k=17f14338090f7f5bbad0443f01a24aed1e17bfc4cee5c0b0c16c0cad94146f05&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 29 Mar 2024 11:37:48 GMT
content-language: 59835
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "646d8a637ffd5d9d2623e3fd5ffc26dce5153ea2"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ix2vBxgvSJp-cbundxLLkmunFGVaxsklRVYs20a5if9zb05ylUacpQ==
age: 1577548
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/calendar2_cloudfront_sd/06071dd1c4e89fbe99e5ad6e21584a6bf9585e84.js

143.204.55.112

200 OK

52 kB

URL GET HTTP/2
cf.bstatic.com/static/js/calendar2_cloudfront_sd/06071dd1c4e89fbe99e5ad6e21584a6bf9585e84.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
52 kB (52156 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/js/calendar2_cloudfront_sd/06071dd1c4e89fbe99e5ad6e21584a6bf9585e84.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 21 Mar 2024 09:45:16 GMT
last-modified: Tue, 12 Jan 2021 10:06:38 GMT
etag: W/"5ffd74ae-cbbc"
expires: Sat, 20 Apr 2024 09:45:16 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MnI_axCX3bYsHL55qWfAWJjOqeUG9zvC5CxEo-_bbfeil5FfzmhPAQ==
age: 2275501
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450283.jpeg?k=44ef0e355cff36883935e4c99b5c01b035eabebad278d22363210b2fe40b2791&o=

143.204.55.112

200 OK

0 B

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450283.jpeg?k=44ef0e355cff36883935e4c99b5c01b035eabebad278d22363210b2fe40b2791&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xdata/images/xphoto/263x210/45450283.jpeg?k=44ef0e355cff36883935e4c99b5c01b035eabebad278d22363210b2fe40b2791&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 25 Mar 2024 20:07:10 GMT
etag: "7dcfcd553f0c70776bfeef049bb49be408eca4dd"
content-language: 12945
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 90rdY8gYFvCIN4IrRH4Q20wJzGV5dIkP77oKYH3wfIE7oO1PUD-sQg==
age: 1892588
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/13125860.webp?k=35b70a7e8a17a71896996cd55d84f742cd15724c3aebaed0d9b5ba19c53c430b&o=

0.0.0.0

0 B

URL GET
cf.bstatic.com/xdata/images/hotel/square600/13125860.webp?k=35b70a7e8a17a71896996cd55d84f742cd15724c3aebaed0d9b5ba19c53c430b&o=
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xdata/images/hotel/square600/13125860.webp?k=35b70a7e8a17a71896996cd55d84f742cd15724c3aebaed0d9b5ba19c53c430b&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cf.bstatic.com/static/css/print/0cc4ce4b7108d42a9f293fc9b654f749d84ba4eb.css

143.204.55.112

200 OK

5.0 kB

URL GET HTTP/2
cf.bstatic.com/static/css/print/0cc4ce4b7108d42a9f293fc9b654f749d84ba4eb.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5040), with no line terminators
Size
5.0 kB (5036 bytes)
Hash
689bfb4a6655c31e51465ba2a8562a49
a567c39c5556aa5b892c9e4ec64c89f4bf3445a3
d818703914dd98ca34912916271657909683dc9d83d91aaf90528918b428dc6b

HTTP Headers

GET /static/css/print/0cc4ce4b7108d42a9f293fc9b654f749d84ba4eb.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Mon, 18 Mar 2024 23:59:31 GMT
last-modified: Wed, 10 Apr 2019 11:21:34 GMT
etag: W/"5cadd1be-13ac"
expires: Wed, 17 Apr 2024 23:59:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F2QG1HeuEFm1dKUpa3-j-Fc_nzbsQ5OwX1v_Se3qNjZNj8c0GK5EHg==
age: 2483446
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/hotel/263x210/119467716.jpeg?k=f3c2c6271ab71513e044e48dfde378fcd6bb80cb893e39b9b78b33a60c0131c9&o=

143.204.55.112

200 OK

11 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/hotel/263x210/119467716.jpeg?k=f3c2c6271ab71513e044e48dfde378fcd6bb80cb893e39b9b78b33a60c0131c9&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
11 kB (10601 bytes)
Hash
33bfa10dc5bc4ef8339bd5abeb8548ea
957c2b9e899e2520a2c97f21d638fca030da5a43
0380753c60c2fa8bd19a5346b32e08dd50be778fa3d850147638eb16c16bf0b2

HTTP Headers

GET /xdata/images/hotel/263x210/119467716.jpeg?k=f3c2c6271ab71513e044e48dfde378fcd6bb80cb893e39b9b78b33a60c0131c9&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:05:31 GMT
content-language: 10601
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "118c01722e55044d816db848ac471d09024e4d85"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kCMvv6VHxbEqn_lf44TaN1Pk54VrM-BY1wSROvuF6QyBRza9odMjXQ==
age: 2274287
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/270323047.webp?k=bade09d7901e1282156f13c3b39e3a8b9c8d45170b2f1184565d3fc304c42d70&o=

143.204.55.112

200 OK

24 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/270323047.webp?k=bade09d7901e1282156f13c3b39e3a8b9c8d45170b2f1184565d3fc304c42d70&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
24 kB (24292 bytes)
Hash
4a1d3e04a67e519cea2b511d0f79eec0
9bcf037067abadc6439c4031f7b9ea2f2d157ade
94d728ecaac17567551eabad972adfbaa5a6de2d4f420c0b957b47fd104ee062

HTTP Headers

GET /xdata/images/hotel/square600/270323047.webp?k=bade09d7901e1282156f13c3b39e3a8b9c8d45170b2f1184565d3fc304c42d70&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Wed, 27 Mar 2024 02:30:54 GMT
content-language: 24292
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "5ca13ee6d75dcb62fe619a4cab55b3520f42b588"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U7qKKAIE_TrKe5qnH_n-lxVyEHkFnAfEkhZ3oLIbGLzKdRg0nN6_9g==
age: 1783165
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/media/world-map.7d457a5d.png

143.204.55.112

200 OK

7.4 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/media/world-map.7d457a5d.png
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 520 x 340, 8-bit colormap, non-interlaced
Size
7.4 kB (7367 bytes)
Hash
a2bdd966488047aaa17dcebc5238432b
65c52eeb866eb2acbd183e5fb2dccc5205dbb6bf
cfc71dcddda21b32c0ac5ba5322bd41612224261fecdc38cd20a45b6b502457c

HTTP Headers

GET /psb/capla/static/media/world-map.7d457a5d.png HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cf.bstatic.com/psb/capla/static/css/88dc35d3.a3e92ca1.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 7367
last-modified: Mon, 15 Apr 2024 13:34:54 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: JHN79MUafqgaROxz5oP_9e7qqn.kzjve
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 15:11:00 GMT
etag: "a2bdd966488047aaa17dcebc5238432b"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Qsl-zyoZ2scrmeAVS1oQYcewD-sARNvb86UvZPLe1PjIlNawq6fziw==
age: 9557
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/279333721.webp?k=55905f2b46817050a4838f5dbc34741c7dded636d9642a0c75f37ebd11ccab5c&o=

143.204.55.112

200 OK

55 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/279333721.webp?k=55905f2b46817050a4838f5dbc34741c7dded636d9642a0c75f37ebd11ccab5c&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
55 kB (54878 bytes)
Hash
c54e9379a3be33e13c8263c1cdbda53b
473670461806883e9f321ac6e8db9a86b9c3ff4e
837d4054ffdd6bbde4960c5ba7b98246ec5894342e3f021aefb5f2eeb448fbaf

HTTP Headers

GET /xdata/images/hotel/square600/279333721.webp?k=55905f2b46817050a4838f5dbc34741c7dded636d9642a0c75f37ebd11ccab5c&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Sat, 30 Mar 2024 04:38:45 GMT
etag: "1105d25063f13ec3386a2ed7bb37769d00eb0544"
content-language: 54878
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0ejzh7NIwjbITvrC5uodIuLlNJ-ud-tGUcSFB4sw-UTsqcMbcX81kg==
age: 1516294
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/153069622.webp?k=7071cdd5c1ad4e51e137ee93aca75a122fde80989011a54976b47150f0fe691a&o=

143.204.55.112

200 OK

72 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/153069622.webp?k=7071cdd5c1ad4e51e137ee93aca75a122fde80989011a54976b47150f0fe691a&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
72 kB (72324 bytes)
Hash
ec6166f58ebd1f0f26e3544fe3916eca
a93429bb37c9eaa1b745413acec2ff80b392d001
43568bed0120a15ae59c61fc0d4907a615b6c61be38843078d6c7fe5c48249fd

HTTP Headers

GET /xdata/images/hotel/square600/153069622.webp?k=7071cdd5c1ad4e51e137ee93aca75a122fde80989011a54976b47150f0fe691a&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Thu, 21 Mar 2024 05:32:55 GMT
etag: "ff28c3a91a27695ad56f98a0c097795c9f5f669d"
content-language: 72324
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HOa8lIahob3uor6K2cmxBNApjd6DQ3L7VqNG57LVzTcsPZYOxMKdwg==
age: 2290644
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450084.jpeg?k=f8c2954e867a1dd4b479909c49528531dcfb676d8fbc0d60f51d7b51bb32d1d9&o=

143.204.55.112

200 OK

10 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450084.jpeg?k=f8c2954e867a1dd4b479909c49528531dcfb676d8fbc0d60f51d7b51bb32d1d9&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
10 kB (10257 bytes)
Hash
5f58a2eeb3f0b1d3ce899e3c629368a5
3dbabbe322b0ec1cfaf64acfde88d5ed67b674b1
fa9f5dbe5ad251eb1a7da4628c3d1cc55c9ff380671a9d7d2b070bf4e2c2324e

HTTP Headers

GET /xdata/images/xphoto/263x210/45450084.jpeg?k=f8c2954e867a1dd4b479909c49528531dcfb676d8fbc0d60f51d7b51bb32d1d9&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 07 Apr 2024 20:29:16 GMT
etag: "581d7d6f2cc7c0efc5bd54aa0a1fa4c3bdb259f4"
content-language: 10257
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Jcv-G9rsfSvmpb2Ll7WdT8RPze7qzekfDN0TWDeHpclncQtAXGMqkQ==
age: 768062
X-Firefox-Spdy: h2

www.booking.com/js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=e1027d6b28d009d9&ete=&etg=&etcg=&ets=&etgwv=js_wcu_trip_type_based_destination_number_of_types|4

54.230.111.57

200 OK

12 B

URL GET HTTP/2
www.booking.com/js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=e1027d6b28d009d9&ete=&etg=&etcg=&ets=&etgwv=js_wcu_trip_type_based_destination_number_of_types|4
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
12 B (12 bytes)
Hash
45e0d10a08ad25f44cb9c2b6e732858c
8e47bb27521f644194d8d6ed92c22513a68715d9
4c55d6d27f3d4503e15ce98f4e4cccc15a49ecc0445a3a0996578437f7ab701f

HTTP Headers

GET /js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=e1027d6b28d009d9&ete=&etg=&etcg=&ets=&etgwv=js_wcu_trip_type_based_destination_number_of_types|4 HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
X-Booking-Info: 
X-Booking-Client-Info: 
X-Booking-Pageview-Id: e1027d6b28d009d9
X-Booking-SiteType-Id: 1
X-Booking-Language-Code: en-us
X-Booking-AID: 304142
X-Booking-Session-Id: 92c65815469945ede4f7dbc5ff6af953
X-Booking-ET-Serialized-State: E8zvz6OpxgXskSsmsqpm8DXDuFKQccDOKfpjXS_j0phxn8F2I21Og-8o2qwaEPsHa
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT8n2szUGLR3NChP0ToJA0eO1nasTdu6vPSz0hpGzgI9Eua7RFW3jbZdMduS4E6YNibKfeckQdnTYRikNuBuv5Tvs2TgZqqk2AVaguvny8bEzrOrtCE49w9Y4ODOa1Rh1p5keLKdpXT76NCStFHJABLG%2F0h2xaecqkY%3D; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238&isGpcEnabled=0&datestamp=Tue+Apr+16+2024+17%3A50%3A18+GMT%2B0000+(GMT)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=956986c8-8261-4674-9326-f3228b804c7f&interactionCount=1&isAnonUser=1&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&intType=2; BJS=-; 11_srd=%7B%22features%22%3A%5B%7B%22id%22%3A16%7D%5D%2C%22score%22%3A3%2C%22detected%22%3Afalse%7D; OptanonAlertBoxClosed=2024-04-16T17:50:18.495Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 35
server: nginx
date: Tue, 16 Apr 2024 17:50:18 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=e86a7d6d4b550214&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejJOAXi6fm6B6OcnZsVyVGZ-THbKT1zxHoU
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HdpzBM-agDZNetfV0N9tZYgAUBwV9OMSgad163GUsra70CaHRkJV_w==
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/524735433.webp?k=f5052d0ea566c3f4c753ac58d86e009605b56dace36537207739c60f5220a785&o=

143.204.55.112

200 OK

84 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/524735433.webp?k=f5052d0ea566c3f4c753ac58d86e009605b56dace36537207739c60f5220a785&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
84 kB (84136 bytes)
Hash
41debb8d86045fc48c8a93a1afa678ec
820de4a39e5e6cc8a5f523a74c8d49c8f1ad7e00
bac29a9f0e0c3267017be35813fb95368f780204fa7cb4d5024d33451bae59e0

HTTP Headers

GET /xdata/images/hotel/square600/524735433.webp?k=f5052d0ea566c3f4c753ac58d86e009605b56dace36537207739c60f5220a785&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Sun, 31 Mar 2024 11:06:56 GMT
content-language: 84136
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "8b345c16be9f96f7d932e5bbe3bbb5fe4d6f9ed8"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dv_VFmOOcBMSYKsbhGbkpcO34Tq7yiMHHsQ1-XNO8YnSBPc_chPNKA==
age: 1406603
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/c8637181.09edd61c.chunk.css

143.204.55.112

200 OK

1.2 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/c8637181.09edd61c.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1199), with no line terminators
Size
1.2 kB (1198 bytes)
Hash
366d6e6257b84910cbbbe1504af454fc
3e9f9389a41768b9d155f66dc534ebabf0f04cae
84987646200fcfd8c1e09cbc9125f34d384aec4af704bfa895defd3a59868c1d

HTTP Headers

GET /psb/capla/static/css/c8637181.09edd61c.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 15 Apr 2024 19:28:03 GMT
last-modified: Mon, 15 Apr 2024 14:39:46 GMT
etag: W/"9fc866ed20d0a1fd59159e7a31ff449e"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: 28YfMF9ImbDDGEECkUnLhkk6DNXk0hWU
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 02vWBM6WFptFuXbt_hzLralny2PZhvI-qfSfmD-jbcP0EdS7qIh_3A==
age: 80534
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/city/600x600/740935.jpg?k=d90fa40b53bd16d8d06214496648ebbbccb96cff3946793c569e50103d363ec1&o=

143.204.55.112

200 OK

57 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/city/600x600/740935.jpg?k=d90fa40b53bd16d8d06214496648ebbbccb96cff3946793c569e50103d363ec1&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x600, components 3
Size
57 kB (57347 bytes)
Hash
a3c19e8e336a73bc6ccf10b5750903e7
cafc5470a580f4a01b02d991187079efbf888987
9e76043e1541f197c4af1a9dd15ed9e1a594f7823bfc01b9b639fa7d67e272d6

