www.booking.sr-group.no Open in urlscan Pro
178.164.11.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.booking.sr-group.no/
Submission: On April 24 via automatic, source certstream-suspicious (April 24th 2020, 9:30:27 pm UTC)

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 178.164.11.103, located in Mosvik, Norway and belongs to NTE-BREDBAND NIX 1, Oslo, Norway, NO. The main domain is www.booking.sr-group.no.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 8th 2020. Valid for: 3 months.

This is the only time www.booking.sr-group.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	178.164.11.103 178.164.11.103	34087 (NTE-BREDB...) (NTE-BREDBAND NIX 1)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
14	6

5 178.164.11.103 (Mosvik, Norway)

ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO)
PTR: web3.sircon.net

www.booking.sr-group.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	sr-group.no www.booking.sr-group.no	28 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	161 KB
3	google.com www.google.com	538 B
1	googleapis.com fonts.googleapis.com ajax.googleapis.com Failed	586 B
14	4

	Domain	Requested by
5	www.booking.sr-group.no	www.booking.sr-group.no
3	fonts.gstatic.com	www.booking.sr-group.no
3	www.google.com	www.booking.sr-group.no www.gstatic.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	www.booking.sr-group.no
0	ajax.googleapis.com Failed	www.booking.sr-group.no
14	6

This site contains no links.

Subject Issuer	Validity	Valid
booking.sr-group.no cPanel, Inc. Certification Authority	`2020-02-08` - `2020-05-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.booking.sr-group.no/
Frame ID: 89E59412B38EE2EB91002A431B3A4275
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeaqQ4TAAAAAMWWrz5-UuqFCMmH05udSO9l0-lI&co=aHR0cHM6Ly93d3cuYm9va2luZy5zci1ncm91cC5ubzo0NDM.&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=z4b4bv64v50s
Frame ID: A2B638AD3C8BC8C754BD374F804FF2BA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LeaqQ4TAAAAAMWWrz5-UuqFCMmH05udSO9l0-lI&cb=ks59cev5olp3
Frame ID: 0382FB89AF3A37F2467D19A87E9F734E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

html /<div[^>]+class="g-recaptcha"/i
script /\/recaptcha\/api\.js/i

Page Statistics

14
Requests

93 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

190 kB
Transfer

369 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.booking.sr-group.no/ 6 KB
6 KB 208ms
45ms Document
text/html 178.164.11.103
NTE-BREDBAND NIX 1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.booking.sr-group.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.164.11.103 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS: web3.sircon.net
Software: Apache /
Resource Hash: e7f22fd30c7654207ccc9742a40a481c10f7a6f5cdcc4aba4a76a23119efb440

Request headers

:method: GET
:authority: www.booking.sr-group.no
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 24 Apr 2020 21:30:08 GMT
server: Apache
content-length: 5765
content-type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 2 KB
586 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,300,600

Requested by

Host: www.booking.sr-group.no
URL: https://www.booking.sr-group.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0a7fdd198eab58dfbefe47c76d09367028e4e67a0b32aed121c205d12e68f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.booking.sr-group.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Apr 2020 21:30:08 GMT
server: ESF
date: Fri, 24 Apr 2020 21:30:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Apr 2020 21:30:08 GMT

GET
H2 200 normalize.css
www.booking.sr-group.no/css/ 8 KB
8 KB 48ms
47ms Stylesheet
text/css 178.164.11.103
NTE-BREDBAND NIX 1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.booking.sr-group.no/css/normalize.css
Requested by: Host: www.booking.sr-group.no
URL: https://www.booking.sr-group.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.164.11.103 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS: web3.sircon.net
Software: Apache /
Resource Hash: f4d7e8250f8f124f8b7d087e5e260766a34b079fddc43e7b20d8c18ca1e92e51

Request headers

Referer: https://www.booking.sr-group.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 24 Apr 2020 21:30:08 GMT
last-modified: Tue, 13 Oct 2015 07:00:25 GMT
server: Apache
accept-ranges: bytes
content-length: 7797
content-type: text/css

GET
H2 200 skeleton.css
www.booking.sr-group.no/css/ 11 KB
11 KB 48ms
47ms Stylesheet
text/css 178.164.11.103
NTE-BREDBAND NIX 1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.booking.sr-group.no/css/skeleton.css
Requested by: Host: www.booking.sr-group.no
URL: https://www.booking.sr-group.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.164.11.103 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS: web3.sircon.net
Software: Apache /
Resource Hash: 10207d6db44e2c69bcc0ea046c77074719478331aa6290ed3538034f20f3d308

Request headers

Referer: https://www.booking.sr-group.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 24 Apr 2020 21:30:08 GMT
last-modified: Tue, 13 Oct 2015 07:00:26 GMT
server: Apache
accept-ranges: bytes
content-length: 11452
content-type: text/css

GET
H2 200 stil.css
www.booking.sr-group.no/css/ 261 B
290 B 50ms
49ms Stylesheet
text/css 178.164.11.103
NTE-BREDBAND NIX 1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.booking.sr-group.no/css/stil.css
Requested by: Host: www.booking.sr-group.no
URL: https://www.booking.sr-group.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.164.11.103 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS: web3.sircon.net
Software: Apache /
Resource Hash: a0b20a63147764895dd93dd469ddbf8b011ecd0677ff0efbc4bd8c33ade279a1

Request headers

Referer: https://www.booking.sr-group.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 24 Apr 2020 21:30:08 GMT
last-modified: Tue, 13 Oct 2015 07:00:26 GMT
server: Apache
accept-ranges: bytes
content-length: 261
content-type: text/css

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
538 B 16ms
16ms Script
text/javascript 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.booking.sr-group.no
URL: https://www.booking.sr-group.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eff1e369cf0b3ccaf06a247ad118d31ddb4dee8c19ae178d2f7bd6f4043a2d6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.sr-group.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 24 Apr 2020 21:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 445
x-xss-protection: 1; mode=block
expires: Fri, 24 Apr 2020 21:30:08 GMT

GET
H2 200 SR-Group-Logo-st.png
www.booking.sr-group.no/images/ 3 KB
3 KB 45ms
45ms Image
image/png 178.164.11.103
NTE-BREDBAND NIX 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.booking.sr-group.no/images/SR-Group-Logo-st.png
Requested by: Host: www.booking.sr-group.no
URL: https://www.booking.sr-group.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.164.11.103 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS: web3.sircon.net
Software: Apache /
Resource Hash: 6c00ded6255377926764ca54084068f6e12f46354678af584999b5d3f0da86da

Request headers

Referer: https://www.booking.sr-group.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 24 Apr 2020 21:30:08 GMT
last-modified: Tue, 13 Oct 2015 07:00:26 GMT
server: Apache
accept-ranges: bytes
content-length: 3327
content-type: image/png

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 0
0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/ 299 KB
121 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.sr-group.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 16:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Apr 2020 04:05:48 GMT
server: sffe
age: 361868
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 124243
x-xss-protection: 0
expires: Tue, 20 Apr 2021 16:59:00 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.booking.sr-group.no
URL: https://www.booking.sr-group.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway:400,300,600
Origin: https://www.booking.sr-group.no

Response headers

date: Sat, 28 Mar 2020 14:50:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 2356783
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13428
x-xss-protection: 0
expires: Sun, 28 Mar 2021 14:50:25 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwIYqWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwIYqWqZPANqczVs.woff2

Requested by

Host: www.booking.sr-group.no
URL: https://www.booking.sr-group.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63faac0a35283fa66924f73966386a8e1e41dac3f1c957f9b02c924c7fd0121d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway:400,300,600
Origin: https://www.booking.sr-group.no

Response headers

date: Thu, 16 Apr 2020 21:45:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:34 GMT
server: sffe
age: 690304
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13316
x-xss-protection: 0
expires: Fri, 16 Apr 2021 21:45:04 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwPIsWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwPIsWqZPANqczVs.woff2

Requested by

Host: www.booking.sr-group.no
URL: https://www.booking.sr-group.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5b9c05ae7b05e6ef6129a065795922649a71851bd9f57d080dc86e3efa34a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway:400,300,600
Origin: https://www.booking.sr-group.no

Response headers

date: Wed, 08 Apr 2020 21:05:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:51 GMT
server: sffe
age: 1383900
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13404
x-xss-protection: 0
expires: Thu, 08 Apr 2021 21:05:08 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame A2B6 0
0 68ms
47ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeaqQ4TAAAAAMWWrz5-UuqFCMmH05udSO9l0-lI&co=aHR0cHM6Ly93d3cuYm9va2luZy5zci1ncm91cC5ubzo0NDM.&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=z4b4bv64v50s

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RF7pWthAJmdOUQ81aWSdFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeaqQ4TAAAAAMWWrz5-UuqFCMmH05udSO9l0-lI&co=aHR0cHM6Ly93d3cuYm9va2luZy5zci1ncm91cC5ubzo0NDM.&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=z4b4bv64v50s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.booking.sr-group.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.booking.sr-group.no/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Apr 2020 21:30:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-RF7pWthAJmdOUQ81aWSdFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10171
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 0382 0
0 27ms
26ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LeaqQ4TAAAAAMWWrz5-UuqFCMmH05udSO9l0-lI&cb=ks59cev5olp3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AC/Rb+ph1bSwzFLvlOA77w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LeaqQ4TAAAAAMWWrz5-UuqFCMmH05udSO9l0-lI&cb=ks59cev5olp3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.booking.sr-group.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.booking.sr-group.no/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Apr 2020 21:30:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-AC/Rb+ph1bSwzFLvlOA77w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1180
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
www.booking.sr-group.no
www.google.com
www.gstatic.com
ajax.googleapis.com
178.164.11.103
2a00:1450:4001:808::200a
2a00:1450:4001:815::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:821::2003
10207d6db44e2c69bcc0ea046c77074719478331aa6290ed3538034f20f3d308
63faac0a35283fa66924f73966386a8e1e41dac3f1c957f9b02c924c7fd0121d
6c00ded6255377926764ca54084068f6e12f46354678af584999b5d3f0da86da
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
a0b20a63147764895dd93dd469ddbf8b011ecd0677ff0efbc4bd8c33ade279a1
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
c0a7fdd198eab58dfbefe47c76d09367028e4e67a0b32aed121c205d12e68f5e
e7f22fd30c7654207ccc9742a40a481c10f7a6f5cdcc4aba4a76a23119efb440
eff1e369cf0b3ccaf06a247ad118d31ddb4dee8c19ae178d2f7bd6f4043a2d6c
f4d7e8250f8f124f8b7d087e5e260766a34b079fddc43e7b20d8c18ca1e92e51
f5b9c05ae7b05e6ef6129a065795922649a71851bd9f57d080dc86e3efa34a51

www.booking.sr-group.no Open in urlscan Pro 178.164.11.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

80 %IPv6

4 Domains

6 Subdomains

6 IPs

2 Countries

190 kBTransfer

369 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

www.booking.sr-group.no Open in urlscan Pro
178.164.11.103 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

190 kB
Transfer

369 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions