www.roomertravel.com Open in urlscan Pro
2606:4700:20::681a:792 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.roomertravel.com/
Effective URL:
https://www.roomertravel.com/
Submission: On March 06 via api (March 6th 2024, 1:04:54 am UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 18 domains to perform 54 HTTP transactions. The main IP is 2606:4700:20::681a:792, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.roomertravel.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 21st 2023. Valid for: a year.

This is the only time www.roomertravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:692	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:792	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f08... 2a03:2880:f083:6:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
3	18.245.62.185 18.245.62.185	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	13.33.187.40 13.33.187.40	16509 (AMAZON-02) (AMAZON-02)
1	13.35.58.61 13.35.58.61	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:485a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.70.168.244 52.70.168.244	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
3	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
6	2600:9000:276... 2600:9000:2761:4400:18:c6f9:8200:93a1	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::2001	() ()
1	107.178.240.159 107.178.240.159	() ()
54	22

1 2606:4700:20::681a:692 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.roomertravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:792 (United States)

ASN13335 (CLOUDFLARENET, US)

www.roomertravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:6:face:b00c:0:2 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

scontent-vie1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.62.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-62-185.fra60.r.cloudfront.net

d3vk1fw5taqp37.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-40.fra60.r.cloudfront.net

cdn.rollbar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-61.fra60.r.cloudfront.net

cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:485a (United States)

ASN13335 (CLOUDFLARENET, US)

web-api.roomertravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.168.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-168-244.compute-1.amazonaws.com

b2b.roomerapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2761:4400:18:c6f9:8200:93a1 (None, )

ASN- ()

i.roomerapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (None, )

ASN- ()

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.240.159 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	gstatic.com fonts.gstatic.com www.gstatic.com	701 KB
9	roomertravel.com 1 redirects www.roomertravel.com web-api.roomertravel.com	744 KB
7	roomerapi.com b2b.roomerapi.com i.roomerapi.com	624 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	39 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 242	1 KB
3	cloudfront.net d3vk1fw5taqp37.cloudfront.net	543 KB
3	facebook.com 1 redirects graph.facebook.com — Cisco Umbrella Rank: 136 www.facebook.com — Cisco Umbrella Rank: 100 web.facebook.com — Cisco Umbrella Rank: 225	3 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2089	320 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	89 KB
1	mixpanel.com api-js.mixpanel.com	366 B
1	googleusercontent.com lh3.googleusercontent.com	4 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 622	29 KB
1	forter.com cdn4.forter.com — Cisco Umbrella Rank: 3215	567 B
1	rollbar.com cdn.rollbar.com — Cisco Umbrella Rank: 11021	24 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3334	19 KB
1	fbcdn.net scontent-vie1-1.xx.fbcdn.net — Cisco Umbrella Rank: 26485	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	94 KB
54	18

	Domain	Requested by
7	www.roomertravel.com	1 redirects www.roomertravel.com
6	i.roomerapi.com
5	www.gstatic.com	www.roomertravel.com www.google.com
5	www.google.com	www.roomertravel.com www.gstatic.com www.google.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	www.roomertravel.com
3	bam.nr-data.net	www.roomertravel.com
3	d3vk1fw5taqp37.cloudfront.net	www.roomertravel.com
3	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	www.roomertravel.com
2	web-api.roomertravel.com	www.roomertravel.com
1	api-js.mixpanel.com	www.roomertravel.com
1	lh3.googleusercontent.com
1	web.facebook.com	connect.facebook.net
1	js-agent.newrelic.com	www.roomertravel.com
1	www.facebook.com	www.roomertravel.com
1	b2b.roomerapi.com	www.roomertravel.com
1	cdn4.forter.com	www.roomertravel.com
1	cdn.rollbar.com	www.roomertravel.com
1	cdn.mxpnl.com	www.roomertravel.com
1	scontent-vie1-1.xx.fbcdn.net	www.roomertravel.com
1	graph.facebook.com	1 redirects
1	www.googletagmanager.com	www.roomertravel.com
54	23

This site contains links to these domains. Also see Links.

Domain
help.roomertravel.com
de.roomertravel.com
es.roomertravel.com
fr.roomertravel.com
www.facebook.com
twitter.com
www.instagram.com
apps.apple.com
www.tripadvisor.com
event.webcasts.com
edition.cnn.com
ca.news.yahoo.com
www.forbes.com
mashable.com
intransit.blogs.nytimes.com
www.nbcnews.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-21` - `2024-04-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
cdn.rollbar.com Amazon RSA 2048 M02	`2023-05-12` - `2024-06-09`	a year	crt.sh
*.cdn4.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-28` - `2024-12-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.roomerapi.com Go Daddy Secure Certificate Authority - G2	`2023-05-07` - `2024-05-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.mixpanel.com GeoTrust TLS RSA CA G1	`2024-02-08` - `2025-03-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.roomertravel.com/
Frame ID: A3F509C5D2CF4425C160EB84273FC60D
Requests: 44 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdROMcUAAAAAA0H2aEoG5meomuGwPEC6WWhmTtG&co=aHR0cHM6Ly93d3cucm9vbWVydHJhdmVsLmNvbTo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=n5i4x1wrrz9g
Frame ID: 7F0D578F9EBE640BFA434EB2B1376BD7
Requests: 5 HTTP requests in this frame

Frame: https://web.facebook.com/v2.7/plugins/like.php?action=like&app_id=928812818612361&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df44b56beb5b22889d%26domain%3Dwww.roomertravel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.roomertravel.com%252Fffe1e0b0928251df9%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fwww.facebook.com%2FRoomerHotDeals&layout=box_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=51
Frame ID: 6C1C18B367F75958C5D68C92B489EBDD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdROMcUAAAAAA0H2aEoG5meomuGwPEC6WWhmTtG
Frame ID: D01812B543294E865EBD824AFD4D8607
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roomer: The marketplace for discounted hotel reservationssearch_magnifierbuyer_protectioncustomer_supporthamburgerroomer_logoicon_zoomlogo_cnnlogo_forbeslogo_nbc_newslogo_mashablelogo_the_new_york_timeslogo_yahooicon_facebookicon_twittericon_instagramicon_snapchaticon_tripadvisorglobetriangleicon_checkedtripadvisor_iconguestcalendaricon_radio_emptyicon_radio_selectedroomer_logotripadvisor_logoselect_box_arrowv_iconv_signradio_button_uncheckedradio_button_checkeddot_iconbreakfastbreakfastnorton_securityexplorebellmap_pointerlh_shieldicon-locationicon-locationreveal lockarrow_rightphone_iconarrow-upicon-alertmenu_alert_memenu_alert_me_markedalert_me_envelopios-marketingsearch_magnifierbuyer_protectioncustomer_supporthamburgerroomer_logoicon_zoomlogo_cnnlogo_forbeslogo_nbc_newslogo_mashablelogo_the_new_york_timeslogo_yahooicon_facebookicon_twittericon_instagramicon_snapchaticon_tripadvisorglobetriangleicon_checkedtripadvisor_iconguestcalendaricon_radio_emptyicon_radio_selectedroomer_logotripadvisor_logoselect_box_arrowv_iconv_signradio_button_uncheckedradio_button_checkeddot_iconbreakfastbreakfastnorton_securityexplorebellmap_pointerlh_shieldicon-locationicon-locationreveal lockarrow_rightphone_iconarrow-upicon-alertmenu_alert_memenu_alert_me_markedalert_me_envelopios-marketingBedhome_sort_iconhome_filter_iconhome-rating-iconhome_emptyhome_filterhome_ratinghome_flexiblehome_pricehome_arrow_downicon_switcher_exploreicon_switcher_search

Page URL History Show full URLs

http://www.roomertravel.com/ HTTP 301
https://www.roomertravel.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

54
Requests

98 %
HTTPS

74 %
IPv6

18
Domains

23
Subdomains

22
IPs

3
Countries

2920 kB
Transfer

7061 kB
Size

9
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://help.roomertravel.com/hc/
Title: Support & FAQ's