HTTP Headers

GET /xdata/images/city/600x600/740935.jpg?k=d90fa40b53bd16d8d06214496648ebbbccb96cff3946793c569e50103d363ec1&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Tue, 16 Apr 2024 06:02:57 GMT
content-language: 57347
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "68f1a2cb27ba71e46bd94e0d537615275224763d"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cMxBLYmLl7obEVB1oo8Ii5HtARcZ_HjQMsCXizGWiT3XaPW0HOBKJg==
age: 42439
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450068.jpeg?k=41cc7c5449011323aaaaed4e845cb16200b5d540c77a50c1bea90399a1e92d70&o=

143.204.55.112

200 OK

0 B

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450068.jpeg?k=41cc7c5449011323aaaaed4e845cb16200b5d540c77a50c1bea90399a1e92d70&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xdata/images/xphoto/263x210/45450068.jpeg?k=41cc7c5449011323aaaaed4e845cb16200b5d540c77a50c1bea90399a1e92d70&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:50:59 GMT
etag: "d7d9dce017375f28392f8900463550320ea7975e"
content-language: 15735
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y84kXuXJ19pNiUtmUEhVF1Clz7nUnuthiYH1Tn0X4riG3XLqckfV7Q==
age: 2271559
X-Firefox-Spdy: h2

account.booking.com/privacy-consents

54.230.111.34

200 OK

53 B

URL POST HTTP/2
account.booking.com/privacy-consents
IP
54.230.111.34:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
53 B (53 bytes)
Hash
af08f182be5c3aa0f0d7a979f5f70fab
d94a12fed37bc2ccdd389d60ab03e2b2fe6f8915
231646038ff5ae00f0dc147df4c1981599df5e087580289ba3172cbab0e87410

HTTP Headers

POST /privacy-consents HTTP/1.1
Host: account.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Content-type: application/json;charset=UTF-8
Content-Length: 141
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCo0rw0J4Z52mANP5uu6kPYHfu0JO3CMz3gN1CaYisrZVxZ6zS%2BI%2FE2fk8NK4KPVQ%2FPGHqqKLDb8XPyGkzH0XxmAxo35Ad%2BMQRQnX0VElAdaAuMejWVCGjBMOAitow4sQd%2F620Su%2BCOMGsP4Gg56K3wgrcwpswli%2FN4%3D; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiIxY2ZkOWMwZC0xM2RhLTQ4NjktYjc1ZC1jNTljMDQ5ZThiY2YiLCJzZXNzaW9ucyI6W119fQ; BJS=-; 11_srd=%7B%22features%22%3A%5B%7B%22id%22%3A16%7D%5D%2C%22score%22%3A3%2C%22detected%22%3Afalse%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
server: envoy
date: Tue, 16 Apr 2024 17:50:18 GMT
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: POST
access-control-allow-origin: https://www.booking.com
access-control-max-age: 1728000
content-security-policy: base-uri 'none'; frame-ancestors https://*.booking.com https://*.booking.cn; object-src 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=block&e=UmFuZG9tSVYkc2RlIyh9YSWKtKO5TxgOpTwVTPfHZKNW3Hcrm1RLgTDT2V-m21UMJ4KxJTAfD3k6vpGGyphNZUfy-f31chCZHPTonodp_KimHZLP-kkm31nZp_X7YOBYrPNS2MnX0bgsQSyi4hJuf4zEyinEDIDF; script-src 'report-sample' 'nonce-U6Dx5JeqLV7ImR2' 'strict-dynamic' 'unsafe-eval' 'unsafe-hashes' 'sha256-kDPclFJFa/cNUGjyb73Olq+78jkIsu1rN4zPFoE3YaY=' 'sha256-tgo/x/FZ7h93dD78jEbhg4dXrRyROp1eZvekoHdStrw=' 'self' 'unsafe-inline' *.bstatic.com *.static.booking.cn bstatic.com cdn.cookielaw.org geolocation.onetrust.com saa.booking.com www.google-analytics.com
content-security-policy-report-only: connect-src 'self' *.perimeterx.net *.px-cdn.net *.px-client.net *.px-cloud.net *.pxchk.net *.token.awswaf.com cdn.cookielaw.org geolocation.onetrust.com privacyportal-eu.onetrust.com saa.booking.com secure.booking.com www.google-analytics.com; default-src 'self' *.bstatic.com bstatic.com; frame-src *.booking.com *.bstatic.com bstatic.com paymentcomponent.booking.com secure.booking.com www.booking.com; img-src 'self' data: *.bstatic.com *.perimeterx.net *.px-cloud.net *.static.booking.cn account.booking.com bstatic.com cdn.cookielaw.org graph.facebook.com stats.g.doubleclick.net www.booking.com www.google-analytics.com www.google.com www.gstatic.com; report-uri https://nellie.booking.com/csp-report-uri?type=report&e=UmFuZG9tSVYkc2RlIyh9YSWKtKO5TxgOpTwVTPfHZKNW3Hcrm1RLgTDT2V-m21UMJ4KxJTAfD3k6vpGGyphNZUfy-f31chCZHPTonodp_KimHZLP-kkm31nZp_X7YOBYrPNS2MnX0bgsQSyi4hJuf4zEyinEDIDF; script-src 'report-sample' 'nonce-U6Dx5JeqLV7ImR2' 'strict-dynamic' 'unsafe-eval' 'unsafe-hashes' 'sha256-kDPclFJFa/cNUGjyb73Olq+78jkIsu1rN4zPFoE3YaY=' 'sha256-tgo/x/FZ7h93dD78jEbhg4dXrRyROp1eZvekoHdStrw=' 'self' 'unsafe-inline' *.bstatic.com *.static.booking.cn bstatic.com cdn.cookielaw.org geolocation.onetrust.com saa.booking.com www.google-analytics.com; style-src 'self' 'unsafe-inline' *.bstatic.com *.static.booking.cn bstatic.com
set-cookie: bkng_expired_hint=; domain=.booking.com; path=/; expires=Mon, 15-Apr-2024 17:50:18 GMT; secure; HttpOnly
bkng_sso_ses=eyJib29raW5nX2dsb2JhbCI6W3siYSI6MSwiaCI6ImRYYm5EQWVrUGNoWitQcG05ZStvMHRYSkl6RGIreWpmYkYrUUwxTmwvVkkifV19; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; secure; HttpOnly
bkng_sso_session=e30; domain=.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; secure; HttpOnly
bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiIxY2ZkOWMwZC0xM2RhLTQ4NjktYjc1ZC1jNTljMDQ5ZThiY2YiLCJzZXNzaW9ucyI6W3sic2Vzc2lvbl9yZWZlcmVuY2UiOiJjMmJlNzc4My1mNDE1LTRkODUtODRkMS1kZjZjYzJmMTY5MTQiLCJyZWZyZXNoX3Rva2VuIjoiQ0FFU2QxSjFyY2RaeVNnaE44blBSRGJPVWNMQk5RLWRXNklBcjllQ2Z4TkloZVppN2Rfa2lCclNwRFFOVkVmM1h1SllLQkJiMFFpM002MnRac3Rjb2hJdzd2T3AtejhoZUhCc2pheTlvY1B3QW5CbllpWmV1RWtiQzh6X0JFbUxuazM2WGhYaWNzRDAyZUlvYjBRQTJvRnJlaXhGNVZRemFNcEUifV19fQ; domain=account.booking.com; path=/; expires=Sun, 15-Apr-2029 17:50:18 GMT; SameSite=Lax; secure; HttpOnly
pcm_consent=consentedAt%3D2024-04-16T17%3A50%3A18.921Z%26countryCode%3DNO%26expiresAt%3D2024-10-13T17%3A50%3A18.921Z%26implicit%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr%26consentId%3D712732a3-340a-410d-89ec-16567804029d%26analytical%3Dfalse%26marketing%3Dfalse; Domain=.booking.com; Path=/; Expires=Wed, 16 Apr 2025 17:50:18 GMT; HttpOnly; Secure; SameSite=Lax
bkng_sso_auth=CAIQsOnuTRp4xLLXtlhoLfGdmRF/jrtQYBT9a+TQvuSxcUEmoSSGj6tY+f9fXUn9xT7o9Gu6cXSSfVjRXfyG+BEBj/dQbDfviQvaZGArVZBatlnQPE+X96SeAUZ64kIcngKLGfqULzYB204FLMYv4wntJP8J+34Qov/KCMERlEQE; Domain=.booking.com; Path=/; Expires=Thu, 16 Apr 2026 17:50:18 GMT; HttpOnly; Secure; SameSite=Lax
bkng_sso_auth_1713289818=CAIQsOnuTRp4xLLXtlhoLfGdmRF/jrtQYBT9a+TQvuSxcUEmoSSGj6tY+f9fXUn9xT7o9Gu6cXSSfVjRXfyG+BEBj/dQbDfviQvaZGArVZBatlnQPE+X96SeAUZ64kIcngKLGfqULzYB204FLMYv4wntJP8J+34Qov/KCMERlEQE; Domain=.booking.com; Path=/; Expires=Thu, 16 Apr 2026 17:50:18 GMT; HttpOnly; Secure; SameSite=Lax
x-xss-protection: 1; mode=block
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VM_PNF92LQTFWEcyUH_7huUFr9waKl-aXv6K5TtUq8I0i3Q4UeNwIw==
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/500x500/184698944.png?k=6bb1bf3c13db4a7ba3c22a2d1f1051f793c525a78104703b4dec3eb12101f545&o=

143.204.55.112

200 OK

39 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/500x500/184698944.png?k=6bb1bf3c13db4a7ba3c22a2d1f1051f793c525a78104703b4dec3eb12101f545&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
39 kB (39328 bytes)
Hash
417ce707e1bfd94ef710e908c06d973e
a2b3d1c72c9cc57f52dfbcc528649e73d43c5c2f
1022f1662f9f02ac55dc95402144f2ae71d6f0a14c19b3e3041b68b529946cfc

HTTP Headers

GET /xdata/images/xphoto/500x500/184698944.png?k=6bb1bf3c13db4a7ba3c22a2d1f1051f793c525a78104703b4dec3eb12101f545&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
server: nginx
date: Thu, 21 Mar 2024 10:05:46 GMT
etag: "faf4c565c493f3bc0e80e65cd746519a6611b1b3"
content-language: 39328
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WcaCBMBuBzz-hxBFJLxHDMi1AuTUujPTYswVAxfQCUylgUTLer9dxQ==
age: 2274270
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/hotel/263x210/52979454.jpeg?k=6ac6d0afd28e4ce00a8f817cc3045039e064469a3f9a88059706c0b45adf2e7d&o=

143.204.55.112

200 OK

9.0 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/hotel/263x210/52979454.jpeg?k=6ac6d0afd28e4ce00a8f817cc3045039e064469a3f9a88059706c0b45adf2e7d&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
9.0 kB (8970 bytes)
Hash
75b0d53918deea91a4ea3288097be7ee
1d53635cf9a9dba8f817fb350a3fe1ad7b12cd01
5298b0b9ba74933e25102c551f6db4aa703a251a85ec56ca940d589cb4c9ad45

HTTP Headers

GET /xdata/images/hotel/263x210/52979454.jpeg?k=6ac6d0afd28e4ce00a8f817cc3045039e064469a3f9a88059706c0b45adf2e7d&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sat, 06 Apr 2024 12:54:56 GMT
content-language: 8970
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "1842ab68bb857fcaf0b89118d9a34c5f6e21b909"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mUQGMo-7tvMldy7YA_vTB7yLbOZDbAYdGClp33y_SktrblEZF-YMSw==
age: 881722
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040496.jpg?k=105685b15efc0186c76966128b0bedad31cd54f092f3679d5b2453155c82a773&o=

143.204.55.112

200 OK

10 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040496.jpg?k=105685b15efc0186c76966128b0bedad31cd54f092f3679d5b2453155c82a773&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
10 kB (10198 bytes)
Hash
6d257086f21fd27fa80ccad0acfc9345
4b13076ef4ad169622b049e237ba9c05ed9ce437
98e76b0417a9828371fb8f8e357cf6e4e78f71f0e32d584216186b3b6c13da7b

HTTP Headers

GET /xdata/images/xphoto/300x240/140040496.jpg?k=105685b15efc0186c76966128b0bedad31cd54f092f3679d5b2453155c82a773&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 28 Mar 2024 20:07:03 GMT
etag: "bd3bde97ad92595fd3d9ef0cba32d8c8bdb37943"
content-language: 10198
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dJ_ihsXjVzzkE2lLeJevFux69HHtGmZzFbs4cWPwv_SCbbUQjf2AHg==
age: 1633395
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/city/170x136/671694.jpg?k=cd1e3603afe4edd09f829675efb1cdc9a5925bed25a642bfc4d909602c231624&o=

143.204.55.112

200 OK

6.3 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/city/170x136/671694.jpg?k=cd1e3603afe4edd09f829675efb1cdc9a5925bed25a642bfc4d909602c231624&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x136, components 3
Size
6.3 kB (6341 bytes)
Hash
566ef663c31a7da2e19277c795aab0fa
bcbc6af34645cb84bec41718185ab14768d36a31
207cf1ee36b9118a68d6b33bbef91c4eb9bd28edcabae628828b20a375f409c9

HTTP Headers

GET /xdata/images/city/170x136/671694.jpg?k=cd1e3603afe4edd09f829675efb1cdc9a5925bed25a642bfc4d909602c231624&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 6341
server: nginx
content-language: 6341
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Tue, 09 Apr 2024 06:05:43 GMT
cache-control: max-age=2592000
etag: "498d6d5b65e81aa8199ff4e9ae444d1081d082a3"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fhsVNnniTzUef9HZjDQPnKLdFTtkeHotgQA775OShvGjld1nSM6lDA==
age: 647075
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/city/170x136/644310.jpg?k=472fefd4c3c0aef36deb16adb91c965923d8b1078ab29056802f95aead0586bf&o=

143.204.55.112

200 OK

6.5 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/city/170x136/644310.jpg?k=472fefd4c3c0aef36deb16adb91c965923d8b1078ab29056802f95aead0586bf&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x136, components 3
Size
6.5 kB (6544 bytes)
Hash
d8fc03a58b76828aa4d541100bd52964
ec876001abc6b7de78aada1dc0460f898269aa1e
08d047a4f12afcccef76d06b51501b8cbec55e66f828a08bedb06434b7249502

HTTP Headers

GET /xdata/images/city/170x136/644310.jpg?k=472fefd4c3c0aef36deb16adb91c965923d8b1078ab29056802f95aead0586bf&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 6544
server: nginx
content-language: 6544
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Thu, 28 Mar 2024 06:03:52 GMT
cache-control: max-age=2592000
etag: "dc256fcd9293261238443518cc03ae92aad2431e"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LOoyUGVixdlYGzLcBZAMkyGXqvSHlaMmCpTtL8BM_bXTWrUYJpVmzQ==
age: 1683986
X-Firefox-Spdy: h2

cf.bstatic.com/static/css/index_cloudfront_sd.iq_ltr/b376a4c8f7809544f3c3100ecadbc9b3ab82d340.css

143.204.55.112

200 OK

350 kB

URL GET HTTP/2
cf.bstatic.com/static/css/index_cloudfront_sd.iq_ltr/b376a4c8f7809544f3c3100ecadbc9b3ab82d340.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
350 kB (349559 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/css/index_cloudfront_sd.iq_ltr/b376a4c8f7809544f3c3100ecadbc9b3ab82d340.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 12 Apr 2024 08:57:10 GMT
last-modified: Wed, 28 Feb 2024 12:32:03 GMT
expires: Sun, 12 May 2024 08:57:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: W/"65df27c3-55577"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7Ws7I_bgDb49L3NwzaJxnKjcqJ1ObtcnTmcHutJlcECPu_BWTWRr0A==
age: 377585
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/f141039c.90df89cd.chunk.css

