admin.business.booking.com Open in urlscan Pro
2620:1ec:46::45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.sg.booking.com/ss/c/fzQFVYWoT_CxrfpZvIc_bqyB8AAgOGQd1Sm9hdipV46nnh5NVDBZ8aqiGLUBoLVwzpopgl1pKBul1bo4X1uTpr8mrf4...
Effective URL:
https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&sel...
Submission: On September 01 via api (September 1st 2021, 9:48:28 am UTC) from BE

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 32 HTTP transactions. The main IP is 2620:1ec:46::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is admin.business.booking.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 22nd 2021. Valid for: a year.

This is the only time admin.business.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:224... 2600:9000:2240:fa00:14:ecff:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
8	151.101.15.9 151.101.15.9	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	18.213.63.36 18.213.63.36	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.13.27 151.101.13.27	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.24 143.204.98.24	16509 (AMAZON-02) (AMAZON-02)
32	12

1 2600:9000:2240:fa00:14:ecff:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

link.sg.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

admin.business.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.15.9 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

sdk.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.63.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-63-36.compute-1.amazonaws.com

auth.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-24.fra50.r.cloudfront.net

streaming.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	split.io sdk.split.io auth.split.io streaming.split.io	11 KB
6	booking.com 1 redirects link.sg.booking.com admin.business.booking.com	429 KB
5	cookielaw.org cdn.cookielaw.org	106 KB
3	nr-data.net bam.nr-data.net	532 B
2	gstatic.com fonts.gstatic.com	31 KB
2	googletagmanager.com www.googletagmanager.com	123 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	onetrust.com geolocation.onetrust.com	374 B
1	newrelic.com js-agent.newrelic.com	16 KB
32	9

	Domain	Requested by
8	sdk.split.io	admin.business.booking.com
5	cdn.cookielaw.org	admin.business.booking.com
5	admin.business.booking.com	admin.business.booking.com
3	bam.nr-data.net	admin.business.booking.com
2	fonts.gstatic.com	fonts.googleapis.com
2	auth.split.io	admin.business.booking.com
2	www.googletagmanager.com	admin.business.booking.com
2	fonts.googleapis.com	admin.business.booking.com
1	streaming.split.io
1	geolocation.onetrust.com	admin.business.booking.com
1	js-agent.newrelic.com	admin.business.booking.com
1	link.sg.booking.com	1 redirects
32	12

This site contains no links.

Subject Issuer	Validity	Valid
*.business.booking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-22` - `2022-03-30`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.split.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-05` - `2022-06-06`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
streaming.split.io Amazon	`2021-04-06` - `2022-05-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
Frame ID: 886FBF654F4B41256ADE0E0A93CADEEA
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booking.com for Business

Page URL History Show full URLs

https://link.sg.booking.com/ss/c/fzQFVYWoT_CxrfpZvIc_bqyB8AAgOGQd1Sm9hdipV46nnh5NVDBZ8aqiGLUBoLVwzpopgl1... HTTP 302
https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&chec... Page URL

Detected technologies

Microsoft HTTPAPI (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

32
Requests

100 %
HTTPS

62 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

717 kB
Transfer

2535 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.sg.booking.com/ss/c/fzQFVYWoT_CxrfpZvIc_bqyB8AAgOGQd1Sm9hdipV46nnh5NVDBZ8aqiGLUBoLVwzpopgl1pKBul1bo4X1uTpr8mrf4fITfvMwgha9uiRqEazT0dbXayhltZchPV-VsTqb0ehGC-fxmtzXD2Rs1HEtPkpjkNMeO-ddPoEITP6J5CJK80nA7H9KAtyZXoYwY5wID108aIhmVOsPs1c_J7WkjEIyfaeBXKC8rpUyinaVYq8MoBJ4fe1kU7vwijXHJLcXdqr38O4lw0a_ekb4Fs2g/3ey/Dau9JJp9TYa7Fqnk9nrIcw/h1/1_wsfSAlQyDW6OhCp57nVQPqpImYP_oTHA9cuwcr7Q4 HTTP 302
https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request direct-sso Show response
admin.business.booking.com/
Redirect Chain