Search URL Search Domain Scan URL

URL: https://de.roomertravel.com/?action=index&controller=home
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://es.roomertravel.com/?action=index&controller=home
Title: Español

Search URL Search Domain Scan URL

URL: https://fr.roomertravel.com/?action=index&controller=home
Title: Français

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RoomerHotDeals

Search URL Search Domain Scan URL

URL: https://twitter.com/RoomerTravel

Search URL Search Domain Scan URL

URL: https://www.instagram.com/roomer_travel/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id877222676

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/

Search URL Search Domain Scan URL

URL: https://event.webcasts.com/starthere.jsp?ei=1150199&tp_key=6263125ebd
Title: Corporate Travel Webinar

Search URL Search Domain Scan URL

URL: http://edition.cnn.com/2014/02/04/travel/12-travel-websites/index.html

Search URL Search Domain Scan URL

URL: https://ca.news.yahoo.com/20-ways-score-cheap-hotel-201317227.html

Search URL Search Domain Scan URL

URL: http://www.forbes.com/sites/tjmccue/2014/03/31/stop-losing-money-when-you-have-to-cancel-hotel-reservations/

Search URL Search Domain Scan URL

URL: http://mashable.com/2013/10/03/affordable-travel-startups/

Search URL Search Domain Scan URL

URL: http://intransit.blogs.nytimes.com/2013/11/14/some-help-on-the-nonrefundable-front/

Search URL Search Domain Scan URL

URL: http://www.nbcnews.com/business/travel/make-some-money-or-score-good-deal-nonrefundable-hotel-room-f2D11577490

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.roomertravel.com/ HTTP 301
https://www.roomertravel.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://graph.facebook.com/100013163624949/picture?type=large HTTP 302
https://scontent-vie1-1.xx.fbcdn.net/v/t1.30497-1/84628273_176159830277856_972693363922829312_n.jpg?stp=c59.0.200.200a_dst-jpg_p200x200&_nc_cat=1&ccb=1-7&_nc_sid=5f2048&_nc_ohc=sjxi-v0F2pYAX9v-9ZJ&_nc_ht=scontent-vie1-1.xx&edm=AHgPADgEAAAA&oh=00_AfDvBRm7ZHGKHXb9cJqpbEN26ut2hBpxhjovmfDamvfPSg&oe=660F18D9

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.roomertravel.com/
Redirect Chain

http://www.roomertravel.com/
https://www.roomertravel.com/

322 KB
74 KB

482ms
390ms

Document
text/html

2606:4700:20::681a:792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:792 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886a399a6b5a3748fa81bb2ac008a74e474ddbef5e88cb455e516992077983be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85fe6f00eb1d4d49-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 01:04:46 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
permissions-policy: browsing-topics=()
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709687086&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Uzjz1wi101M0j2RpaOENHHOWylYCn0qr87PrjjnYYpY%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709687086&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Uzjz1wi101M0j2RpaOENHHOWylYCn0qr87PrjjnYYpY%3D
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur
x-frame-options: ALLOWALL
x-request-id: 86e2e1e8-0efa-4a8a-81a5-893f3b603266
x-runtime: 0.031078

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85fe6efecab14dc4-FRA
Connection: keep-alive
Content-Type: text/html
Date: Wed, 06 Mar 2024 01:04:46 GMT
Location: https://www.roomertravel.com/
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Permissions-Policy: browsing-topics=()
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709687086&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Uzjz1wi101M0j2RpaOENHHOWylYCn0qr87PrjjnYYpY%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709687086&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Uzjz1wi101M0j2RpaOENHHOWylYCn0qr87PrjjnYYpY%3D
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 vegur
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
94 KB 146ms
57ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7SM2EKJ74C

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca64e2133ef2995f03a8b3ae59d82484a9da1f93f2cc0bba160b2d19cc29af80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:04:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Mar 2024 01:04:46 GMT