143.204.55.112

200 OK

853 B

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/f141039c.90df89cd.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (854), with no line terminators
Size
853 B (853 bytes)
Hash
d722390a56b6edc35d991a693a247761
0cda2bea6423231fe8a36fdec1370ad0edec02c5
44e8ba149439d1791fe77ae62439ce7538e584816f522ae6fd4394f43527d42f

HTTP Headers

GET /psb/capla/static/css/f141039c.90df89cd.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 853
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 14:39:47 GMT
etag: "a6989133be46c199c3e6e22d759a88da"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: CHA.qlUI.JN8RUPSCNjFO6gvPwVEDiRy
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -Nn0_M43vx_EMgKbssRVRuEatbgOZDN-iZHuTYOCZCby_F5bSgARMA==
age: 81337
vary: Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/d8454389.98899e1c.chunk.css

143.204.55.112

200 OK

2.1 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/d8454389.98899e1c.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2066), with no line terminators
Size
2.1 kB (2065 bytes)
Hash
5f920849092d9cb161a3440d816f77b1
4c4c22b15d71ab85f5d2e16f6d5d4324a8956538
b754ec5a2732719382c90edc0f1715a6a5df1ab6da372dd7db1b33b3194fec75

HTTP Headers

GET /psb/capla/static/css/d8454389.98899e1c.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 14:39:46 GMT
etag: W/"c9e8ae9a43e5cd68d262ffbff1c9f8bf"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: SevYtnUlGugpmvpkAoi66gYvrekOxXSG
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1O74HsE0ib5ce63YcZjJ2ogc60hG2w5JxGD42AqFX64UA7GoVu1qaw==
age: 81337
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040896.jpg?k=49938f0bd79fdf1393eb03c3816e015f3affe88bc0c433272168471c32c9207a&o=

143.204.55.112

200 OK

9.8 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040896.jpg?k=49938f0bd79fdf1393eb03c3816e015f3affe88bc0c433272168471c32c9207a&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
9.8 kB (9842 bytes)
Hash
08e8a51b2f42906ee3d255929dff32db
86d5a8b9d9fab06a7ea21edb1996d0f9deb01c0d
322a8d0b98f3eb1e9cab3904fbbfd6d7a42c803a314d90926d8c26d56784252f

HTTP Headers

GET /xdata/images/xphoto/300x240/140040896.jpg?k=49938f0bd79fdf1393eb03c3816e015f3affe88bc0c433272168471c32c9207a&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 18 Mar 2024 16:27:47 GMT
etag: "29f0de8d2921e8a2dd5fe6b06ad233a6a09ebe7d"
content-language: 9842
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xkJm5_vpFIls4UcQRTqStN8nNupicZOWC9Q0TMHYFFFU631g6MmPyw==
age: 2510551
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/client.1a04c1c2.css

143.204.55.112

200 OK

210 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/client.1a04c1c2.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
210 kB (209928 bytes)
Hash
317c5435fdbd0f01be16dabb5f6dd92c
6af45efe8d0e339d0e54ed31111fba5c3f507302
d94d23367ae4656645588c84183e2291de83718ca0dd989e9b152f6514c644ad

HTTP Headers

GET /psb/capla/static/css/client.1a04c1c2.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Sun, 14 Apr 2024 05:22:23 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: ykTc1fbJvkzl_qlhrkcerJheFT6VoNh_
server: AmazonS3
content-encoding: gzip
date: Mon, 15 Apr 2024 19:24:49 GMT
etag: W/"317c5435fdbd0f01be16dabb5f6dd92c"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gAwVi74HMX7yVkUGuIBbjYLpgfeBPFyw8ho5NgyEPQ89tiXxxUcPuQ==
age: 80728
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/remoteEntry.e6606aa1.client.js

143.204.55.112

200 OK

19 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/remoteEntry.e6606aa1.client.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19064)
Size
19 kB (19180 bytes)
Hash
376c9c9a97b72230330657bfd551528c
b9b21ed30fa86f9a5b5880df7e752424eb4a5103
06a75593a4d5c1a79d1b4e9effb5e2a3684023613266889682c2ce6871510df1

HTTP Headers

GET /psb/capla/static/js/remoteEntry.e6606aa1.client.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 16 Apr 2024 07:39:11 GMT
last-modified: Tue, 16 Apr 2024 07:34:56 GMT
etag: W/"376c9c9a97b72230330657bfd551528c"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: Od1ByXbGyQfGZQxIxRzZQLvrOh7UajRB
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wSNO6O_UIgSrrjeHm8Kbk03WbAsZ99HQ_r2uiGnVVbOBtrg2uX0xHQ==
age: 36666
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

54.230.111.57

200 OK

12 B

URL GET HTTP/2
www.booking.com/js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=e1027d6b28d009d9&ete=&etg=web_shell_ux_header_view,web_shell_ux_header_view_www_non_logged_in&etcg=cCHObVZMYCMKdFEVJTNIKdFHaO|1,cCHObVZMYCMKdFEVJTNIKdFHaO|3,cCHObEfEITNPfbeQMIaWYUQJFFQccCcCcCC|1&ets=cCHObTULHfAFFQZcfHSdFaLbFFRURURHe|1,dDfPWPHDDZSOBJbKYfNIfPTDWe|1,YTTHbXeeVJWcFKJPFNJQVVEbMKXe|1,YTTHbXeeVJWcFKJPFNJQVVEbMKXe|5,aXTfOFJZMYeKTcABVYUfFdHMPVWCGTQJQJET|1,aXTfOFJZMYeKTcABVYUfFdHMPVWCGTQJQJET|2,aXTfMZMYeKTcNGEcfFdHMPVUPHET|1,TZUfONebEWAUFccRMVIZdRRT|1,aXTfMZMYeKTcNGEcfFdHMPVUPHET|3,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|1,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|7,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|8,NAFLeOeJHSCQQGPLUPHBeZdRNYYdTUWe|1,cCHObVZMYCMKdFEVJTNIKdFHaO|1,cCHObVZMYCMKdFEVJTNIKdFHaO|3,NAFLeOeJcQEcVOdWNeYZdfdbJae|1,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|1,cCHObKdBdUHINPSXeHDALOLOLMO|1,cCHObKdBdUHINPSXeHDALOLOLMO|5,cCeIVOMPWAEeIcFARSYSbZDQSXbaTaTaET|3,cCeIVOOLfOECVVDFRURURHe|1,cCeIVOOLfOECVVDFRURURHe|2,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|1,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|2,YTTHbXeeVeCFZAcbRbROfLMTeCYHDRFcO|4,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|1,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|1,cCHObdRdJJVdfUSCEcdNHMddKNKNKWe|1,cCHObdRdJJVdfUJGFDSeBcZFLMFRURURHe|1,cCHObdRdJJVdfUJGFDSeBcZFLMFRURURHe|3,cCeIVOTeJUNSMTfIMLebaTaTaET|1,cCeIVOTeJUNSMTaSdNdKNKNKWe|1,cCHOGAQHSMSXUDeLcffIVXBPKAFRURURHe|1,cCHOGAQHSMSXUDeLcffIVXBPKAFRURURHe|5,cCHOGAQPXafJCfSFeMZXZAQeRfXPRQNIKdFHaO|1,cCHObKdBZXZAVCMIQRMebfTIbRZaTaTaET|1,cCeIVOdJEVOAeZTbQNPcZRALOLOLMO|1,cCHObCBWaEdIPPSfDcXLYSfDccCcCcCC|2,NAFLeOeJcQEcVOdWNeYZdfdbJae|2,NAFLeOeJcQEcVOdWNeYZdfdbJae|4,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|2,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|4,cCHObVZMYCMKdFEVJTNIKdFHaO|4,cCHObVZMYCMKdFEVJTNIKdFHaO|6,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|9,cCeIVOOLfOECVVDFRURURHe|3,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|3,cCeIVOdJEVOAeZTbQNPcZRALOLOLMO|2,cCeIVOTeJUNSMTfIMLebaTaTaET|2,cCeIVOTeJUNSMTaSdNdKNKNKWe|2&etgwv=
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
12 B (12 bytes)
Hash
45e0d10a08ad25f44cb9c2b6e732858c
8e47bb27521f644194d8d6ed92c22513a68715d9
4c55d6d27f3d4503e15ce98f4e4cccc15a49ecc0445a3a0996578437f7ab701f

HTTP Headers

GET /js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=e1027d6b28d009d9&ete=&etg=web_shell_ux_header_view,web_shell_ux_header_view_www_non_logged_in&etcg=cCHObVZMYCMKdFEVJTNIKdFHaO|1,cCHObVZMYCMKdFEVJTNIKdFHaO|3,cCHObEfEITNPfbeQMIaWYUQJFFQccCcCcCC|1&ets=cCHObTULHfAFFQZcfHSdFaLbFFRURURHe|1,dDfPWPHDDZSOBJbKYfNIfPTDWe|1,YTTHbXeeVJWcFKJPFNJQVVEbMKXe|1,YTTHbXeeVJWcFKJPFNJQVVEbMKXe|5,aXTfOFJZMYeKTcABVYUfFdHMPVWCGTQJQJET|1,aXTfOFJZMYeKTcABVYUfFdHMPVWCGTQJQJET|2,aXTfMZMYeKTcNGEcfFdHMPVUPHET|1,TZUfONebEWAUFccRMVIZdRRT|1,aXTfMZMYeKTcNGEcfFdHMPVUPHET|3,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|1,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|7,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|8,NAFLeOeJHSCQQGPLUPHBeZdRNYYdTUWe|1,cCHObVZMYCMKdFEVJTNIKdFHaO|1,cCHObVZMYCMKdFEVJTNIKdFHaO|3,NAFLeOeJcQEcVOdWNeYZdfdbJae|1,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|1,cCHObKdBdUHINPSXeHDALOLOLMO|1,cCHObKdBdUHINPSXeHDALOLOLMO|5,cCeIVOMPWAEeIcFARSYSbZDQSXbaTaTaET|3,cCeIVOOLfOECVVDFRURURHe|1,cCeIVOOLfOECVVDFRURURHe|2,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|1,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|2,YTTHbXeeVeCFZAcbRbROfLMTeCYHDRFcO|4,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|1,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|1,cCHObdRdJJVdfUSCEcdNHMddKNKNKWe|1,cCHObdRdJJVdfUJGFDSeBcZFLMFRURURHe|1,cCHObdRdJJVdfUJGFDSeBcZFLMFRURURHe|3,cCeIVOTeJUNSMTfIMLebaTaTaET|1,cCeIVOTeJUNSMTaSdNdKNKNKWe|1,cCHOGAQHSMSXUDeLcffIVXBPKAFRURURHe|1,cCHOGAQHSMSXUDeLcffIVXBPKAFRURURHe|5,cCHOGAQPXafJCfSFeMZXZAQeRfXPRQNIKdFHaO|1,cCHObKdBZXZAVCMIQRMebfTIbRZaTaTaET|1,cCeIVOdJEVOAeZTbQNPcZRALOLOLMO|1,cCHObCBWaEdIPPSfDcXLYSfDccCcCcCC|2,NAFLeOeJcQEcVOdWNeYZdfdbJae|2,NAFLeOeJcQEcVOdWNeYZdfdbJae|4,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|2,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|4,cCHObVZMYCMKdFEVJTNIKdFHaO|4,cCHObVZMYCMKdFEVJTNIKdFHaO|6,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|9,cCeIVOOLfOECVVDFRURURHe|3,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|3,cCeIVOdJEVOAeZTbQNPcZRALOLOLMO|2,cCeIVOTeJUNSMTfIMLebaTaTaET|2,cCeIVOTeJUNSMTaSdNdKNKNKWe|2&etgwv= HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
X-Booking-Info: 
X-Booking-Client-Info: 
X-Booking-Pageview-Id: e1027d6b28d009d9
X-Booking-SiteType-Id: 1
X-Booking-Language-Code: en-us
X-Booking-AID: 304142
X-Booking-Session-Id: 92c65815469945ede4f7dbc5ff6af953
X-Booking-ET-Serialized-State: E8zvz6OpxgXskSsmsqpm8DXDuFKQccDOKfpjXS_j0phxn8F2I21Og-8o2qwaEPsHa
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 35
server: nginx
date: Tue, 16 Apr 2024 17:50:18 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=b6307d6d2286022f&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejKcHhEDVJ5N9lcVJsmUXO2KU7GTs1cm2a0
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t16CRkpUB_0PUMp3EWcpIDR_CIUX13RaVAgF3OIQ1TYinFVh7yCSuQ==
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/73220198.webp?k=62588a8129bafa49162b4cdfd8af8f8018c42b8628090650a1cb9e4d4041c467&o=

143.204.55.112

200 OK

42 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/73220198.webp?k=62588a8129bafa49162b4cdfd8af8f8018c42b8628090650a1cb9e4d4041c467&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
42 kB (41666 bytes)
Hash
25221b4269eb1550283f3fe325e2bbfe
dbd23951fa1fb48cb1778a5125538b5aa84c5c2a
fcf74e3efac354fcbbafac7d51ada44a4bbb3a4866a96ec6ce93c6c76f48e96c

HTTP Headers

GET /xdata/images/hotel/square600/73220198.webp?k=62588a8129bafa49162b4cdfd8af8f8018c42b8628090650a1cb9e4d4041c467&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Sat, 13 Apr 2024 18:20:18 GMT
etag: "616f3897f3cf063d57ef0aa01366b6e43ae1bd5f"
content-language: 41666
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i8GDSwZbXEDDY1MQqnVryq2fPZlwKz9j7sH6vrXeveAvIX4Kqjqszw==
age: 257401
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/b9a82cb8.e5633784.chunk.js

143.204.55.112

200 OK

56 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/b9a82cb8.e5633784.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (56334)
Size
56 kB (56446 bytes)
Hash
724f085b4a9491fe8d80b2e525a06b80
faf29a7db808cc49e19b1f9d9dd59caa1d92b955
074334aba021856458a790e456586c4f75b0b7e4d512903e997b724954a06800

HTTP Headers

GET /psb/capla/static/js/b9a82cb8.e5633784.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 19:12:51 GMT
last-modified: Tue, 09 Apr 2024 05:25:18 GMT
etag: W/"724f085b4a9491fe8d80b2e525a06b80"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: j_SZfOID9y_0GBrIui.rxysqyuasC_Kr
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hUQQNK09Tin4HDMEdsQtRm0ZI1iJyj1vGwN88x91BBsWg68LFK9iTg==
age: 81447
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450090.jpeg?k=52f6b8190edb5a9c91528f8e0f875752ce55a6beb35dc62873601e57944990e4&o=

143.204.55.112

200 OK

12 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450090.jpeg?k=52f6b8190edb5a9c91528f8e0f875752ce55a6beb35dc62873601e57944990e4&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
12 kB (11795 bytes)
Hash
2a361664cb305310a4358bcfd299217b
319d5dbe2e9a02af52292e2c94467fbd4bd954ef
772bb85697eb54a5a021864874190a475188ce98c1a8840bb1fe72515dbbcdd8

HTTP Headers

GET /xdata/images/xphoto/263x210/45450090.jpeg?k=52f6b8190edb5a9c91528f8e0f875752ce55a6beb35dc62873601e57944990e4&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:52:30 GMT
etag: "78c06c289b99410d719289fe5882090079338c7f"
content-language: 11795
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AinKnnDC2wqBFscC3quedkVJrZMfV8bGuLXUmA-ccyhGr7ic3ZemZg==
age: 2271468
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450058.jpeg?k=2449eb55e8269a66952858c80fd7bdec987f9514cd79d58685651b7d6e9cdfcf&o=

143.204.55.112

200 OK

10 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450058.jpeg?k=2449eb55e8269a66952858c80fd7bdec987f9514cd79d58685651b7d6e9cdfcf&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
10 kB (10145 bytes)
Hash
a84be65e3bb8d5eaa7fef90be796567a
551cdf363ee42d54ec96eb53ce7775f691ff7fb4
f01b19f78cfe046f9bb8a8b7f141f8c2fb0cef0a519adffee6dfb7009199b05e

HTTP Headers

GET /xdata/images/xphoto/263x210/45450058.jpeg?k=2449eb55e8269a66952858c80fd7bdec987f9514cd79d58685651b7d6e9cdfcf&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 25 Mar 2024 12:22:09 GMT
etag: "418ccc7d8bc2472340222db59b4efba9f0d7bac7"
content-language: 10145
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D4SugjLPGubeSFyL0KRllTu6o7tGP1PPQL8S_8D52MspxL7F62BeBQ==
age: 1920489
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450283.jpeg?k=44ef0e355cff36883935e4c99b5c01b035eabebad278d22363210b2fe40b2791&o=

143.204.55.112

200 OK

13 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450283.jpeg?k=44ef0e355cff36883935e4c99b5c01b035eabebad278d22363210b2fe40b2791&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
13 kB (12945 bytes)
Hash
90fad3c997f2d9cbb8427bc6e46d492f
3ad80505bc020e11fe101a0f958d3280a1689add
899a98f9590565257e31af2acc3e49e56c689a693f0cb204a50a3d027e741154

HTTP Headers

GET /xdata/images/xphoto/263x210/45450283.jpeg?k=44ef0e355cff36883935e4c99b5c01b035eabebad278d22363210b2fe40b2791&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 25 Mar 2024 20:07:10 GMT
etag: "7dcfcd553f0c70776bfeef049bb49be408eca4dd"
content-language: 12945
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VwgGBq7x6DgqhmQTKINhK7931POgolz07a5OgQHn2MM3_LKphpcntQ==
age: 1892588
X-Firefox-Spdy: h2

booking.com/

54.230.111.57

301 Moved Permanently

606 kB

URL User Request GET HTTP/2
booking.com/
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type

Size
606 kB (605807 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://air.bnb-id3204.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.booking.com/
server: nginx
date: Tue, 16 Apr 2024 17:50:14 GMT
nel: {"max_age":604800,"report_to":"default"}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800,"group":"default"}
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=8fa57d6b71670357&e=UmFuZG9tSVYkc2RlIyh9YdPFJGDFjZSqK4Z-4dNTMVtVNs22ZtOjPJRNjfDV4yACJOYGdOb548I
x-terms-of-service: https://www.booking.com/content/terms.html
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: soLkPvRdli1JnIqtCE4s09mMQVkbRnS220emdcOl1P1YOIr6nTOhag==
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/remoteEntry.e35d0cc2.client.js

143.204.55.112

200 OK

25 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/remoteEntry.e35d0cc2.client.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (24596)
Size
25 kB (24712 bytes)
Hash
f9437e93baac18c73da482980b072728
dfd41d06b9418eef3f50fbafed5ce42bda434807
c49aba6f23d44e3f3270ca8729a5789f424b4f0d1c4c12f0d42098fcd3b73d23

HTTP Headers

GET /psb/capla/static/js/remoteEntry.e35d0cc2.client.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 11 Apr 2024 14:30:33 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: zj5bgW9n6FGDvb0lcBJYutWx_lSsArm4
server: AmazonS3
content-encoding: gzip
date: Mon, 15 Apr 2024 18:22:37 GMT
etag: W/"f9437e93baac18c73da482980b072728"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aSfQ4t2CVW-NFu4tEPVwyxDPGeJOXBJWF8J1iJooQxIamYqoS9kIKQ==
age: 84460
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/282e5b08.3f312d8d.chunk.js

143.204.55.112

200 OK

219 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/282e5b08.3f312d8d.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
219 kB (218601 bytes)
Hash
7ee974bf7bfebc24d6ccb9e3030ebb2b
19aa61a6a7423561331d4b9b2a9b07951545b075
d65193b19251e25d6ef7f355cb1e6346d861597088067a7f29755c42822caf26

HTTP Headers

GET /psb/capla/static/js/282e5b08.3f312d8d.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 17:54:00 GMT
last-modified: Mon, 15 Apr 2024 14:39:49 GMT
etag: W/"7ee974bf7bfebc24d6ccb9e3030ebb2b"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: bE75CfCxt9Er15XOWd.iHokJPxKRvPSJ
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YNb91qDNQ0Fkt6VmD5tHbzw6eXcTBDdWOo6w37K5Q13hTd1-ebY1cw==
age: 86177
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

www.booking.com/logo?ver=1&sid=6310d4b1432373d4128c998e03fdd1fb&t=17132898151

54.230.111.57

200 OK

12 B

URL GET HTTP/2
www.booking.com/logo?ver=1&sid=6310d4b1432373d4128c998e03fdd1fb&t=17132898151
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
12 B (12 bytes)
Hash
45e0d10a08ad25f44cb9c2b6e732858c
8e47bb27521f644194d8d6ed92c22513a68715d9
4c55d6d27f3d4503e15ce98f4e4cccc15a49ecc0445a3a0996578437f7ab701f

HTTP Headers

GET /logo?ver=1&sid=6310d4b1432373d4128c998e03fdd1fb&t=17132898151 HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 35
server: nginx
date: Tue, 16 Apr 2024 17:50:17 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
set-cookie: BJS=-; domain=booking.com; expires=Wed, 17-Apr-2024 17:50:17 GMT; Secure; HTTPOnly
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=ae3d7d6c4d250002&e=UmFuZG9tSVYkc2RlIyh9YbpBYTW1tHKzQWlRfmZMqJAFxc4IiR1U-XXAVjVv78cK
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7RrLC5OUr3juDvtW5PopJ2UcfJHsqbE_x9i2BGWz6loUevp1REgiDw==
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/city/600x600/644297.jpg?k=1ec66dc12696bc2551f325c7318ab5d1cfec23c955b375a30e5d466cf23f6d87&o=

143.204.55.112

200 OK

74 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/city/600x600/644297.jpg?k=1ec66dc12696bc2551f325c7318ab5d1cfec23c955b375a30e5d466cf23f6d87&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x600, components 3
Size
74 kB (74421 bytes)
Hash
60b8665aff1e28f230d4fd9e1a479a31
4352c75c225caabb5d3848296dea9732f8e8af67
b41a7c475c3ff89bccf20787bd207218bc85a2eb3318a79300f29a5b6d09bea7

HTTP Headers

GET /xdata/images/city/600x600/644297.jpg?k=1ec66dc12696bc2551f325c7318ab5d1cfec23c955b375a30e5d466cf23f6d87&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-language: 74421
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Wed, 10 Apr 2024 06:10:27 GMT
cache-control: max-age=2592000
etag: "f1eb698e0ca9fa1026cedd38aa4a946666a07db1"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JzCszQbzApHGS0WOmuR23IcHnxoEj1BBPjeNAElVQbbd6tCX95OBgA==
age: 560389
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/366855457.webp?k=ef25b0c640c7c2f4fcac4c79509ef1dbb484c19f21a7c8cba18d9270d7f790e9&o=

143.204.55.112

200 OK

0 B

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/366855457.webp?k=ef25b0c640c7c2f4fcac4c79509ef1dbb484c19f21a7c8cba18d9270d7f790e9&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xdata/images/hotel/square600/366855457.webp?k=ef25b0c640c7c2f4fcac4c79509ef1dbb484c19f21a7c8cba18d9270d7f790e9&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Wed, 03 Apr 2024 22:37:08 GMT
etag: "4cbedb5194f2d7933b6939f70bbc0f5cd2ded19f"
content-language: 85342
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6ZFceVOfcjnovqrULTMkmXE8DQIWQ7ZA532wqXG9FXlw2U9m6cOn4A==
age: 1105991
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/5f127cf4.6e0dab63.chunk.css

143.204.55.112

200 OK

2.1 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/5f127cf4.6e0dab63.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2066), with no line terminators
Size
2.1 kB (2065 bytes)
Hash
a0156452530f8b56d275e8dace2c6e22
3c24f89c1dd070a19eaa672d188e214525b44011
9a2ba4b9337bd9950669a418dc4f29352459be888a4d8c06c63d09b6075e84d6

HTTP Headers

GET /psb/capla/static/css/5f127cf4.6e0dab63.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 15 Apr 2024 17:53:59 GMT
last-modified: Mon, 15 Apr 2024 14:39:45 GMT
etag: W/"8135d7a8972d1cdff6078a45331abcdd"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: GoGweZSyx24hN5t9ovFmMvRoTck4aXT6
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Q9gefjVNdtBtqSmGspBRJkPoTTETInzu8ckcJG_UHZrWvkg-6VGOXw==
age: 86178
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/dc32f6b7.809da5b4.chunk.js

143.204.55.112

200 OK

215 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/dc32f6b7.809da5b4.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
215 kB (215425 bytes)
Hash
642392a8dcfeae50fa26900d133d055a
c6a71d7ec53da5a8527239a718f541c4e9978af8
f44e7eecc3e9f06cc5708b1a48dd5d699287d18c09f0465f6344d6860e3549b2

HTTP Headers

GET /psb/capla/static/js/dc32f6b7.809da5b4.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 08:01:52 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: EkMIVjQcQnr4iuJLWrT9dlpMshFF.CZq
server: AmazonS3
content-encoding: gzip
date: Mon, 15 Apr 2024 18:04:03 GMT
etag: W/"642392a8dcfeae50fa26900d133d055a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0zFLX1Mpm2Zg5vIR2LiIzGhC3wMaM0f04E37VMzHr_WO1ebtN1B06A==
age: 85574
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/63bff8e9.45a58914.chunk.js

143.204.55.112

200 OK

146 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/63bff8e9.45a58914.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
146 kB (146436 bytes)
Hash
6d7854f8e16730f042b590a8aa2fd8ad
115700ae8ec7d21dbe528fc093e0f963851d8b5a
97f24b0148eaa706de7c9347f3318f05673743b2e4e1059392b5988caf9d9067

HTTP Headers

GET /psb/capla/static/js/63bff8e9.45a58914.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 18:12:32 GMT
last-modified: Mon, 15 Apr 2024 05:19:49 GMT
etag: W/"6d7854f8e16730f042b590a8aa2fd8ad"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: jUe37ioZ9z0gnQyjC9lnStpQ9HEs7pYG
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cA7c_knUpqPMatgmRrKCZq8aiINiPMr5B_JLPD06W4JKZ3gDSUTjFA==
age: 85065
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/ace575b5.f3875eb4.chunk.css

143.204.55.112

200 OK

1.5 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/ace575b5.f3875eb4.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1506), with no line terminators
Size
1.5 kB (1501 bytes)
Hash
2348d546c1090320f89c755f7cf0a2f8
10203c903b1d1a32122a62a6f35f8c1c78c82da1
1b9defa2a8f3d070160c7de148e2fc2178d89002558d5bde049844712527ae86

HTTP Headers

GET /psb/capla/static/css/ace575b5.f3875eb4.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Sun, 14 Apr 2024 05:22:18 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: qMxC5XlwJTPnfZtUD8uy2HZ15e4XM2wJ
server: AmazonS3
content-encoding: gzip
date: Mon, 15 Apr 2024 18:22:37 GMT
etag: W/"34a498bcf3550c64902f7ac2d32a50d9"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C2XcD-kDHiMZTxNoh8KKmaP3_pnoY0ZoxinAKEztMZEX9_7Ihi_cDw==
age: 84460
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/782ad794.7da921a0.chunk.css

143.204.55.112

200 OK

1.7 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/782ad794.7da921a0.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1714), with no line terminators
Size
1.7 kB (1713 bytes)
Hash
ba4c99b275e4e97d0e1f0b3128b1322d
8b1f50cc1224ed6af104502a6b568b4d86dfc16a
42f3a29f50538d388356e7285918a7993168ce8036d71e2a4b815898b81e64bc

HTTP Headers

GET /psb/capla/static/css/782ad794.7da921a0.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 14:39:46 GMT
etag: W/"81671a96ccb9837256c56dc79f226880"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: KjWjKY7hY.jAO0KC1zlyIqgpQW6EKIsi
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JhW5cw2R7MeobQ0Uw-AE4TkLEMe402zBTAxRwdqrTjK6f_2SSDQ8qQ==
age: 81337
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/f141039c.1c2abb24.chunk.js

143.204.55.112

200 OK

11 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/f141039c.1c2abb24.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (10609)
Size
11 kB (10721 bytes)
Hash
6373ae89ed2b9b79abeff0e4e13f68a7
ff553513e9bff9e35518ede617adc95fe06f77da
d41d630c0452791cbcd8cc993b9ec0b0e99c3c080912d31db4ef97c20e8db323

HTTP Headers

GET /psb/capla/static/js/f141039c.1c2abb24.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 14 Apr 2024 05:22:21 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: 3EW34ZDOgRy7BLy2.pXl.DSzTRS1hvt9
server: AmazonS3
content-encoding: gzip
date: Mon, 15 Apr 2024 18:22:37 GMT
etag: W/"6373ae89ed2b9b79abeff0e4e13f68a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XFvOFOQR5ceSfrFppkghJAdiuMKggQv01pX-xCT64dAtbxfyiSkyCQ==
age: 84460
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/hotel/263x210/100235855.jpeg?k=5b6e6cff16cfd290e953768d63ee15f633b56348238a705c45759aa3a81ba82b&o=

143.204.55.112

200 OK

12 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/hotel/263x210/100235855.jpeg?k=5b6e6cff16cfd290e953768d63ee15f633b56348238a705c45759aa3a81ba82b&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
12 kB (12530 bytes)
Hash
0ec8a6acafd2ff94ead2387aac012c13
697cbd26baa47a35a86eb6feab2a7d9a9720947f
48f88e754655911d3a8885792052da8dddccd607f64f7e030ffad6fb2d283a37

HTTP Headers

GET /xdata/images/hotel/263x210/100235855.jpeg?k=5b6e6cff16cfd290e953768d63ee15f633b56348238a705c45759aa3a81ba82b&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Wed, 03 Apr 2024 06:31:22 GMT
content-language: 12530
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "9aff9e5c9b69d9442b7f563196b1a2235d432b9f"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Hj_hmR9LIEtnIy5yV5POwPHkX7iCAVzq3vdZkx-324sG2YChocc9pw==
age: 1163936
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040719.jpg?k=aacf4427c1b521477f0f0cf9977f7c28562cbe145983aab1bff2c6d6a2e7c4d2&o=

143.204.55.112

200 OK

13 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040719.jpg?k=aacf4427c1b521477f0f0cf9977f7c28562cbe145983aab1bff2c6d6a2e7c4d2&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
13 kB (12584 bytes)
Hash
53cf4876022a1b1c28b5fbf2d5cafe43
10e93cb719a28671858a783d8650c8338abc81a5
937f1e3adb5ceb401e911d8c6a9ad90e4ab3bd022309f20fa5760afc8aba498a

HTTP Headers

GET /xdata/images/xphoto/300x240/140040719.jpg?k=aacf4427c1b521477f0f0cf9977f7c28562cbe145983aab1bff2c6d6a2e7c4d2&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 22 Mar 2024 11:39:19 GMT
etag: "ff6df342fffc4be646a05914e121bb7d244aeaec"
content-language: 12584
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gfMGRQkfKcx2j0v8KTodHYl5_JMH4gFRg-8_BkMV3fVDrSqMqcvkYA==
age: 2182259
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450084.jpeg?k=f8c2954e867a1dd4b479909c49528531dcfb676d8fbc0d60f51d7b51bb32d1d9&o=

143.204.55.112

200 OK

10 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450084.jpeg?k=f8c2954e867a1dd4b479909c49528531dcfb676d8fbc0d60f51d7b51bb32d1d9&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
10 kB (10257 bytes)
Hash
5f58a2eeb3f0b1d3ce899e3c629368a5
3dbabbe322b0ec1cfaf64acfde88d5ed67b674b1
fa9f5dbe5ad251eb1a7da4628c3d1cc55c9ff380671a9d7d2b070bf4e2c2324e

HTTP Headers

GET /xdata/images/xphoto/263x210/45450084.jpeg?k=f8c2954e867a1dd4b479909c49528531dcfb676d8fbc0d60f51d7b51bb32d1d9&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 07 Apr 2024 20:29:16 GMT
etag: "581d7d6f2cc7c0efc5bd54aa0a1fa4c3bdb259f4"
content-language: 10257
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IMDwoBPfIM56JYf6nL_g0gcHgBHwPy6PtPVfbmhPBC0wxxGgAPVm4g==
age: 768062
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/352170812.webp?k=4ff5e29f3ad72c2c9f7170f60a043f01a158f26b38c55e9676439c18f3804179&o=

143.204.55.112

200 OK

40 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/352170812.webp?k=4ff5e29f3ad72c2c9f7170f60a043f01a158f26b38c55e9676439c18f3804179&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
40 kB (39572 bytes)
Hash
ef150004f7e14877ef0adc2a55c848c8
f9fc55a1aa0bdb8a5cef5f7a37d7bbc5c44f612e
ff1f117923916d0f5479bf7b6f95f21303e5aa4fbef22fb7eb57834b3ed3af23

HTTP Headers

GET /xdata/images/hotel/square600/352170812.webp?k=4ff5e29f3ad72c2c9f7170f60a043f01a158f26b38c55e9676439c18f3804179&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Tue, 26 Mar 2024 00:29:05 GMT
etag: "85dd2b92edb86c666d0f01fccec227d47fc85d84"
content-language: 39572
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IOYWzncB8ZzPAJBgbxoUhIvODkgKLhhOHvZqULp8aFSR4pCdUd_ofA==
age: 1876874
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450103.jpeg?k=a1fa72362160b1df6e288050afa7ce1aade80871acd368ddd4a4ebf6ad87764e&o=

143.204.55.112

200 OK

17 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450103.jpeg?k=a1fa72362160b1df6e288050afa7ce1aade80871acd368ddd4a4ebf6ad87764e&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
17 kB (16555 bytes)
Hash
f373341034a716f8a37655e46047d92d
4a7c67fbe52f102ca516e2d7fda504aa94df5942
1f189b367e0ec60548afd09578a8743af2069f18731a05c11b9b292ed0f0fc17

HTTP Headers

GET /xdata/images/xphoto/263x210/45450103.jpeg?k=a1fa72362160b1df6e288050afa7ce1aade80871acd368ddd4a4ebf6ad87764e&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:53:27 GMT
etag: "3aa59d890ba68033df6a63b6535f31d7b2a23d10"
content-language: 16555
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c0bpgerL3OsvyGlMgMjGdor2uiVMQP59ZnXxENfINWzoLSxaoCIf1g==
age: 2271411
X-Firefox-Spdy: h2

www.booking.com/js_tracking?pid=e1027d6b28d009d9&aid=304142&ver=2&lang=en-us&sid=6310d4b1432373d4128c998e03fdd1fb&stype=1&ref_action=index&ete=&etg=cookie_consent_declined_policy_banner&etcg=&ets=&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YarGvSH9iz-oGWKFtShNeeoqe1cG6IkIoA5kVtRxMLz8SIBmNjlEWUkLyzRwqIkkRhUVhJLQypTfjIpOvjalfQPZTmH3Es26rzloPODMe6mxIxcFaHj9j1KOyQVKIVwTUWJr16-8TuncgONgtad466Vx87yDcNZvBRLi7qfDXOCuYsEH5_SkphPcwOEzMI4IbLm03cBQmx9vBDGIW9XpD_mvhVYKh2OEfUn2PUKksMtFCfGRf_Bjw6ORLMmX2uw93qX__AnU14ONzpvYMrvZVzvDG6ZROwMzwcNI8HZ4GgL31-6X4270go8LGN4usz683g

54.230.111.57

200 OK

0 B

URL GET HTTP/2
www.booking.com/js_tracking?pid=e1027d6b28d009d9&aid=304142&ver=2&lang=en-us&sid=6310d4b1432373d4128c998e03fdd1fb&stype=1&ref_action=index&ete=&etg=cookie_consent_declined_policy_banner&etcg=&ets=&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YarGvSH9iz-oGWKFtShNeeoqe1cG6IkIoA5kVtRxMLz8SIBmNjlEWUkLyzRwqIkkRhUVhJLQypTfjIpOvjalfQPZTmH3Es26rzloPODMe6mxIxcFaHj9j1KOyQVKIVwTUWJr16-8TuncgONgtad466Vx87yDcNZvBRLi7qfDXOCuYsEH5_SkphPcwOEzMI4IbLm03cBQmx9vBDGIW9XpD_mvhVYKh2OEfUn2PUKksMtFCfGRf_Bjw6ORLMmX2uw93qX__AnU14ONzpvYMrvZVzvDG6ZROwMzwcNI8HZ4GgL31-6X4270go8LGN4usz683g
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js_tracking?pid=e1027d6b28d009d9&aid=304142&ver=2&lang=en-us&sid=6310d4b1432373d4128c998e03fdd1fb&stype=1&ref_action=index&ete=&etg=cookie_consent_declined_policy_banner&etcg=&ets=&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YarGvSH9iz-oGWKFtShNeeoqe1cG6IkIoA5kVtRxMLz8SIBmNjlEWUkLyzRwqIkkRhUVhJLQypTfjIpOvjalfQPZTmH3Es26rzloPODMe6mxIxcFaHj9j1KOyQVKIVwTUWJr16-8TuncgONgtad466Vx87yDcNZvBRLi7qfDXOCuYsEH5_SkphPcwOEzMI4IbLm03cBQmx9vBDGIW9XpD_mvhVYKh2OEfUn2PUKksMtFCfGRf_Bjw6ORLMmX2uw93qX__AnU14ONzpvYMrvZVzvDG6ZROwMzwcNI8HZ4GgL31-6X4270go8LGN4usz683g HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
X-Booking-AID: 304142
X-Booking-CSRF: l/IeZgAAAAA=BVyfpIXbtEd8ikiwCPMc1R90gP_w1JDkxjMOqcOosVmOZ_HShux4glJ448KpmPXdfw3jBZjuS13ilZlMmLqs8j3A5AHRbrPNhbUDas0v6AfRbJwVwbbYPUqO20I0c9I4IH1y4W9LLjko2G4BDArKrUIFVT1J7_lA05m3dNrSC50cP-BGQi5MMj-MrP3XCa_HG1ijPkdKRLf1Pkvr
X-Booking-Info: 1856950,1865390,1931000,1932080,1932100,1932110,1939730,1943090,1946400,1958000,1959390,1960550,1960640,1962740,cCHObTULHfAFFQZcfHSdFaLbFFRURURHe|1,cCHObXKeNJAbINFPIWBccCcCcCC|4,1960550|1,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2,dDfPWPHDDZSOBJbKYfNIfPTDWe|1,YTTHbXeeVJWcFKJPFNJQVVEbMKXe|1,YTTHbXeeVJWcFKJPFNJQVVEbMKXe|5,aXTfOFJZMYeKTcABVYUfFdHMPVWCGTQJQJET|1,aXTfOFJZMYeKTcABVYUfFdHMPVWCGTQJQJET|2,aXTfMZMYeKTcNGEcfFdHMPVUPHET|1,TZUfONebEWAUFccRMVIZdRRT|1,aXTfMZMYeKTcNGEcfFdHMPVUPHET|3,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|1,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|7,OJVZAAURAfPMTcZJFeDBRcFPLDEZRdLOLOLMO|8,NAFLeOeJHSCQQGPLUPHBeZdRNYYdTUWe|1,cCHObVZMYCMKdFEVJTNIKdFHaO|1,cCHObVZMYCMKdFEVJTNIKdFHaO|3,NAFLeOeJcQEcVOdWNeYZdfdbJae|1,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|1,cCHObKdBdUHINPSXeHDALOLOLMO|1,cCHObKdBdUHINPSXeHDALOLOLMO|5,cCeIVOMPWAEeIcFARSYSbZDQSXbaTaTaET|3,cCeIVOOLfOECVVDFRURURHe|1,cCeIVOOLfOECVVDFRURURHe|2,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|1,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|2,YTTHbXeeVeCFZAcbRbROfLMTeCYHDRFcO|4,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|1,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|1,cCHObdRdJJVdfUSCEcdNHMddKNKNKWe|1,cCHObdRdJJVdfUJGFDSeBcZFLMFRURURHe|1,cCHObdRdJJVdfUJGFDSeBcZFLMFRURURHe|3,cCeIVOTeJUNSMTfIMLebaTaTaET|1,cCeIVOTeJUNSMTaSdNdKNKNKWe|1,cCHOGAQHSMSXUDeLcffIVXBPKAFRURURHe|1,cCHOGAQHSMSXUDeLcffIVXBPKAFRURURHe|5,cCHOGAQPXafJCfSFeMZXZAQeRfXPRQNIKdFHaO|1,cCHObKdBZXZAVCMIQRMebfTIbRZaTaTaET|1,cCeIVOdJEVOAeZTbQNPcZRALOLOLMO|1,cCHObCBWaEdIPPSfDcXLYSfDccCcCcCC|2,NAFLeOeJcQEcVOdWNeYZdfdbJae|2,NAFLeOeJcQEcVOdWNeYZdfdbJae|4,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|2,NAFLeOeJabUZFQbMWKZETTeMcCcCcCC|4,cCHObVZMYCMKdFEVJTNIKdFHaO|4,cCHObVZMYCMKdFEVJTNIKdFHaO|6,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|9,cCeIVOOLfOECVVDFRURURHe|3,cCHOGcbREDEZRdRERJBHAOeVATZdSGWFRURURHe|3,cCeIVOdJEVOAeZTbQNPcZRALOLOLMO|2,cCeIVOTeJUNSMTfIMLebaTaTaET|2,cCeIVOTeJUNSMTaSdNdKNKNKWe|2
X-Booking-Client-Info: cCHObXKeNJAbINFPIWBccCcCcCC|4,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2
X-Booking-Label: gen173rf-1FCAEoggI46AdIM1gDaKoBiAEBmAExuAEZyAEP2AEB6AEB-AECiAIBogISYWlyLmJuYi1pZDMyMDQuY29tqAIDuALX9PqwBsACAdICJDZlNTEzYjA2LThjNjUtNDc5ZS04NWM1LTNlZDdkMzhmNDdjONgCBeACAQ
X-Booking-Language-Code: en-us
X-Booking-Pageview-Id: e1027d6b28d009d9
X-Booking-Session-Id: 6310d4b1432373d4128c998e03fdd1fb
X-Booking-SiteType-Id: 1
X-Partner-Channel-Id: 3
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCo0rw0J4Z52mANP5uu6kPYHfu0JO3CMz3gN1CaYisrZVxZ6zS%2BI%2FE2fk8NK4KPVQ%2FPGHqqKLDb8XPyGkzH0XxmAxo35Ad%2BMQRQnX0VElAdaAuMejWVCGjBMOAitow4sQd%2F620Su%2BCOMGsP4Gg56K3wgrcwpswli%2FN4%3D; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238&isGpcEnabled=0&datestamp=Tue+Apr+16+2024+17%3A50%3A18+GMT%2B0000+(GMT)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=956986c8-8261-4674-9326-f3228b804c7f&interactionCount=1&isAnonUser=1&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&intType=2; BJS=-; 11_srd=%7B%22features%22%3A%5B%7B%22id%22%3A16%7D%5D%2C%22score%22%3A3%2C%22detected%22%3Afalse%7D; OptanonAlertBoxClosed=2024-04-16T17:50:18.495Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
server: nginx
date: Tue, 16 Apr 2024 17:50:18 GMT
vary: Accept-Encoding, User-Agent
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=c69f7d6d0468036c&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejLaIRbo1duNgb1l1hFO9N5lKvnk0m9Y09g
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8CHyUEEgclm3_J0lCCuvO2OrT_QbLWjxqFNm2QEBry_jJavkNlpl4g==
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/ace575b5.f3f69686.chunk.js

143.204.55.112

200 OK

220 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/ace575b5.f3f69686.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
220 kB (219648 bytes)
Hash
f3385bf6f79f8c5882899b6b23f62355
3add774b8058dde10d0dc2e888de981db4707d95
c4fb6c41f7ea1ce23ac9c92581a8a76248d4664f10a65bc5bbe0e12e5ec0cbf2

HTTP Headers

GET /psb/capla/static/js/ace575b5.f3f69686.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 18:12:32 GMT
last-modified: Mon, 15 Apr 2024 14:39:51 GMT
etag: W/"f3385bf6f79f8c5882899b6b23f62355"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: H39h32Ew7Y0TT9bM4I.WEEFZmsHF2G8u
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 62RswfKjSQSSb-kJuDJIHEO86cdhOIBOcFez6giUQC9oISGGVtJSPg==
age: 85065
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450279.jpeg?k=cb9ab85ffe439f3030e00281f2d52583a398bf076e54f00f746e1d1baf62bf6e&o=

143.204.55.112

200 OK

18 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450279.jpeg?k=cb9ab85ffe439f3030e00281f2d52583a398bf076e54f00f746e1d1baf62bf6e&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
18 kB (18465 bytes)
Hash
bde532f130b1e8e4fe12ad801cd77661
473b3d6fb52f5b967a9e13e3b0b91dd5b4c74165
48fb7dc5fed709b7868efd05d7f5bcbdb45d3dddd7f73a9c8aa72a75f46ebc0d

HTTP Headers

GET /xdata/images/xphoto/263x210/45450279.jpeg?k=cb9ab85ffe439f3030e00281f2d52583a398bf076e54f00f746e1d1baf62bf6e&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 01 Apr 2024 15:31:08 GMT
etag: "3d39cce4848578b728f54bd5cf1f1e1c6619cc2b"
content-language: 18465
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5pOVlPxFkFdCXlvI0y7jDFVVgxQiN3O_ccapRlsXRyVcjle4p4DOAQ==
age: 1304350
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040642.jpg?k=3427dd3f0db09647375e60da68a88aac7baf454a48a5378d0f90845b273c4457&o=

143.204.55.112

200 OK

14 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040642.jpg?k=3427dd3f0db09647375e60da68a88aac7baf454a48a5378d0f90845b273c4457&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
14 kB (13568 bytes)
Hash
3bc2cbfd1e09b1fc3c10c64ee08ed6b2
aa39c8f72b5e3d859b72692479c4a2c0efd20c98
08b51c6e7b8783c2a5b9ba8421c605ca642031a77594861179190683f050abed

HTTP Headers

GET /xdata/images/xphoto/300x240/140040642.jpg?k=3427dd3f0db09647375e60da68a88aac7baf454a48a5378d0f90845b273c4457&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 18 Mar 2024 09:15:48 GMT
etag: "caf88f94b76e749534737c7b521076e1ec489c38"
content-language: 13568
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZWW3kkTMn7YSjtMzwSdKiYnDcO6XXN7fo2GgXM6F35updxvU7TT10g==
age: 2536470
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/0d919837.cfd9901d.chunk.js