https://link.sg.booking.com/ss/c/fzQFVYWoT_CxrfpZvIc_bqyB8AAgOGQd1Sm9hdipV46nnh5NVDBZ8aqiGLUBoLVwzpopgl1pKBul1bo4X1uTpr8mrf4fITfvMwgha9uiRqEazT0dbXayhltZchPV-VsTqb0ehGC-fxmtzXD2Rs1HEtPkpjkNMeO-ddPo...
https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-

32 KB
12 KB

139ms
11ms

Document
text/html

2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

a5ac0b18701c4e8412a5cc111838612eca59d74f6d90d7eb8f032b3cf639d800

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .booking.com .serko.travel;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: admin.business.booking.com
:scheme: https
:path: /direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control: no-store
content-type: text/html
content-encoding: br
content-md5: d1amFZ0N1rB2YTlgs1bHpw==
last-modified: Thu, 26 Aug 2021 22:59:48 GMT
accept-ranges: bytes
etag: "0x8D968E534732CF3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 3ec69c0a-201e-0060-50dd-9d11e9000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0NiQuYQAAAAC9t0tzuSf6RZ7gJQMQ8GVyTE9OMjFFREdFMDExMQBmM2VjMGU5ZS01YTZlLTQzNGEtODgwMy1iODQ4ZjEwNzc2ZGM=
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.booking.com *.serko.travel;
x-azure-ref: 0SkwvYQAAAABgiFy3s3k8QLVj4JmvbryPRlJBRURHRTEwMTIAZjNlYzBlOWUtNWE2ZS00MzRhLTg4MDMtYjg0OGYxMDc3NmRj
date: Wed, 01 Sep 2021 09:47:54 GMT

Redirect headers

content-type: text/html; charset=utf-8
content-length: 273
location: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
server: nginx
date: Wed, 01 Sep 2021 09:47:54 GMT
x-robots-tag: noindex, nofollow
x-cache: Miss from cloudfront
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: CamVAq70gUCbrRJvf153EdrnXyANZhX-FzA7vwlcOYewprz_qRRkAQ==

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
768 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Requested by

Host: admin.business.booking.com
URL: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 09:05:14 GMT
server: ESF
date: Wed, 01 Sep 2021 09:47:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Sep 2021 09:47:54 GMT

GET
H2 200 icon
fonts.googleapis.com/ 568 B
449 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 09:47:54 GMT
server: ESF
date: Wed, 01 Sep 2021 09:47:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Sep 2021 09:47:54 GMT

GET
H2 200 6.d54bb455.chunk.css
admin.business.booking.com/static/css/ 3 KB
1 KB 9ms
8ms Stylesheet
text/css 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.business.booking.com/static/css/6.d54bb455.chunk.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

0b98b5bc7025d48e16e22d92b9b8cfe1307fb69f1a321fbf9ffa59418917f471

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .booking.com .serko.travel;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/css/6.d54bb455.chunk.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: admin.business.booking.com
referer: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 07AsvYQAAAACaVqQdwaBZQYqYI6miIOE9TE9OMjFFREdFMDIxOABmM2VjMGU5ZS01YTZlLTQzNGEtODgwMy1iODQ4ZjEwNzc2ZGM=
content-md5: Ea3o5ikKRFylZLejRqnwjw==
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Aug 2021 22:59:54 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
date: Wed, 01 Sep 2021 09:47:54 GMT
x-azure-ref: 0SkwvYQAAAACeVPlCttnlTJ2yZazSH8e8RlJBRURHRTEwMTIAZjNlYzBlOWUtNWE2ZS00MzRhLTg4MDMtYjg0OGYxMDc3NmRj
content-type: text/css
x-ms-request-id: d3d13d77-801e-001b-11d5-9e5375000000
x-ms-version: 2018-03-28
etag: "0x8D968E53824352C"
content-security-policy: frame-ancestors *.booking.com *.serko.travel;
accept-ranges: bytes

GET
H2 200 config.js Show response
admin.business.booking.com/ 1 KB
961 B 11ms
10ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.business.booking.com/config.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

70e621fd82395c59769810439b4c4cdf4b534c1c65f54cbac2c5651cc41ffca6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .booking.com .serko.travel;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /config.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: admin.business.booking.com
referer: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0LFUuYQAAAAACUWRiTDuWQ6h7oBlwr23uTE9OMjFFREdFMDIxNgBmM2VjMGU5ZS01YTZlLTQzNGEtODgwMy1iODQ4ZjEwNzc2ZGM=
content-md5: h0gpu1iSX+2TTKk/HWinrw==
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Aug 2021 22:59:48 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
date: Wed, 01 Sep 2021 09:47:54 GMT
x-azure-ref: 0SkwvYQAAAADwnuEgMa0KTI9x0nl+p4KVRlJBRURHRTEwMTIAZjNlYzBlOWUtNWE2ZS00MzRhLTg4MDMtYjg0OGYxMDc3NmRj
content-type: application/javascript
x-ms-request-id: 94712b59-801e-0069-6283-9e543a000000
cache-control: no-store
x-ms-version: 2018-03-28
etag: "0x8D968E534665951"
content-security-policy: frame-ancestors *.booking.com *.serko.travel;
accept-ranges: bytes

GET
H2 200 6.11f7fa8f.chunk.js Show response
admin.business.booking.com/static/js/ 1 MB
350 KB 22ms
21ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.business.booking.com/static/js/6.11f7fa8f.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

c5f92ed4f1bd470a7e42e529a4dd319c70a1d58b145f5a02640358b67a67a993

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .booking.com .serko.travel;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/js/6.11f7fa8f.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: admin.business.booking.com
referer: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 07AsvYQAAAAC0YFc0ClC0QJ5nco/aJJWETE9OMjFFREdFMTUxMwBmM2VjMGU5ZS01YTZlLTQzNGEtODgwMy1iODQ4ZjEwNzc2ZGM=
content-md5: TrkaDUCoCsiylTnwbo9Oug==
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Aug 2021 22:59:54 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
date: Wed, 01 Sep 2021 09:47:54 GMT
x-azure-ref: 0SkwvYQAAAAClBPpy9QEUQ7wBgs7jHm/ERlJBRURHRTEwMTIAZjNlYzBlOWUtNWE2ZS00MzRhLTg4MDMtYjg0OGYxMDc3NmRj
content-type: application/javascript
x-ms-request-id: c7a8f288-301e-0053-50cf-9e4e42000000
x-ms-version: 2018-03-28
etag: "0x8D968E5382F5AC1"
content-security-policy: frame-ancestors *.booking.com *.serko.travel;
accept-ranges: bytes

GET
H2 200 main.cc9bf8aa.chunk.js Show response
admin.business.booking.com/static/js/ 266 KB
64 KB 11ms
10ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.business.booking.com/static/js/main.cc9bf8aa.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

42509b33e35015d85032df78c01a302d7c8042958d06728bbd996a525b0b792b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .booking.com .serko.travel;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/js/main.cc9bf8aa.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: admin.business.booking.com
referer: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0q1UuYQAAAADXPCnL82edSas4510itIJETE9OMjFFREdFMDExNABmM2VjMGU5ZS01YTZlLTQzNGEtODgwMy1iODQ4ZjEwNzc2ZGM=
content-md5: 7Hzz/f0y0gx/zZq+eP04qQ==
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Aug 2021 22:59:55 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
date: Wed, 01 Sep 2021 09:47:54 GMT
x-azure-ref: 0SkwvYQAAAACnyivaSqu4QatfVmoy4kcIRlJBRURHRTEwMTIAZjNlYzBlOWUtNWE2ZS00MzRhLTg4MDMtYjg0OGYxMDc3NmRj
content-type: application/javascript
x-ms-request-id: ce9b0533-e01e-00a4-78e6-9d64d0000000
x-ms-version: 2018-03-28
etag: "0x8D968E5388BBC3D"
content-security-policy: frame-ancestors *.booking.com *.serko.travel;
accept-ranges: bytes

OPTIONS
H2 200 obp_react
sdk.split.io/api/mySegments/ 0
0 74ms
22ms Preflight 151.101.15.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/mySegments/obp_react
Protocol: H2
Server: 151.101.15.9 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://admin.business.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Wed, 01 Sep 2021 09:47:55 GMT
via: 1.1 varnish
x-served-by: cache-fra19170-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1630489675.167540,VS0,VE0
vary: Cookie
access-control-allow-origin: https://admin.business.booking.com
content-length: 37

GET
H2 200 obp_react Show response
sdk.split.io/api/mySegments/ 17 B
381 B 27ms
25ms Fetch
application/json 151.101.15.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/obp_react

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.15.9 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://admin.business.booking.com/
Authorization: Bearer jmr3ev3o60omn9660ggpeg4bl1iu10153tvg
SplitSDKVersion: javascript-10.15.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
etag: "1000002--gzip"
age: 132624
x-cache: HIT, HIT
content-encoding: gzip
content-length: 37
x-request-id: 1vl8d1fkfjp
x-served-by: cache-dca17767-DCA, cache-fra19170-FRA
x-timer: S1630489675.195661,VS0,VE0
date: Wed, 01 Sep 2021 09:47:55 GMT
vary: Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca17757-DCA-ff8c933c-05fc-418c-b94c-874545b5778f; cache-fra19163-FRA-001411c9-08ac-4deb-bd43-756c91fa8c95
accept-ranges: bytes
x-cache-hits: 1, 251

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
62 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KKJQ27K&gtm_auth=EyxwjbuOconApraoMpuQQQ&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff8795b01ae87fb3066f2d3564151c1935fb0e59b52a83f16fbaaf94c2ff0620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:47:55 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62814
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ 0
0 64ms
23ms Preflight 151.101.15.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/splitChanges?since=-1
Protocol: H2
Server: 151.101.15.9 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://admin.business.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Wed, 01 Sep 2021 09:47:55 GMT
via: 1.1 varnish
x-served-by: cache-fra19170-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1630489675.167542,VS0,VE0
vary: Cookie
access-control-allow-origin: https://admin.business.booking.com
content-length: 37

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 77 KB
9 KB 27ms
26ms Fetch
application/json 151.101.15.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.15.9 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

947e582d0d02efc2ed794e25a892033e39957a5cfe64d8c4869e989dbaa55ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://admin.business.booking.com/
Authorization: Bearer jmr3ev3o60omn9660ggpeg4bl1iu10153tvg
SplitSDKVersion: javascript-10.15.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
content-encoding: gzip
etag: "-915170980--gzip"
age: 65622
x-cache: MISS, HIT
content-length: 8530
via: 1.1 varnish, 1.1 varnish
x-request-id: 1vmc94c2dik
x-served-by: cache-dca17750-DCA, cache-fra19170-FRA
last-modified: Tue, 31 Aug 2021 02:17:52 GMT
x-timer: S1630489675.195624,VS0,VE0
date: Wed, 01 Sep 2021 09:47:55 GMT
vary: Origin, Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca17750-DCA-543c754d-f6e3-410a-8d9c-fe5720c5851f; cache-fra19155-FRA-589a7417-d05a-47fd-94a7-da7edfe915f3
accept-ranges: bytes
x-cache-hits: 0, 171

GET
H2 200 auth Show response
auth.split.io/api/ 621 B
1000 B 100ms
100ms Fetch
application/json 18.213.63.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/auth?users=obp_react