GET
H2 200 application-39f668e4051798c4b0d9787a3b7bedf5.css
www.roomertravel.com/assets/ 785 KB
105 KB 343ms
342ms Stylesheet
text/css 2606:4700:20::681a:792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.roomertravel.com/assets/application-39f668e4051798c4b0d9787a3b7bedf5.css

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:792 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0e48ce78c27fdf1eb221920e6c170b166418d857f4312d98f352f4187d78d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:04:47 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding: br
cf-polished: origSize=808405
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706622215&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=bt5Wi4UJwiUFxcP4hknKrgUUzvsGifW7KbCjsvcRYPc%3D
cf-bgj: minify
last-modified: Tue, 30 Jan 2024 12:18:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706622215&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=bt5Wi4UJwiUFxcP4hknKrgUUzvsGifW7KbCjsvcRYPc%3D"}]}
content-type: text/css
permissions-policy: browsing-topics=()
cf-ray: 85fe6f041d184d49-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 157ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7SM2EKJ74C&gtm=45je42t1h1v9171677130za220&_p=1709687086628&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=56211797.1709687087&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&uid=&sid=1709687086&sct=1&seg=0&dl=https%3A%2F%2Fwww.roomertravel.com%2F&dt=Roomer%3A%20The%20marketplace%20for%20discounted%20hotel%20reservations&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1095
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7SM2EKJ74C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 01:04:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.roomertravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

84628273_176159830277856_972693363922829312_n.jpg
scontent-vie1-1.xx.fbcdn.net/v/t1.30497-1/
Redirect Chain

https://graph.facebook.com/100013163624949/picture?type=large
https://scontent-vie1-1.xx.fbcdn.net/v/t1.30497-1/84628273_176159830277856_972693363922829312_n.jpg?stp=c59.0.200.200a_dst-jpg_p200x200&_nc_cat=1&ccb=1-7&_nc_sid=5f2048&_nc_ohc=sjxi-v0F2pYAX9v-9ZJ&...

2 KB
2 KB

150ms
48ms

Image
image/jpeg

2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-vie1-1.xx.fbcdn.net/v/t1.30497-1/84628273_176159830277856_972693363922829312_n.jpg?stp=c59.0.200.200a_dst-jpg_p200x200&_nc_cat=1&ccb=1-7&_nc_sid=5f2048&_nc_ohc=sjxi-v0F2pYAX9v-9ZJ&_nc_ht=scontent-vie1-1.xx&edm=AHgPADgEAAAA&oh=00_AfDvBRm7ZHGKHXb9cJqpbEN26ut2hBpxhjovmfDamvfPSg&oe=660F18D9
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/
Protocol: H2
Server: 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 78f335c4bb91a0901fa856cde7114285fa2e0a0020d890daabf1569eb93e7f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:04:47 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3758352798
thrift_fmhk: GBA3mwuOywiFwQ74b14Hlq5wFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2031

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-fb-debug: 6rxPkn10uCcQa4Lwc2sHbmuPaqwT9ptAZF4H1wDPXNZoVw/BKSzEfDpLoxZlb+FackVqIGxLRZ0cOzLWNcshEw==
date: Wed, 06 Mar 2024 01:04:47 GMT
x-fb-trace-id: G157osljjkn
content-type: image/jpeg
location: https://scontent-vie1-1.xx.fbcdn.net/v/t1.30497-1/84628273_176159830277856_972693363922829312_n.jpg?stp=c59.0.200.200a_dst-jpg_p200x200&_nc_cat=1&ccb=1-7&_nc_sid=5f2048&_nc_ohc=sjxi-v0F2pYAX9v-9ZJ&_nc_ht=scontent-vie1-1.xx&edm=AHgPADgEAAAA&oh=00_AfDvBRm7ZHGKHXb9cJqpbEN26ut2hBpxhjovmfDamvfPSg&oe=660F18D9
access-control-allow-origin: *
x-fb-request-id: A6-qsfWMXmooJbjvxJeL53g
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rev: 1011851377
facebook-api-version: v13.0
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 143ms
50ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1412b06ee170a306a479f9cc099bb9a64cd6271ff88a2f90a860fa34472837d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2024 01:04:47 GMT

GET
H3 200 application-e49661d64b428d10227ed0172a4002bb.js Show response
www.roomertravel.com/assets/ 2 MB
456 KB 73ms
72ms Script
application/javascript 2606:4700:20::681a:792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.roomertravel.com/assets/application-e49661d64b428d10227ed0172a4002bb.js

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:792 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf9de89ab0017c6e560244ae14f1225f9c3f9319bb7a85a2174e51c6d2f0c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:04:47 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1928
cf-polished: origSize=1925184
content-encoding: br
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709572357&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=rKTmj9b06edWtRyW5yEVxQUOieCUcKMS5svORAmW4xM%3D
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 11:52:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709572357&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=rKTmj9b06edWtRyW5yEVxQUOieCUcKMS5svORAmW4xM%3D"}]}
content-type: application/javascript
permissions-policy: browsing-topics=()
cf-ray: 85fe6f073c7637f8-FRA

GET
H2 200 css
fonts.googleapis.com/ 13 KB
964 B 147ms
52ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/assets/application-39f668e4051798c4b0d9787a3b7bedf5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Mar 2024 01:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 00:01:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Mar 2024 01:04:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
678 B 145ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:700%27%20rel=%27stylesheet%27%20type=%27text/css%27

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/assets/application-39f668e4051798c4b0d9787a3b7bedf5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81cf2142369afec9e5758dbbe5923ac596369f577456c02b452b4801639eff5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Mar 2024 01:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 01:04:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Mar 2024 01:04:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 144ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400%27%20rel=%27stylesheet%27%20type=%27text/css%27

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/assets/application-39f668e4051798c4b0d9787a3b7bedf5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3aa7d09fff69aedd4d3496f8a958f3bee2db9d6fafd7e055ae74369690ba6e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Mar 2024 01:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 01:04:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Mar 2024 01:04:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
711 B 145ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/assets/application-39f668e4051798c4b0d9787a3b7bedf5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f18c13dd052559f98602abaea443f382c5424cafe8eac4f51f0f38e800073332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Mar 2024 01:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 23:19:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Mar 2024 01:04:47 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 54 KB
19 KB 400ms
42ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:03:48 GMT
content-encoding: gzip
age: 59
x-guploader-uploadid: ABPtcPrkD4Xp8BDDDSwCqyyBicQu3g6Do3FItse0EqPqp0bpCnShbFkQSPhF5qa4k6ESEPCzs1lEwFXnDQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18490
last-modified: Tue, 06 Feb 2024 00:09:36 GMT
server: UploadServer
etag: "eb0675a8749ea5d76345796217db928f"
vary: Accept-Encoding
x-goog-generation: 1707178176338436
x-goog-hash: crc32c=fWmQwA==, md5=6wZ1qHSepddjRXliF9uSjw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=600
x-goog-stored-content-length: 18490
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 06 Mar 2024 01:13:48 GMT

GET
H/1.1 200
OK homepage_intro_1920.jpg
d3vk1fw5taqp37.cloudfront.net/styleguide/ 526 KB
526 KB 193ms
56ms Image
image/jpeg 18.245.62.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3vk1fw5taqp37.cloudfront.net/styleguide/homepage_intro_1920.jpg
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/assets/application-39f668e4051798c4b0d9787a3b7bedf5.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.62.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-62-185.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1a1851621adf8f2f14e6b58f7c4ced52055d54eae1f4078e7b56db6bca0c1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 09:18:24 GMT
Via: 1.1 bc841916063a49c638b48e73f77a28e8.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 Aug 2016 14:11:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P5
Age: 56784
ETag: "90582ef8d6b5502685dd3afbea91d003"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 538292
X-Amz-Cf-Id: okBVvKmTzMlbiJeRfdhS2VKRXKZ1r6OJn4XjPsO55kN1HFkxHZm_Sw==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 153ms
48ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.roomertravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 04:10:19 GMT
x-content-type-options: nosniff
age: 75268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 04:10:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 160ms
58ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.roomertravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:49:54 GMT
x-content-type-options: nosniff
age: 58493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:49:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 196ms
94ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.roomertravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:17:56 GMT
x-content-type-options: nosniff
age: 85611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 01:17:56 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 494 KB
197 KB 227ms
128ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.roomertravel.com/
Origin: https://www.roomertravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 16:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 16:56:38 GMT

GET
H/1.1 200
OK rollbar.min.js Show response
cdn.rollbar.com/rollbarjs/refs/tags/v2.26.2/ 78 KB
24 KB 168ms
44ms Script
application/javascript 13.33.187.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.26.2/rollbar.min.js
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d300b9ab92d40783cab239d68a9bc35dfab6480cadd8cb5ff8aed97b0eccf41

Request headers

Referer: https://www.roomertravel.com/
Origin: https://www.roomertravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 12:32:48 GMT
Content-Encoding: gzip
Via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P9
Age: 9462720
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 29 Jun 2023 19:28:22 GMT
Server: AmazonS3
ETag: W/"0cdff83b84a49cc1f4703065f11602ab"
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=30672000,public
X-Amz-Cf-Id: cLhR5UEwM_hpOmtu-9t-EVW6M6Sy8VgU2v7tmtlToTXBGTCdzStIHg==

GET
H2 200 script.js Show response
cdn4.forter.com/ 95 B
567 B 440ms
313ms Script
application/javascript 13.35.58.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn4.forter.com/script.js?sn=2e73ef2d35b8

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-61.fra60.r.cloudfront.net

Software

Resource Hash

39a06a9ab868dc87cd14f036706fbe17504be30638f25e2b7269f9575cfd85cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:04:47 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 01:04:47 GMT
x-amz-cf-pop: FRA60-P10
etag: "561be6a2b58be34bb1adb8bb2419ab01"
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=300
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 95
x-amz-cf-id: J0Sx1AwYriHnuMR6DWk60xeTPydLKFW7OUlfHyNyrdzdjvcpmSP28w==
expires: Wed, 06 Mar 2024 01:14:47 GMT

OPTIONS
H2 200 homepage_deals
web-api.roomertravel.com/api/web/ Frame 0
0 556ms
439ms Preflight
text/plain 2606:4700:20::ac43:485a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web-api.roomertravel.com/api/web/homepage_deals?start=0&length=1000&user_currency=EUR&member=false&gross_prices=false&filter=discount&sort=relevance&deal_type=hotel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:485a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,partner
Access-Control-Request-Method: GET
Origin: https://www.roomertravel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,partner
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.roomertravel.com
access-control-expose-headers
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85fe6f0b5b1f5c74-FRA
content-length: 0
content-type: text/plain
date: Wed, 06 Mar 2024 01:04:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: browsing-topics=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfD%2FDqGXVs%2BYVMg35T7vqvpCF5iNYRJrEpKZ4k3Z7aTEe%2FcpDQq90dvwTE1lUnCdKk%2BV21A0RI17NDekcHB3BUigL1SJ74Rgj1UcgVbFwUcxELUWTdcBRXc887ARrisJxXzeTFsjLpQG5mBKqki5KGAqxB4fXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 131ms
43ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05477cbc06dfe9b25fa01047878548d588aba1cba5ace8cd0d1f853565b6c7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 01:04:47 GMT
content-md5: 8Qnhj7Wffuv/Ql/+bhGaoA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: 2Gjb5714YPlAxYq/RNKpBXlGc7vmOItSed5ksxKkqcg7DnQfI43j7dJ2HaLpCYqdK5IBsJnDk2WHMwfQfptO1w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 5b9166f527f05729413ebe9da89c33e3
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "aeff20e7109aa3dadf39c5857f2a63c2"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 06 Mar 2024 01:19:00 GMT

GET
H/1.1 200
OK session Show response
b2b.roomerapi.com/api/advertising/kayak/ 2 B
1 KB 726ms
344ms XHR
application/json 52.70.168.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://b2b.roomerapi.com/api/advertising/kayak/session
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.168.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-168-244.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: */*
Referer: https://www.roomertravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Session-Data: eyJzaWQiOiJSLTRHcTBxb2VaOGV2JGhrTUtxRUZSMC12NTNCS2VsbWZLYU1rQ3JiSEtqazZKdFo0VURwR1BMVzJvQ0hQWTZpayIsImFpZCI6Imthbl8yNTM3NTBfNTY0Mzc1IiwiY29va2llcyI6WyJjbHVzdGVyPTQ7IEV4cGlyZXM9V2VkLCAwNiBNYXIgMjAyNCAwMTo0OTo0OCBHTVQ7IFBhdGg9LzsgSHR0cE9ubHkiLCJrYXlhay50PWFlWVpmJEd0RjRNVmpVZHh1Y1lDOyBQYXRoPS87IEh0dHBPbmx5Iiwia2F5YWsubWM9QVlyZFQ0SW5jRFBObFV1a01xTnVic2VmTlV2cWVPR3BfZWszaVpEWEFxdWdmWXJXbjJaN3V2Tkk5dEhuZkVDM0MyVWZkTWFkVWlWY3F4OWJWMy1hV3JGb1RiM1YwRGE0bE1TaGZ2c0VybzNEOyBQYXRoPS87IEh0dHBPbmx5IiwibXN0X0FESXJrdz1VUEpBbUdpYmlkOUxIQUxEVnpFNHNIajRmdVAwbjE0ek43dmhxem4xeEVPOUI2bzMtQ2hXSEZCXzBIZW5NbjBqaVRMVGtvbjAySmItLTY4WkgwZUJvQTsgRXhwaXJlcz1XZWQsIDA2IE1hciAyMDI0IDAxOjE5OjQ4IEdNVDsgUGF0aD0vOyBIdHRwT25seSJdfQ==
Date: Wed, 06 Mar 2024 01:04:48 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 28
X-Request-Id: 231710cf-9cd6-49e9-b6aa-1980a2fcfeb3
X-Runtime: 0.211771
Server: nginx/1.14.1
ETag: W/"f15a0c7f91ebd494130de80d0981b9d1"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding, Origin
Access-Control-Allow-Headers: origin, content-type

GET
H3 200 track Show response
www.roomertravel.com/event-tracking/ 2 B
1 KB 349ms
349ms XHR
application/json 2606:4700:20::681a:792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.roomertravel.com/event-tracking/track?message%5Bname%5D=Saw+Homepage&message%5Bproperties%5D%5Btype%5D=Direct&message%5Bproperties%5D%5Bpage%5D=homepage&message%5Bproperties%5D%5Bab_version%5D=&message%5Bproperties%5D%5Blocale%5D=en&message%5Bproperties%5D%5Bpos%5D=&message%5Bproperties%5D%5Btax_included%5D=false&message%5Bproperties%5D%5Butm_meta%5D=&message%5Bproperties%5D%5Bcurrency%5D=EUR&message%5Bproperties%5D%5Bppc_secret_deal%5D=false&message%5Bproperties%5D%5Bsecret_deal_member%5D=false&message%5Bproperties%5D%5Bdevice_id%5D=&message%5Bproperties%5D%5Butm_source%5D=&message%5Bproperties%5D%5Butm_campaign%5D=&message%5Bproperties%5D%5Bemail%5D=

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:792 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