143.204.55.112

200 OK

556 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/0d919837.cfd9901d.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
556 kB (555971 bytes)
Hash
c9a4cea0fba910b2a98fead6f6282970
5f50effc78ed78734880b0b9e632e25c59a81026
5b34100dda1a93aa7549bde423e0daff008fbf2a748cd5fc7ec0495013839501

HTTP Headers

GET /psb/capla/static/js/0d919837.cfd9901d.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 17:54:00 GMT
last-modified: Fri, 12 Apr 2024 05:14:27 GMT
etag: W/"c9a4cea0fba910b2a98fead6f6282970"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: iyT4vmjBI62aM7Z_gIDW9QtXm8BpqEqz
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1wLI5WINC3Y3e38Xh_b16WktLkRcFo2BC4jqmYCNx73NJsnS3lKWtA==
age: 86177
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCommonStyles.css

104.19.177.52

200 OK

25 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCommonStyles.css
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.booking.com/
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (24823), with no line terminators
Size
25 kB (24823 bytes)
Hash
e04ad89975c535b30bae773d0eb0d3b2
0c72555d0fd844150b6ec407a57da2d29bf380e2
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

HTTP Headers

GET /scripttemplates/202403.2.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:50:18 GMT
content-type: text/css
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
last-modified: Thu, 11 Apr 2024 16:21:28 GMT
x-ms-request-id: fb0b68f4-e01e-007a-7c9f-8c24c3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 29593
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875604542fb60b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/7943e0ea.b51cd998.chunk.css

143.204.55.112

200 OK

3.1 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/7943e0ea.b51cd998.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3087), with no line terminators
Size
3.1 kB (3086 bytes)
Hash
b9a84caf6d346087ae9c2a5a7d9c8b51
17871f911ca8e70d6c18b80d97ab0fe4768d35cc
3c17056090a28d594e8b6144bedbfd04008427f984512c761c5b540eba7dbb71

HTTP Headers

GET /psb/capla/static/css/7943e0ea.b51cd998.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 15 Apr 2024 14:39:46 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: S679dMEzg48JfeOsJW21UTrJAf_xrNzM
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 14:41:30 GMT
etag: W/"7b002d11908ac54190933646142ed170"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: j6lCO10uvmlCVxIx035mjiybpDrRm13IZvp3mvWrRUHIn83GJ8XM-w==
age: 11327
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/main_cloudfront_sd/66e83bc64432d9b5a57e8d60d6906582efdd1134.js

143.204.55.112

200 OK

584 kB

URL GET HTTP/2
cf.bstatic.com/static/js/main_cloudfront_sd/66e83bc64432d9b5a57e8d60d6906582efdd1134.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
584 kB (583928 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/js/main_cloudfront_sd/66e83bc64432d9b5a57e8d60d6906582efdd1134.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 16 Apr 2024 09:23:29 GMT
last-modified: Tue, 16 Apr 2024 09:09:47 GMT
etag: W/"661e405b-8e8f8"
expires: Thu, 16 May 2024 09:23:29 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aPLG7voX68_7Hamc71Xl0tTwo1lLyNzc518Z2t2Nz1yFlJEkCWnwWQ==
age: 30405
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/0d073a5f.1760100e.chunk.css

143.204.55.112

200 OK

314 B

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/0d073a5f.1760100e.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (315), with no line terminators
Size
314 B (314 bytes)
Hash
771f5f796b4a34a4640fe4df69a7d55b
ebafda810c935013f2cd163556a89f6dc0deac7b
1b30fd44433e4fa440e70ab177117bf8768615427c5e29a1a9bbc3780241e93e

HTTP Headers

GET /psb/capla/static/css/0d073a5f.1760100e.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 314
date: Mon, 15 Apr 2024 18:12:29 GMT
last-modified: Mon, 15 Apr 2024 14:39:46 GMT
etag: "e6633b5a05bd1cc32bc60aea297490c7"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: rjWWUr7ANDnSDC.rv3vQhLbQsNgjmsjf
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zXwzXLcBw9HMv-qC5HfAgFEk2hjn_evMyezpxx-rFQ7SNkJdItqWEA==
age: 85068
vary: Origin
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/8067d7e4.109fb194.chunk.js

143.204.55.112

200 OK

38 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/8067d7e4.109fb194.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (37900)
Size
38 kB (38093 bytes)
Hash
f7e72b88387d5189f4019a53507ac8d4
54bf7a1014f295a22052e1fc75444857b65cb753
54a0eae39f16b8c2936ea1394754356469fe50e78b59771c2f71ca0cc9c4b2d0

HTTP Headers

GET /psb/capla/static/js/8067d7e4.109fb194.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 10:15:25 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: SckFTrW8oqcHJYBndxx7zpHlZBY6V.kx
server: AmazonS3
content-encoding: br
date: Tue, 16 Apr 2024 11:24:01 GMT
etag: W/"f7e72b88387d5189f4019a53507ac8d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Yqp8IISZKBn-bh4Wkhu25iwviUNB0DtrdlfdEAPSuCL61qv0DiyoCw==
age: 23176
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/hotel/263x210/119467716.jpeg?k=f3c2c6271ab71513e044e48dfde378fcd6bb80cb893e39b9b78b33a60c0131c9&o=

143.204.55.112

200 OK

11 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/hotel/263x210/119467716.jpeg?k=f3c2c6271ab71513e044e48dfde378fcd6bb80cb893e39b9b78b33a60c0131c9&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
11 kB (10601 bytes)
Hash
33bfa10dc5bc4ef8339bd5abeb8548ea
957c2b9e899e2520a2c97f21d638fca030da5a43
0380753c60c2fa8bd19a5346b32e08dd50be778fa3d850147638eb16c16bf0b2

HTTP Headers

GET /xdata/images/hotel/263x210/119467716.jpeg?k=f3c2c6271ab71513e044e48dfde378fcd6bb80cb893e39b9b78b33a60c0131c9&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:05:31 GMT
content-language: 10601
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "118c01722e55044d816db848ac471d09024e4d85"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GyUYcwOld6cn1MqLKtKhcWT7vsyrPDaTb9UJj5d0DlTyQbD2G_wiEw==
age: 2274287
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/88dc35d3.63c0e77e.chunk.js

143.204.55.112

200 OK

19 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/88dc35d3.63c0e77e.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18992)
Size
19 kB (19104 bytes)
Hash
943f30d7cc8dd26953a13420ded99374
fe87df4a7d1d1628ab9bfa0235ee45a1063b007f
f5b05fbd84b38bdad7540faf458a11721ff95976bd3477a786f585cce148358c

HTTP Headers

GET /psb/capla/static/js/88dc35d3.63c0e77e.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 09 Apr 2024 05:24:41 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: EXgIjCz9AKI6xOnsO7fvzU5tDaxbbnlD
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 14:41:22 GMT
etag: W/"943f30d7cc8dd26953a13420ded99374"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8aS5ImO9Pp_17ZIIvwES_aljwiYRbwfZYDc2Dvk8f5h6VH3Y7Xo95g==
age: 11335
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/d8454389.ba82ac70.chunk.js

143.204.55.112

200 OK

219 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/d8454389.ba82ac70.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
219 kB (219262 bytes)
Hash
27156b80331443db35f85700e1ac45b7
fdecd94cac27e860cebe7b6adfa6afef0579d197
7695b8d724e531066f9963c1cb474e87e62f17062502f3a8cc5512469575aceb

HTTP Headers

GET /psb/capla/static/js/d8454389.ba82ac70.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 14:39:53 GMT
etag: W/"27156b80331443db35f85700e1ac45b7"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: hWjfL25TeukpDJ63_oXMOM_HkSTgjH5C
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xyeXYSP4RZxemwbEM5VqqQGci3lcemfdRMsMY_Hpr4n87j8oRnAimg==
age: 81337
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/c8637181.d5f32ef5.chunk.js

143.204.55.112

200 OK

46 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/c8637181.d5f32ef5.chunk.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (45510)
Size
46 kB (45703 bytes)
Hash
d809790bd2c94f46d3430d29750e4f20
b3561d9ea1a880f3f3f2d1ab77d4d3848adb2ac2
113f23ffb623b6d1dac78a8c9a5a273621b47a379dacb8c7c757093f65f0052a

HTTP Headers

GET /psb/capla/static/js/c8637181.d5f32ef5.chunk.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 19:28:04 GMT
last-modified: Mon, 15 Apr 2024 14:39:51 GMT
etag: W/"d809790bd2c94f46d3430d29750e4f20"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: gWSJ7ORx5wXBlXS5cNkK8VvQe8MwUoTr
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4T0ENgr5UcVTK0cQd2DB-Pk7ZLcoA87q94LMkARiDIRX_gs2R7nq1A==
age: 80533
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/city/170x136/930853.jpg?k=85cc355550cdcf1ca77d1a7a635f4294e09dee696051866597a63fd7edd7af5a&o=

143.204.55.112

200 OK

7.0 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/city/170x136/930853.jpg?k=85cc355550cdcf1ca77d1a7a635f4294e09dee696051866597a63fd7edd7af5a&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x136, components 3
Size
7.0 kB (7004 bytes)
Hash
a74c25791bb6960282adb0b0bfac4614
5d6cb72e147c07299ae8aa66d6b7d8c8f1e1414b
a8d86240545c19cd5081d6a4dcd1c8ab8138fd88154bd9c281914216444ead84

HTTP Headers

GET /xdata/images/city/170x136/930853.jpg?k=85cc355550cdcf1ca77d1a7a635f4294e09dee696051866597a63fd7edd7af5a&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 7004
server: nginx
date: Sun, 07 Apr 2024 11:24:13 GMT
etag: "7b2c48bc6b9bd8a3d2a38e8a2caf3e3541c6e001"
content-language: 7004
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JlxXYwFxHlKpkTPKF5PYbP0nAAlaTTVXiviM-gEQ9J7kd8aBO3SeZA==
age: 800765
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x197/321937471.jpeg?k=a42e46f3b3da4d768e3df3855136147606a82d6ab03ffcdd8c33e86c9e2de356&o=

143.204.55.112

200 OK

13 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x197/321937471.jpeg?k=a42e46f3b3da4d768e3df3855136147606a82d6ab03ffcdd8c33e86c9e2de356&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Size
13 kB (13018 bytes)
Hash
560a7a9af03cc2cc93b89c8e26c65d66
c5cbc34fb512a4d71ad4535497cba6fcb85052ef
d8a4a348a9409a16c2ad0c1b6170db540a75a1f8a6585528467e37434e4e6fde

HTTP Headers

GET /xdata/images/xphoto/263x197/321937471.jpeg?k=a42e46f3b3da4d768e3df3855136147606a82d6ab03ffcdd8c33e86c9e2de356&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 05 Apr 2024 12:48:37 GMT
etag: "0d1ecb461ff2543b2193d76ad5e585e10163d417"
content-language: 13018
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LNv-mC_WIZwrbhlGu1bgzc4zGRSKizh1gLwN2LJSH3TM71I7I-NbKw==
age: 968501
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x197/321936536.jpeg?k=afe4f57f95913e5a762b408e8ba0bbb8cbfcc5f4c31b0b899586709f55c1d5d7&o=

143.204.55.112

200 OK

16 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x197/321936536.jpeg?k=afe4f57f95913e5a762b408e8ba0bbb8cbfcc5f4c31b0b899586709f55c1d5d7&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Size
16 kB (15550 bytes)
Hash
a995ac2630690708500c5dd5b31d8d35
2468ab3439c591da604fd1c171dfeb4f2818c14d
81ce8c3b42240982ef527a2772d9a8421e0d50e034457032df37966485f01709

HTTP Headers

GET /xdata/images/xphoto/263x197/321936536.jpeg?k=afe4f57f95913e5a762b408e8ba0bbb8cbfcc5f4c31b0b899586709f55c1d5d7&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 05 Apr 2024 12:48:09 GMT
etag: "d00ab9d10646572634c0f3390d674f7b170a2fe8"
content-language: 15550
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sqrRA5Sd4XMDVraTWJsv-Dx7a60zEU7utiYDnEB5Zrw08xvDLbxDqg==
age: 968529
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/262247242.webp?k=bbfb11d6ac0fdb03a1aaa1e993bf05320777bf5e999d0531a3ada9afbf28dc7a&o=

143.204.55.112

200 OK

128 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/262247242.webp?k=bbfb11d6ac0fdb03a1aaa1e993bf05320777bf5e999d0531a3ada9afbf28dc7a&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
128 kB (128296 bytes)
Hash
72a0c3af78637f10b366a61bb49696bc
4dc6662ac320116b46d35edf4bd07870b6924df2
db14d14f8adfd6cb7b6636aef60e31df2bd660773b870ddbbf05c509720bfad1

HTTP Headers

GET /xdata/images/hotel/square600/262247242.webp?k=bbfb11d6ac0fdb03a1aaa1e993bf05320777bf5e999d0531a3ada9afbf28dc7a&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Tue, 19 Mar 2024 10:14:42 GMT
etag: "e0803850a71219c24699f57db52a6c2566e27cd4"
content-language: 128296
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Vt0Whg5TG-bPE535JoBuMCpTm1PzdXq6NiASxxVce2gs8OE9HV28Zw==
age: 2446537
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/js/remoteEntry.9bfbf3e3.client.js

143.204.55.112

200 OK

29 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/js/remoteEntry.9bfbf3e3.client.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (28699)
Size
29 kB (28815 bytes)
Hash
f6db6a3215273163bd23a83f34945773
ca7ad6bd2effd5a81047e0576c3343e1805774c8
6a30bf63e040480b19b17c137aa6af5d73dd1d94470e82e9a2b63c0a1b6f31a7

HTTP Headers

GET /psb/capla/static/js/remoteEntry.9bfbf3e3.client.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 22:18:59 GMT
last-modified: Mon, 18 Mar 2024 08:03:34 GMT
etag: W/"f6db6a3215273163bd23a83f34945773"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: 7dYKkoicp3OP_Dq4OSO5KyPpwcMvdFzb
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fudsW6klX8miesPg2vQFlLm-WH7cCSOLc2pFkHomQAus_kMQiHZWdw==
age: 70278
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/97a643cd.68498364.chunk.css

143.204.55.112

200 OK

2.9 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/97a643cd.68498364.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2862), with no line terminators
Size
2.9 kB (2861 bytes)
Hash
823a54ece74739eaddf41330b34c1a8a
e8ff565b370f53e3b65c779ddc6401c98705f54c
6aaeb585d78bb562fad09ea0ca4865065c827346663abc449dc14dd8755e90d0

HTTP Headers

GET /psb/capla/static/css/97a643cd.68498364.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Sun, 14 Apr 2024 05:22:18 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: IzGFFqKbbcP0BBlUCFzEuC_6XrTDqBEy
server: AmazonS3
content-encoding: gzip
date: Mon, 15 Apr 2024 18:22:37 GMT
etag: W/"8e698340461dc0ce0f5a8a64360ca2a7"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: za2npBlV2rORziBuZ3GuR0THDf1-1zzoAxSToT47pr5giplGF93TYw==
age: 84460
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/29466558.webp?k=7f9cf4736f69b30c20fa7a751bb8711fa195bc9ff6092d5412d52daf6cada17f&o=

143.204.55.112

200 OK

60 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/29466558.webp?k=7f9cf4736f69b30c20fa7a751bb8711fa195bc9ff6092d5412d52daf6cada17f&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
60 kB (59920 bytes)
Hash
8a0e03faa23462b386bc0ca9a51b7508
012371cd9cb4fd5f010558e8ad0675be0ba955ec
424b13bd058e2f6e264a16b284ffea05e80c328d9dfb9c5a7c46484131e86452

HTTP Headers

GET /xdata/images/hotel/square600/29466558.webp?k=7f9cf4736f69b30c20fa7a751bb8711fa195bc9ff6092d5412d52daf6cada17f&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Wed, 27 Mar 2024 06:52:10 GMT
content-language: 59920
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "11977a463a83f55e9c39cf2a5da3d8a324f0d4db"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qutkCEJrT98_cZAsHvwQ8dy-hz8HfxYj6KS-_9wqbVIiXOwmbfISNA==
age: 1767489
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/282e5b08.5c78e51b.chunk.css

143.204.55.112

200 OK

3.4 kB

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/282e5b08.5c78e51b.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3377), with no line terminators
Size
3.4 kB (3376 bytes)
Hash
2856b828b458468c6c8dfca32660d925
0896cc5b866584f631236bfbe024f9b9f04cf6bd
e58b020c90486870ecc2cac51e4e02e6d28dd106087678d0f91b913df04285fb

HTTP Headers

GET /psb/capla/static/css/282e5b08.5c78e51b.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 15 Apr 2024 19:14:40 GMT
last-modified: Mon, 15 Apr 2024 14:39:45 GMT
etag: W/"0e1dff8a008c0a7734f5c4458c3b59c5"
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: eL4Pz5swh9CH8.EDvpazsFqozzLYV7DI
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CY49z5Liy2NdPVo-3jQVpcFbbMy6mAOpbGNvn822hUsYsmn3z51LMg==
age: 81337
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/raf_cloudfront_sd/7f16a33b470011b4f1df4034c745259154f9eb0a.js

143.204.55.112

200 OK

128 kB

URL GET HTTP/2
cf.bstatic.com/static/js/raf_cloudfront_sd/7f16a33b470011b4f1df4034c745259154f9eb0a.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
128 kB (127820 bytes)
Hash
5f94c2d77933770809d34204e29968bb
c47d9beb9246cf25c3ca30efea36cf023912dfea
44d0910c2f26e0116a02abefdf36a0275e6ff315a4ced14df8e69cb3177bd6b9

HTTP Headers

GET /static/js/raf_cloudfront_sd/7f16a33b470011b4f1df4034c745259154f9eb0a.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 18 Mar 2024 10:11:18 GMT
last-modified: Mon, 18 Mar 2024 09:36:07 GMT
etag: W/"65f80b07-1f34c"
expires: Wed, 17 Apr 2024 10:11:18 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nE5vkv7M_CO3mHWsLt34MOOOGsgHUn7l58YGBGHKbs_hLc2ExpzhbQ==
age: 2533138
X-Firefox-Spdy: h2

accounts.google.com/gsi/client

108.177.14.84

200 OK

224 kB

URL GET HTTP/2
accounts.google.com/gsi/client
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://www.booking.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT

File type
JavaScript source, ASCII text, with very long lines (2903)
Size
224 kB (223711 bytes)
Hash
3378a93b5397ad2401f6b18ff1773fed
4a17029b9177e38d085fc90b73f5cf59e667d1df
4d903e4a172e899b1ee9eb8af686e9bddba2f119dd764f3e6c520f36ec01af40

HTTP Headers

GET /gsi/client HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
expires: Tue, 16 Apr 2024 17:50:17 GMT
date: Tue, 16 Apr 2024 17:50:17 GMT
cache-control: private, max-age=1800
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-apgLA6-7dT1PD12VjLeCOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.19.177.52

200 OK

21 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.booking.com/
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21229)
Size
21 kB (21230 bytes)
Hash
0cd317a7b9c520801230e944f7d50e41
e3985ff0c2e8b1eaacb617c7c5af5bebfcbceda6
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:50:16 GMT
content-type: application/javascript
content-length: 6882
content-encoding: gzip
content-md5: zgTRIDojRJmnmBTwUyI2Vw==
last-modified: Mon, 15 Apr 2024 02:25:07 GMT
etag: 0x8DC5CF344669B3B
x-ms-request-id: 4dc3a512-401e-0097-294f-8f6f8e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 38130
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875604464fd10b4d-OSL
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/263x210/45450058.jpeg?k=2449eb55e8269a66952858c80fd7bdec987f9514cd79d58685651b7d6e9cdfcf&o=

143.204.55.112

200 OK

10 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/263x210/45450058.jpeg?k=2449eb55e8269a66952858c80fd7bdec987f9514cd79d58685651b7d6e9cdfcf&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
10 kB (10145 bytes)
Hash
a84be65e3bb8d5eaa7fef90be796567a
551cdf363ee42d54ec96eb53ce7775f691ff7fb4
f01b19f78cfe046f9bb8a8b7f141f8c2fb0cef0a519adffee6dfb7009199b05e

HTTP Headers

GET /xdata/images/xphoto/263x210/45450058.jpeg?k=2449eb55e8269a66952858c80fd7bdec987f9514cd79d58685651b7d6e9cdfcf&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Mon, 25 Mar 2024 12:22:09 GMT
etag: "418ccc7d8bc2472340222db59b4efba9f0d7bac7"
content-language: 10145
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tEEhKAKbGBN-_HRU8MqeKM1eu-uFjdHRCdaUnIx50oBR5RyF9OUrAQ==
age: 1920489
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450066.jpeg?k=4adfab312f5d26da9f81da48d8c95ca8f108215b2c84085590891a9e0e17b144&o=

143.204.55.112

200 OK

0 B

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450066.jpeg?k=4adfab312f5d26da9f81da48d8c95ca8f108215b2c84085590891a9e0e17b144&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xdata/images/xphoto/263x210/45450066.jpeg?k=4adfab312f5d26da9f81da48d8c95ca8f108215b2c84085590891a9e0e17b144&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:50:59 GMT
etag: "ea2244f5ef79860569b05cd1f307c3bc50c73ced"
content-language: 16930
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TsnZPWxOnQGDnMX7QwJ47eiUXptvnI-yXEwon_99m0DVG0j-szsNbg==
age: 2271559
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x197/322421465.jpeg?k=2f54e3a0a36ead8a2c115bd25275668833d6ab0f2efa470f3c55a803df45ca68&o=

143.204.55.112

200 OK

11 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x197/322421465.jpeg?k=2f54e3a0a36ead8a2c115bd25275668833d6ab0f2efa470f3c55a803df45ca68&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Size
11 kB (10945 bytes)
Hash
73c4b1825d554f897c94ee54d14bf1c0
ad6213b11e0fbcfcf21843e66af274ae16331276
6499978f53c08eb2b7dca78caf145325e7d825fb653bb8759bba2644089f9815

HTTP Headers

GET /xdata/images/xphoto/263x197/322421465.jpeg?k=2f54e3a0a36ead8a2c115bd25275668833d6ab0f2efa470f3c55a803df45ca68&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 05 Apr 2024 12:48:37 GMT
etag: "9b74d0bea9016d19763ded18a7fe3e7d9ed16b85"
content-language: 10945
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ggylalSYYEHtFGS4rAbJC7vdm5bsXXAgEsWO3ioiz2fH8DFm51MaZw==
age: 968501
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/192276799.webp?k=6f569e47092ed9123757fe13f7411da9df7d49453ea8ec097b6b6eb789c4c026&o=

143.204.55.112

200 OK

73 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/192276799.webp?k=6f569e47092ed9123757fe13f7411da9df7d49453ea8ec097b6b6eb789c4c026&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
73 kB (73318 bytes)
Hash
bbcb4789762be75c0ee6d9e0d98c6cc7
75f7a51b2eb9f1ca98c6b182d7e64cee2046789e
b5b1d2f72619610b3be422f1e586cc579a100333d3e2ebb11e9d3c3c144b82fb

HTTP Headers

GET /xdata/images/hotel/square600/192276799.webp?k=6f569e47092ed9123757fe13f7411da9df7d49453ea8ec097b6b6eb789c4c026&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Sun, 07 Apr 2024 07:50:05 GMT
etag: "0ef0ec04d87c971f32ea12b1151c39852b5c30c6"
content-language: 73318
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ruubpeRy5kJhuqv6E5Bjsh2fubdTbo2pQPb43SWR33RnPu9vpluQFw==
age: 813614
X-Firefox-Spdy: h2

t-cf.bstatic.com/design-assets/assets/v3.81.0/fonts-brand/BookingBold.woff

143.204.55.112

200 OK

42 kB

URL GET HTTP/2
t-cf.bstatic.com/design-assets/assets/v3.81.0/fonts-brand/BookingBold.woff
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 41976, version 2.0
Size
42 kB (41976 bytes)
Hash
b2ca1822b16a92e0a0111c994cfe4b8a
ad3bf01829f003d1e837fdae30b97e4911528c0f
12269c2adb9da8c73e2d8e5628566e4662720bdff4687c3bd6190571ff8c3b05

HTTP Headers

GET /design-assets/assets/v3.81.0/fonts-brand/BookingBold.woff HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://cf.bstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff
content-length: 41976
last-modified: Tue, 25 Jul 2023 15:38:06 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 01:43:27 GMT
etag: "b2ca1822b16a92e0a0111c994cfe4b8a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OYR0irgPpnJq6EmLo4FDF9j-uLHGmP0UDh0bGa5HGX1ryVvYc2yLdw==
age: 58840
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

www.booking.com/js_tracking?pid=e1027d6b28d009d9&aid=304142&ver=2&lang=en-us&sid=6310d4b1432373d4128c998e03fdd1fb&stype=1&ref_action=index&ete=&etg=&etcg=&ets=cCHObXKeNJAbINFPIWBccCcCcCC|4,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YarGvSH9iz-oGWKFtShNeeoqe1cG6IkIoA5kVtRxMLz8SIBmNjlEWUkLyzRwqIkkRhUVhJLQypTfjIpOvjalfQPZTmH3Es26rzloPODMe6mxIxcFaHj9j1KOyQVKIVwTUWJr16-8TuncgONgtad466Vx87yDcNZvBRLi7qfDXOCuYsEH5_SkphPcwOEzMI4IbLm03cBQmx9vBDGIW9XpD_mvhVYKh2OEfUn2PUKksMtFCfGRf_Bjw6ORLMmX2uw93qX__AnU14ONzpvYMrvZVzvDG6ZROwMzwcNI8HZ4GgL31-6X4270go8LGN4usz683g

54.230.111.57

200 OK

0 B

URL GET HTTP/2
www.booking.com/js_tracking?pid=e1027d6b28d009d9&aid=304142&ver=2&lang=en-us&sid=6310d4b1432373d4128c998e03fdd1fb&stype=1&ref_action=index&ete=&etg=&etcg=&ets=cCHObXKeNJAbINFPIWBccCcCcCC|4,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YarGvSH9iz-oGWKFtShNeeoqe1cG6IkIoA5kVtRxMLz8SIBmNjlEWUkLyzRwqIkkRhUVhJLQypTfjIpOvjalfQPZTmH3Es26rzloPODMe6mxIxcFaHj9j1KOyQVKIVwTUWJr16-8TuncgONgtad466Vx87yDcNZvBRLi7qfDXOCuYsEH5_SkphPcwOEzMI4IbLm03cBQmx9vBDGIW9XpD_mvhVYKh2OEfUn2PUKksMtFCfGRf_Bjw6ORLMmX2uw93qX__AnU14ONzpvYMrvZVzvDG6ZROwMzwcNI8HZ4GgL31-6X4270go8LGN4usz683g
IP
54.230.111.57:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js_tracking?pid=e1027d6b28d009d9&aid=304142&ver=2&lang=en-us&sid=6310d4b1432373d4128c998e03fdd1fb&stype=1&ref_action=index&ete=&etg=&etcg=&ets=cCHObXKeNJAbINFPIWBccCcCcCC|4,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YarGvSH9iz-oGWKFtShNeeoqe1cG6IkIoA5kVtRxMLz8SIBmNjlEWUkLyzRwqIkkRhUVhJLQypTfjIpOvjalfQPZTmH3Es26rzloPODMe6mxIxcFaHj9j1KOyQVKIVwTUWJr16-8TuncgONgtad466Vx87yDcNZvBRLi7qfDXOCuYsEH5_SkphPcwOEzMI4IbLm03cBQmx9vBDGIW9XpD_mvhVYKh2OEfUn2PUKksMtFCfGRf_Bjw6ORLMmX2uw93qX__AnU14ONzpvYMrvZVzvDG6ZROwMzwcNI8HZ4GgL31-6X4270go8LGN4usz683g HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
X-Booking-AID: 304142
X-Booking-CSRF: l/IeZgAAAAA=BVyfpIXbtEd8ikiwCPMc1R90gP_w1JDkxjMOqcOosVmOZ_HShux4glJ448KpmPXdfw3jBZjuS13ilZlMmLqs8j3A5AHRbrPNhbUDas0v6AfRbJwVwbbYPUqO20I0c9I4IH1y4W9LLjko2G4BDArKrUIFVT1J7_lA05m3dNrSC50cP-BGQi5MMj-MrP3XCa_HG1ijPkdKRLf1Pkvr
X-Booking-Info: 1856950,1865390,1931000,1932080,1932100,1932110,1939730,1943090,1946400,1958000,1959390,1960550,1960640,1962740,cCHObXKeNJAbINFPIWBccCcCcCC|4,1960550|1,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2
X-Booking-Client-Info: cCHObXKeNJAbINFPIWBccCcCcCC|4,cCHObKdPHMfFdHMEKBOcaGPaAHFHDQIC|8,HWAJLGbbeLHAFPRFDEYScEUWBZEWaSddKNKNKWe|2
X-Booking-Label: gen173rf-1FCAEoggI46AdIM1gDaKoBiAEBmAExuAEZyAEP2AEB6AEB-AECiAIBogISYWlyLmJuYi1pZDMyMDQuY29tqAIDuALX9PqwBsACAdICJDZlNTEzYjA2LThjNjUtNDc5ZS04NWM1LTNlZDdkMzhmNDdjONgCBeACAQ
X-Booking-Language-Code: en-us
X-Booking-Pageview-Id: e1027d6b28d009d9
X-Booking-Session-Id: 6310d4b1432373d4128c998e03fdd1fb
X-Booking-SiteType-Id: 1
X-Partner-Channel-Id: 3
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBt9BZ%2BIzqvzNG3a2uciWdhAlLuCWxRfV1fP%2Fxz9ReLAA%2FeZ5CIHC3f7myW6%2BemfGK8Fixkmf5Phoc4OTCjZVm%2FAQVM1E%2FMRjNjFPE3tRbWH2TrE%2B6ZwxADcXV1U0uqJJt6pDFrWkfLdiBggCWyS551d; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmPZUPMW6RyROJNxUN0JlTK77o1GxJEKj50Akk5UC46SGZ0T/sjBGN8UEoHziZUydDa15eD96llA6Zpr9JyySCKeA4VpvHWuLUM0Bcg0GhacCWF2Q3L/RkmcZyaK1+swiucl3YCdFi; pcm_consent=analytical%3Dfalse%26countryCode%3DNO%26consentId%3De9389af3-66d7-49b3-b933-78c858cce2a8%26consentedAt%3D2024-04-16T17%3A50%3A15.029Z%26expiresAt%3D2024-10-13T17%3A50%3A15.029Z%26implicit%3Dtrue%26marketing%3Dfalse%26regionCode%3D03%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr; cors_js=1; bkng_sso_session=e30; bkng_sso_ses=e30; OptanonConsent=implicitConsentCountry=GDPR&implicitConsentDate=1713289817238; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
server: nginx
date: Tue, 16 Apr 2024 17:50:17 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=1d2e7d6c94440017&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejKN-9vNkaR7O_927jonE4z4DBoHUk70lzE
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 95Swt_nFmo4vg2jH5knnxKYFstIiRZUBiuVVhutbJGttrMkfOCu66A==
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x197/72203920.jpeg?k=8901bcc9d621d9cd12a9cf564b1b08a7d786b6cc2152d189f3172befcd269af6&o=

143.204.55.112

200 OK

16 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x197/72203920.jpeg?k=8901bcc9d621d9cd12a9cf564b1b08a7d786b6cc2152d189f3172befcd269af6&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Size
16 kB (15804 bytes)
Hash
9977489e9d6fe56a764e9c5329511977
2f4d692c4bd72bacc68563e9a4c38c35763a54cf
fb2d3d568ab1ab6bccc51bc7f0f3ac0e3d0c9aab91ff2425a64911d5b4f82f2e

HTTP Headers

GET /xdata/images/xphoto/263x197/72203920.jpeg?k=8901bcc9d621d9cd12a9cf564b1b08a7d786b6cc2152d189f3172befcd269af6&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 05 Apr 2024 12:48:09 GMT
etag: "7e21c24ecc44dc88b217c67c02519d266cac59d1"
content-language: 15804
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fQ0OjJJXyp1yPNn6S7eoxJOatUjShkuQ2mLclDkw3eFt35mmHMGCDQ==
age: 968529
X-Firefox-Spdy: h2

accommodations.booking.com/orca/chunk-metadata?chunk=3c29a897&mfe=b-index-lp-web-mfe&lang=en-us&namespace=ZeVaZXaY

54.230.111.123

200 OK

0 B

URL OPTIONS HTTP/2
accommodations.booking.com/orca/chunk-metadata?chunk=3c29a897&mfe=b-index-lp-web-mfe&lang=en-us&namespace=ZeVaZXaY
IP
54.230.111.123:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.booking.com
Fingerprint86:19:2F:3F:C1:B0:CE:07:5A:AD:A3:94:54:8D:C6:B9:99:F5:B9:49
ValidityMon, 12 Jun 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /orca/chunk-metadata?chunk=3c29a897&mfe=b-index-lp-web-mfe&lang=en-us&namespace=ZeVaZXaY HTTP/1.1
Host: accommodations.booking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-booking-et-serialized-state
Referer: https://www.booking.com/
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 0
server: nginx
date: Tue, 16 Apr 2024 17:50:17 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-origin: https://www.booking.com
vary: Origin
access-control-allow-headers: x-booking-et-serialized-state
access-control-allow-methods: HEAD,OPTIONS,GET,POST
x-xss-protection: 1; mode=block
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VZCBjBocTvyjN6vXk5zBLzDAbwGMGzyRwHuIc92hFtldUkZoo1Oz5w==
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450068.jpeg?k=41cc7c5449011323aaaaed4e845cb16200b5d540c77a50c1bea90399a1e92d70&o=

143.204.55.112

200 OK

16 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450068.jpeg?k=41cc7c5449011323aaaaed4e845cb16200b5d540c77a50c1bea90399a1e92d70&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
16 kB (15735 bytes)
Hash
e7bf96a1173c8a53e147151fadef91f5
d3c2d334b7fc33edea8492c6627bba1438c5ebe0
e84777ce16b3e1f4ebfe4a1422f5848b1a0370f33f78d99b7f4a060d880be76d

HTTP Headers

GET /xdata/images/xphoto/263x210/45450068.jpeg?k=41cc7c5449011323aaaaed4e845cb16200b5d540c77a50c1bea90399a1e92d70&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:50:59 GMT
etag: "d7d9dce017375f28392f8900463550320ea7975e"
content-language: 15735
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: G0mAuvN92CruI_SFb0RpzkHliIbHo95kzyGqoYnaPYJZgxO76ls3zg==
age: 2271559
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450080.jpeg?k=15d9709efa513f2b23b5fa8d5234d87bdee2bf97b3e7552244592da11413db9a&o=

143.204.55.112

200 OK

10 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450080.jpeg?k=15d9709efa513f2b23b5fa8d5234d87bdee2bf97b3e7552244592da11413db9a&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
10 kB (10314 bytes)
Hash
91007a34c420b11e6db46ae944e03832
faa95d4579989447ea3bf6f6308cc6080de9df73
bc45eebffad13744795ec73c95d868f36bfa4c629a18dd950cb8e3fc925e9352

HTTP Headers

GET /xdata/images/xphoto/263x210/45450080.jpeg?k=15d9709efa513f2b23b5fa8d5234d87bdee2bf97b3e7552244592da11413db9a&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:53:26 GMT
etag: "c35b65fa3e7c6890ed0bd84ed1b72acb7ba90276"
content-language: 10314
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KV82AYWgfvK4VbmYcjB1C0MUuz96c7jbIm7s62-qkoTyNHlx7WC-Ug==
age: 2271412
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/179387540.webp?k=cbf33b04282d8beb50db374f587fedfc39a8787f761dc9ad3b823191cea4b5e1&o=

143.204.55.112

200 OK

96 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/179387540.webp?k=cbf33b04282d8beb50db374f587fedfc39a8787f761dc9ad3b823191cea4b5e1&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
96 kB (95806 bytes)
Hash
a2e77a554a6de69eb14a7badee94451c
b2fe4d988abbc5034f9d52699a7643fc99b25e51
6aaebdfed077341758d8a3ea2d28747556fc81878d7c9ea49ab0667014bf7304

HTTP Headers

GET /xdata/images/hotel/square600/179387540.webp?k=cbf33b04282d8beb50db374f587fedfc39a8787f761dc9ad3b823191cea4b5e1&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Thu, 28 Mar 2024 19:04:36 GMT
content-language: 95806
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "debf32bd9d2080aa2b146e3c7e76d5d1eb66be17"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: joN2N0jcDqAWZKGaz_Z-KrlvrjAkvYZs5pTe2MaolTdRj-aK26jNcA==
age: 1637143
X-Firefox-Spdy: h2

cf.bstatic.com/psb/capla/static/css/f41dcaf5.0e50dd0f.chunk.css

143.204.55.112

200 OK

167 B

URL GET HTTP/2
cf.bstatic.com/psb/capla/static/css/f41dcaf5.0e50dd0f.chunk.css
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
167 B (167 bytes)
Hash
fbda431a011773dd250158146407597a
d8c4f0d9801789c76a3f97ed0174a7a123244488
b91aea7fa716bcab98f35788602adcd384785f8b19a966ad0c2af24e7efd4700

HTTP Headers

GET /psb/capla/static/css/f41dcaf5.0e50dd0f.chunk.css HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 167
last-modified: Mon, 15 Apr 2024 14:39:46 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-x-deployment-hash: foo
x-amz-version-id: uEdYpVKTzY7pPEOO2SHYW3plf3PcoU.w
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 14:41:22 GMT
etag: "f9dc6e8503f60c301c9df4dc902fcf59"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qX_JOUZEol_AK4immCk5ylk_7XA2YHHtOe4xFvsQbaUQIrEo0YEXPw==
age: 11335
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

q-xx.bstatic.com/xdata/images/xphoto/500x500/320647664.png?k=698a838d781fe6952e506a3856a7fa5c22056d98e571eb3cf9e448afa98eba81&o=

143.204.55.112

200 OK

575 kB

URL GET HTTP/2
q-xx.bstatic.com/xdata/images/xphoto/500x500/320647664.png?k=698a838d781fe6952e506a3856a7fa5c22056d98e571eb3cf9e448afa98eba81&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
575 kB (575098 bytes)
Hash
a0523920b3e3bf0a3c56007a4e516ef8
2641e01bee9ca25237704733311b80b71f0ba13f
e13fae84c49edb295595258b1a07c090d4fd4311bb7b8a27f0274e90638514d0

HTTP Headers

GET /xdata/images/xphoto/500x500/320647664.png?k=698a838d781fe6952e506a3856a7fa5c22056d98e571eb3cf9e448afa98eba81&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
server: nginx
date: Wed, 27 Mar 2024 10:21:11 GMT
etag: "fd49777a8a49018767f4f734663efd3f70f5b32f"
content-language: 575098
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9axgGcJj6X7OETUgkEehxIFxbtAXFd0bKOhDYmVw1Sol5YAkmN9hPQ==
age: 1754945
X-Firefox-Spdy: h2

r-xx.bstatic.com/xdata/images/xphoto/263x210/45450066.jpeg?k=4adfab312f5d26da9f81da48d8c95ca8f108215b2c84085590891a9e0e17b144&o=

143.204.55.112

200 OK

17 kB

URL GET HTTP/2
r-xx.bstatic.com/xdata/images/xphoto/263x210/45450066.jpeg?k=4adfab312f5d26da9f81da48d8c95ca8f108215b2c84085590891a9e0e17b144&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x210, components 3
Size
17 kB (16930 bytes)
Hash
e08092b0569f8ee045e4bd45c1618f76
3c285568b967e02f24eb46c58f0d3eae278c58d7
bdc6ee8e1157c8084492b5735aedad96796d7aabd9b2f80949d5e747d652028d

HTTP Headers

GET /xdata/images/xphoto/263x210/45450066.jpeg?k=4adfab312f5d26da9f81da48d8c95ca8f108215b2c84085590891a9e0e17b144&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 21 Mar 2024 10:50:59 GMT
etag: "ea2244f5ef79860569b05cd1f307c3bc50c73ced"
content-language: 16930
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vPGUauJlWTPjVS2ZQ4TV2PccVz5t6ws4RyBUMlLDVuqxCOsnDfweUA==
age: 2271559
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/524735433.webp?k=f5052d0ea566c3f4c753ac58d86e009605b56dace36537207739c60f5220a785&o=

0.0.0.0

0 B

URL GET
cf.bstatic.com/xdata/images/hotel/square600/524735433.webp?k=f5052d0ea566c3f4c753ac58d86e009605b56dace36537207739c60f5220a785&o=
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xdata/images/hotel/square600/524735433.webp?k=f5052d0ea566c3f4c753ac58d86e009605b56dace36537207739c60f5220a785&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cf.bstatic.com/xdata/images/hotel/square600/534660699.webp?k=64f4310f73335b075f3cf6b38adf9a40d235757a764902a1c3659e2181d23eed&o=

143.204.55.112

200 OK

42 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/534660699.webp?k=64f4310f73335b075f3cf6b38adf9a40d235757a764902a1c3659e2181d23eed&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
42 kB (42422 bytes)
Hash
760a5db53ce3d69679dd76ddbcc0f93b
a53d0a4c6e72ce94b852a63f640727cbd935490e
af511988268db0bd746b1aca668035378488b0ebb398847ac428ed0077af2be2

HTTP Headers

GET /xdata/images/hotel/square600/534660699.webp?k=64f4310f73335b075f3cf6b38adf9a40d235757a764902a1c3659e2181d23eed&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Sun, 31 Mar 2024 00:08:22 GMT
etag: "02cb592edda06b3924ba27c7630687baf4271ab9"
content-language: 42422
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AfMW6N3ZkwnlFr_uDsoJijwQaWv8gbHWTTTrz1b4wzNiXJzk6rFpGQ==
age: 1446117
X-Firefox-Spdy: h2

cf.bstatic.com/static/js/landingpage_cloudfront_sd/4417f0cf113c3ec51a8190be88e7c373a6d9295d.js

143.204.55.112

200 OK

350 kB

URL GET HTTP/2
cf.bstatic.com/static/js/landingpage_cloudfront_sd/4417f0cf113c3ec51a8190be88e7c373a6d9295d.js
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (51645)
Size
350 kB (350307 bytes)
Hash
261cd9524de1941c0adbbc5ab40e071f
b1d444cb7950cdaba1a586656133d83230716535
90217691ef650ad862929297ef8a897d5fed3d2a44b042274c20b0529907e375

HTTP Headers

GET /static/js/landingpage_cloudfront_sd/4417f0cf113c3ec51a8190be88e7c373a6d9295d.js HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 21 Mar 2024 09:45:22 GMT
last-modified: Wed, 20 Sep 2023 10:48:00 GMT
etag: W/"650acde0-55863"
expires: Sat, 20 Apr 2024 09:45:22 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8eZFepNWarzZGSvzYKOcpinT6EvrnXqeOxJbSoubF0_vw81Rjth2qA==
age: 2275493
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/xphoto/300x240/140040489.jpg?k=805ddfdcfb71cf3c23f2136c2c844973f1de54ce1d05ae6ddd8a7a68166cfc41&o=

143.204.55.112

200 OK

12 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/xphoto/300x240/140040489.jpg?k=805ddfdcfb71cf3c23f2136c2c844973f1de54ce1d05ae6ddd8a7a68166cfc41&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3
Size
12 kB (11980 bytes)
Hash
c360a3315fdf9a83dcea2dc619bb859f
c22c06d9eaa6c5ecea05e284246db7247e18ddfd
52f5ddca4376d0dc0447df4af875fdced8eca82498fa5153ce7f7af701006e48

HTTP Headers

GET /xdata/images/xphoto/300x240/140040489.jpg?k=805ddfdcfb71cf3c23f2136c2c844973f1de54ce1d05ae6ddd8a7a68166cfc41&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 31 Mar 2024 04:42:25 GMT
etag: "3bdfe84285ec57cc973a6115234e42e6df4cbd0c"
content-language: 11980
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sRutMpSOq91cAD9BqYZ21MCA_3C8CwQGRaoewKFFWELCvuIkva8jKQ==
age: 1429673
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/106548982.webp?k=6464bb1807bbc9f4f9c408328c8df98bdfb5a885f7fc51712fcefc417b8472f7&o=

143.204.55.112

200 OK

44 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/106548982.webp?k=6464bb1807bbc9f4f9c408328c8df98bdfb5a885f7fc51712fcefc417b8472f7&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
44 kB (43662 bytes)
Hash
ae73cf7dfa7da7510e6fd827ec3f5df5
d79115961e0524533666105e89435b8a8c7df879
f2cd2bae405dd2a3fedc811d6d518e1f2a10ddc43db3356f0b3b66a8bb3a6a3e

HTTP Headers

GET /xdata/images/hotel/square600/106548982.webp?k=6464bb1807bbc9f4f9c408328c8df98bdfb5a885f7fc51712fcefc417b8472f7&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Thu, 04 Apr 2024 08:14:41 GMT
content-language: 43662
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
etag: "39334ed1ecfc886f562ecb40cc71f27008acb4fd"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LxRu-r6B6g4EqkzcXPnjNi527UwlmaM8aJzZOXseysHfwWSfs1b2rg==
age: 1071338
X-Firefox-Spdy: h2

cf.bstatic.com/xdata/images/hotel/square600/547233345.webp?k=28837d4d06d6fff027d44308a9abb7e7071d41ed4cf3ace0945f4c16e416c5bf&o=

143.204.55.112

200 OK

21 kB

URL GET HTTP/2
cf.bstatic.com/xdata/images/hotel/square600/547233345.webp?k=28837d4d06d6fff027d44308a9abb7e7071d41ed4cf3ace0945f4c16e416c5bf&o=
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://www.booking.com/
Certificate
IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
21 kB (21050 bytes)
Hash
e9b0c64238aa72c2d9adf8313bd79f16
0ecd0ecdeb304821206b17ccbff2c82c0bdb5622
862ec622d407e0157cbfb2fc782b74011f9a9af6c6623701160a6b68ed8e38a7

HTTP Headers

GET /xdata/images/hotel/square600/547233345.webp?k=28837d4d06d6fff027d44308a9abb7e7071d41ed4cf3ace0945f4c16e416c5bf&o= HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: nginx
date: Tue, 16 Apr 2024 10:00:47 GMT
etag: "cfcc5967487314d852582ae7ac07c12419b1f294"
content-language: 21050
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NjC21R0pJEo7wO3MovZy6-cksnXRyAg4hN2UE-uqo8MBEHvM4TZv-A==
age: 28172
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (102)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML