On April 14, 2026, Booking.com's Terms and Conditions page returned an AWS WAF (web application firewall) security challenge page instead of the actual terms document. This means the actual content of the terms could not be retrieved or compared — what was captured is a bot-detection script, not a policy change. Consumers are not directly affected by this technical artifact, but it means no meaningful review of the actual terms was possible.