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.213.63.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-213-63-36.compute-1.amazonaws.com

Software

Resource Hash

374c8726657ad55e7fbeeb33dc02b58fdef4425c22511f9237ceed039c5dd15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: application/json
Referer: https://admin.business.booking.com/
Authorization: Bearer jmr3ev3o60omn9660ggpeg4bl1iu10153tvg
SplitSDKVersion: javascript-10.15.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Sep 2021 09:47:55 GMT
strict-transport-security: max-age=15770000; includeSubdomains
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://admin.business.booking.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
content-length: 621

OPTIONS
H2 200 auth
auth.split.io/api/ 0
0 301ms
100ms Preflight
application/json 18.213.63.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/auth?users=obp_react

Protocol

Server

18.213.63.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-213-63-36.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://admin.business.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 01 Sep 2021 09:47:55 GMT
content-type: application/json; charset=utf-8
content-length: 4
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://admin.business.booking.com
strict-transport-security: max-age=15770000; includeSubdomains

GET
H2 200 nr-spa-1208.min.js Show response
js-agent.newrelic.com/ 42 KB
16 KB 75ms
22ms Script
application/javascript 151.101.13.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1208.min.js
Requested by: Host: admin.business.booking.com
URL: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Vh.geaSzxk269x8Ss.5iG8XR8B7_1taB
content-encoding: gzip
etag: "d9d4f5c3991c0454eca3e6b2ddfe31d9"
x-amz-request-id: AWD19XE4C8FXRTZW
x-cache: HIT
content-length: 15815
x-amz-id-2: 21YY2Csf4UsAd4oNUIqmSKkIlBaoIZBpLtfrTEKLoxeZ/HyifzhU3Gc9D5AdEoC98QiFVtvWuNA=
x-served-by: cache-fra19136-FRA
last-modified: Wed, 10 Mar 2021 16:24:31 GMT
server: AmazonS3
x-timer: S1630489675.203756,VS0,VE0
date: Wed, 01 Sep 2021 09:47:55 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 229

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
62 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0B5CC0Z1C1&l=dataLayer&cx=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

860c45ba3918499586f094b13bac6e8375d40ac1e86770530e7628c5e47fec8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:47:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63011
x-xss-protection: 0
expires: Wed, 01 Sep 2021 09:47:55 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 34ms
15ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 09:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BC5xsXKGgJbQbCzkLNvwBQ==
age: 86410
vary: Accept-Encoding
content-length: 6328
x-ms-lease-status: unlocked
last-modified: Wed, 04 Aug 2021 01:49:58 GMT
server: cloudflare
etag: 0x8D956EA2A6E73F4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687d9475da00c2c7-FRA
expires: Wed, 01 Sep 2021 13:47:55 GMT

GET
H2 200 6358ca56-addf-4cf6-bfc9-6b81a3a90e6a.json Show response
cdn.cookielaw.org/consent/6358ca56-addf-4cf6-bfc9-6b81a3a90e6a/ 5 KB
2 KB 32ms
17ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6358ca56-addf-4cf6-bfc9-6b81a3a90e6a/6358ca56-addf-4cf6-bfc9-6b81a3a90e6a.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4883052c1d495e60defe09338b438000ade3150855352aa772d0cf4868591a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 09:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: gktdr1qBxX/Oeyta2rK8oQ==
age: 2127393
vary: Accept-Encoding
content-length: 1609
x-ms-lease-status: unlocked
last-modified: Mon, 15 Mar 2021 12:28:02 GMT
server: cloudflare
etag: 0x8D8E7ADC6F2356E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 353fa28a-f01e-0007-05bd-8b2e63000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687d94762e6c2c2a-FRA

GET
H/1.1 200
OK NRJS-6d9efbd7f5c3c289b31 Show response
bam.nr-data.net/1/ 57 B
146 B 439ms
109ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-6d9efbd7f5c3c289b31?a=497884444&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=572&ck=0&ref=https://admin.business.booking.com/direct-sso&be=328&fe=479&dc=457&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1630489674661,%22n%22:0,%22f%22:153,%22dn%22:154,%22dne%22:265,%22c%22:265,%22s%22:270,%22ce%22:281,%22rq%22:281,%22rp%22:292,%22rpe%22:294,%22dl%22:297,%22di%22:457,%22ds%22:457,%22de%22:457,%22dc%22:479,%22l%22:479,%22le%22:480%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: admin.business.booking.com
URL: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 57
Content-Type: text/javascript;charset=iso-8859-1

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
374 B 44ms
27ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:47:55 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 687d947659f35b4a-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.13.0/ 366 KB
81 KB 14ms
14ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 09:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pY8Rr438h7Vb2adEFDW1VA==
age: 1770383
vary: Accept-Encoding
content-length: 82575
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:38:02 GMT
server: cloudflare
etag: 0x8D8C35FA49267C6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ceca3015-601e-016b-07fc-8ec3e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687d94768b1fc2c7-FRA
expires: Thu, 09 Sep 2021 09:47:55 GMT

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/6358ca56-addf-4cf6-bfc9-6b81a3a90e6a/f8745995-04f8-44ca-a6ff-f90c2d275998/ 51 KB
13 KB 15ms
15ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6358ca56-addf-4cf6-bfc9-6b81a3a90e6a/f8745995-04f8-44ca-a6ff-f90c2d275998/en-us.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d33d1535fb0945c64d1b53e1aa34483b7a5d20536448d2c141b3ea4a0e272f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 09:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zjF4HX0rZAmZjXNWDCAHxw==
age: 2127175
vary: Accept-Encoding
content-length: 13154
x-ms-lease-status: unlocked
last-modified: Mon, 15 Mar 2021 12:28:18 GMT
server: cloudflare
etag: 0x8D8E7ADD04017AD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 697eea8c-201e-010a-59bd-8b873a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687d9476cfdb2c2a-FRA

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 12 KB
3 KB 28ms
27ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.13.0/assets/otFlat.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 09:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /ODZFpGAnQ0xgLGN+/xOCg==
age: 9013267
vary: Accept-Encoding
content-length: 2822
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:37:52 GMT
server: cloudflare
etag: 0x8D8C35F9EDD933A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5ff6ff2a-001e-0116-571c-4d5f2d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687d947708732c2a-FRA
expires: Thu, 09 Sep 2021 09:47:55 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://admin.business.booking.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 07:18:45 GMT
x-content-type-options: nosniff
age: 440950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 07:18:45 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://admin.business.booking.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:31:42 GMT
x-content-type-options: nosniff
age: 339373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:31:42 GMT

GET
H2 200 sse
streaming.split.io/ 472 B
0 474ms
385ms EventSource
text/event-stream 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://streaming.split.io/sse?channels=MTAyMzkwOTk2NQ%3D%3D_MjEwNTI3ODkwNQ%3D%3D_MjgzNTI4MDQzNA%3D%3D_mySegments,MTAyMzkwOTk2NQ%3D%3D_MjEwNTI3ODkwNQ%3D%3D_splits,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_pri,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_sec&accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6IkRQVkE3QS51X09xLXciLCJ0eXAiOiJKV1QifQ.eyJ4LWFibHktY2FwYWJpbGl0eSI6IntcIk1UQXlNemt3T1RrMk5RPT1fTWpFd05USTNPRGt3TlE9PV9Namd6TlRJNE1EUXpOQT09X215U2VnbWVudHNcIjpbXCJzdWJzY3JpYmVcIl0sXCJNVEF5TXprd09UazJOUT09X01qRXdOVEkzT0Rrd05RPT1fc3BsaXRzXCI6W1wic3Vic2NyaWJlXCJdLFwiY29udHJvbF9wcmlcIjpbXCJzdWJzY3JpYmVcIixcImNoYW5uZWwtbWV0YWRhdGE6cHVibGlzaGVyc1wiXSxcImNvbnRyb2xfc2VjXCI6W1wic3Vic2NyaWJlXCIsXCJjaGFubmVsLW1ldGFkYXRhOnB1Ymxpc2hlcnNcIl19IiwieC1hYmx5LWNsaWVudElkIjoiY2xpZW50SWQiLCJleHAiOjE2MzA0OTMyNzUsImlhdCI6MTYzMDQ4OTY3NX0.uiB29whpfOWe_RnsHzqdycmC0mVkanPwH63DZBF-33Y&v=1.1&heartbeats=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-24.fra50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com
X-Content-Type-Options	nosniff

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-amz-cf-pop: FRA50-C1
date: Wed, 01 Sep 2021 09:47:55 GMT
vary: Origin
x-ably-serverid: frontend.322d.1.us-east-1-A.i-0af69488ca46d039f.e7dAWFYSgB285K
content-type: text/event-stream
access-control-allow-origin: https://admin.business.booking.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
access-control-allow-credentials: true
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: 2FbVYPdH2BOB0uZ4zLhAGn4HxnU2qT7FCCqlAixKjpCiie_jOPoVRQ==
x-content-type-options: nosniff

POST
H/1.1 200
OK NRJS-6d9efbd7f5c3c289b31 Show response
bam.nr-data.net/events/1/ 24 B
193 B 111ms
111ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-6d9efbd7f5c3c289b31?a=497884444&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=1021&ck=0&ref=https://admin.business.booking.com/direct-sso
Requested by: Host: admin.business.booking.com
URL: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://admin.business.booking.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

OPTIONS
H2 200 obp_react
sdk.split.io/api/mySegments/ 0
0 22ms
22ms Preflight 151.101.15.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/mySegments/obp_react
Protocol: H2
Server: 151.101.15.9 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://admin.business.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Wed, 01 Sep 2021 09:47:56 GMT
via: 1.1 varnish
x-served-by: cache-fra19170-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1630489676.009589,VS0,VE0
vary: Cookie
access-control-allow-origin: https://admin.business.booking.com
content-length: 37

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ 0
0 22ms
21ms Preflight 151.101.15.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/splitChanges?since=1630376272732
Protocol: H2
Server: 151.101.15.9 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://admin.business.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Wed, 01 Sep 2021 09:47:56 GMT
via: 1.1 varnish
x-served-by: cache-fra19170-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1630489676.010216,VS0,VE0
vary: Cookie
access-control-allow-origin: https://admin.business.booking.com
content-length: 37

GET
H2 200 obp_react Show response
sdk.split.io/api/mySegments/ 17 B
250 B 23ms
22ms Fetch
application/json 151.101.15.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/obp_react

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.15.9 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://admin.business.booking.com/
Authorization: Bearer jmr3ev3o60omn9660ggpeg4bl1iu10153tvg
SplitSDKVersion: javascript-10.15.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
etag: "1000002--gzip"
age: 132625
x-cache: HIT, HIT
content-encoding: gzip
content-length: 37
x-request-id: 1vl8d1fkfjp
x-served-by: cache-dca17767-DCA, cache-fra19170-FRA
x-timer: S1630489676.032772,VS0,VE0
date: Wed, 01 Sep 2021 09:47:56 GMT
vary: Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca17757-DCA-ff8c933c-05fc-418c-b94c-874545b5778f; cache-fra19163-FRA-001411c9-08ac-4deb-bd43-756c91fa8c95
accept-ranges: bytes
x-cache-hits: 1, 252

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 56 B
396 B 22ms
22ms Fetch
application/json 151.101.15.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=1630376272732

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.15.9 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7373adbdb8e034ad060efb4cd003de8121ffbccc5efc8608445c258725b37344

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://admin.business.booking.com/
Authorization: Bearer jmr3ev3o60omn9660ggpeg4bl1iu10153tvg
SplitSDKVersion: javascript-10.15.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
etag: "974840900--gzip"
age: 111322
x-cache: HIT, HIT
content-encoding: gzip
content-length: 63
x-request-id: 1vll1lrmd5x
x-served-by: cache-dca17726-DCA, cache-fra19170-FRA
last-modified: Tue, 31 Aug 2021 02:17:52 GMT
x-timer: S1630489676.032740,VS0,VE0
date: Wed, 01 Sep 2021 09:47:56 GMT
vary: Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca17723-DCA-f9115d86-9d8f-4d9f-9c62-cc93de2e2ec1; cache-fra19176-FRA-909792b1-9989-4d42-bf6a-63e65937a4b1
accept-ranges: bytes
x-cache-hits: 3, 145

POST
H/1.1 200
OK NRJS-6d9efbd7f5c3c289b31 Show response
bam.nr-data.net/events/1/ 24 B
193 B 109ms
109ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-6d9efbd7f5c3c289b31?a=497884444&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=10572&ck=0&ref=https://admin.business.booking.com/direct-sso
Requested by: Host: admin.business.booking.com
URL: https://admin.business.booking.com/direct-sso?aid=2145257&&emk=GAORU36UMA&&emkcid=350&&checkin=2021-09-03&&checkout=2021-09-04&&selected_currency=EUR&&lang=en-gb&&label=48815_direct-sso-link_v2-
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://admin.business.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://admin.business.booking.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://admin.business.booking.com/static/js/6.11f7fa8f.chunk.js(Line 2) Message: [okta-auth-sdk] WARN: This browser doesn't support localStorage. Switching to sessionStorage.
console-api	error	URL: https://admin.business.booking.com/static/js/6.11f7fa8f.chunk.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors .booking.com .serko.travel;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.business.booking.com
auth.split.io
bam.nr-data.net
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
js-agent.newrelic.com
link.sg.booking.com
sdk.split.io
streaming.split.io
www.googletagmanager.com
143.204.98.24
151.101.13.27
151.101.15.9
162.247.242.20
18.213.63.36
2600:9000:2240:fa00:14:ecff:a140:93a1
2606:4700:10::6814:b944
2606:4700::6810:9440
2620:1ec:46::45
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:831::2003
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
0b98b5bc7025d48e16e22d92b9b8cfe1307fb69f1a321fbf9ffa59418917f471
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
374c8726657ad55e7fbeeb33dc02b58fdef4425c22511f9237ceed039c5dd15d
42509b33e35015d85032df78c01a302d7c8042958d06728bbd996a525b0b792b
4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
70e621fd82395c59769810439b4c4cdf4b534c1c65f54cbac2c5651cc41ffca6
7373adbdb8e034ad060efb4cd003de8121ffbccc5efc8608445c258725b37344
860c45ba3918499586f094b13bac6e8375d40ac1e86770530e7628c5e47fec8e
939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947
947e582d0d02efc2ed794e25a892033e39957a5cfe64d8c4869e989dbaa55ac2
a5ac0b18701c4e8412a5cc111838612eca59d74f6d90d7eb8f032b3cf639d800
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
bb4883052c1d495e60defe09338b438000ade3150855352aa772d0cf4868591a
c5f92ed4f1bd470a7e42e529a4dd319c70a1d58b145f5a02640358b67a67a993
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d33d1535fb0945c64d1b53e1aa34483b7a5d20536448d2c141b3ea4a0e272f2a
ff8795b01ae87fb3066f2d3564151c1935fb0e59b52a83f16fbaaf94c2ff0620

admin.business.booking.com Open in urlscan Pro 2620:1ec:46::45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

62 %IPv6

9 Domains

12 Subdomains

12 IPs

2 Countries

717 kBTransfer

2535 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

admin.business.booking.com Open in urlscan Pro
2620:1ec:46::45 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

62 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

717 kB
Transfer

2535 kB
Size

0
Cookies

32 HTTP transactions
0 data transactions