X-NewRelic-ID: UAQOVl9XDhABVFhQAAYBX1QA
tracestate: 4297946@nr=0-1-4297946-1120264723-e594bfb316ff58ba----1709687087699
traceparent: 00-3ccffc12dfaefb168bcbcbfc99bc2541-e594bfb316ff58ba-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyOTc5NDYiLCJhcCI6IjExMjAyNjQ3MjMiLCJpZCI6ImU1OTRiZmIzMTZmZjU4YmEiLCJ0ciI6IjNjY2ZmYzEyZGZhZWZiMTY4YmNiY2JmYzk5YmMyNTQxIiwidGkiOjE3MDk2ODcwODc2OTl9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.roomertravel.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 06 Mar 2024 01:04:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding: br
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709687087&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Mlx%2Bd%2FacmJPgzsLj1hISseKYfJ2tstk%2FoyDixt2Ndko%3D
x-request-id: 9eb27dc2-f6e7-45ff-a17f-ae7dbba29640
x-runtime: 0.011765
x-newrelic-app-data: PxQDU19UAQcGR1BSDgMAUVIIBgJASkEhXwxMEFdUWFdBSk4EUz5WFAFYQxJJF0pSUw9DTgcfB1ZVBwIDV1VQUQdRD1UBCg0EC0kJTwFQAVdWBwVXUFoLBAJRVFoBHRpXSBMFBFtRBwEEUV1RXgsAU1BRGzw=
server: cloudflare
etag: W/"99914b932bd37a50b983c5e7c90ae93b"
x-frame-options: ALLOWALL
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709687087&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Mlx%2Bd%2FacmJPgzsLj1hISseKYfJ2tstk%2FoyDixt2Ndko%3D"}]}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
permissions-policy: browsing-topics=()
cf-ray: 85fe6f0a3e4e37f8-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7SM2EKJ74C&gtm=45je42t1h1v9171677130za220&_p=1709687086628&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=56211797.1709687087&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&uid=&sid=1709687086&sct=1&seg=0&dl=https%3A%2F%2Fwww.roomertravel.com%2F&dt=Roomer%3A%20The%20marketplace%20for%20discounted%20hotel%20reservations&en=scroll&epn.percent_scrolled=90&_et=6&tfd=1904
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7SM2EKJ74C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 01:04:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.roomertravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pre_fetch_available_locations Show response
www.roomertravel.com/locations/ 172 KB
23 KB 422ms
421ms XHR
application/json 2606:4700:20::681a:792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.roomertravel.com/locations/pre_fetch_available_locations

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:792 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f94864a531f88b7ccd34b6e7a6bb3be847fe2573c90212c021331f04f0cc22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-NewRelic-ID: UAQOVl9XDhABVFhQAAYBX1QA
tracestate: 4297946@nr=0-1-4297946-1120264723-a0784a4823a9fb5e----1709687087729
traceparent: 00-901043543d89fa47f3d666365c99c542-a0784a4823a9fb5e-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyOTc5NDYiLCJhcCI6IjExMjAyNjQ3MjMiLCJpZCI6ImEwNzg0YTQ4MjNhOWZiNWUiLCJ0ciI6IjkwMTA0MzU0M2Q4OWZhNDdmM2Q2NjYzNjVjOTljNTQyIiwidGkiOjE3MDk2ODcwODc3Mjl9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.roomertravel.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 06 Mar 2024 01:04:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding: br
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709687087&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Mlx%2Bd%2FacmJPgzsLj1hISseKYfJ2tstk%2FoyDixt2Ndko%3D
x-newrelic-app-data: PxQDU19UAQcGR1BSDgMAUVIIBgJASkEhXwxMEFdUWFdBSnQIVQVfBxNXRQRJMVlQW0sgFFZYWwcGXVN/DQUCFlkNVhEXW1VeX0cVUR9RA1FTAA5RVVAMBwRUWFMACABKVB8GC1ZWW1ICUwFQDgADCwtdCk0cUB9AXFJTBAUHWgRWUQIBUVNRVkZs
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709687087&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Mlx%2Bd%2FacmJPgzsLj1hISseKYfJ2tstk%2FoyDixt2Ndko%3D"}]}
content-type: application/json
cache-control: public, must-revalidate, max-age=3600
permissions-policy: browsing-topics=()
cf-ray: 85fe6f0a6e7037f8-FRA

GET
H/1.1 200
OK select_arrow.svg
d3vk1fw5taqp37.cloudfront.net/list/ 1 KB
1 KB 42ms
42ms Image
image/svg+xml 18.245.62.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3vk1fw5taqp37.cloudfront.net/list/select_arrow.svg
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/assets/application-39f668e4051798c4b0d9787a3b7bedf5.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.62.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-62-185.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a096f16f44d386b1be652b4a7cbc324c55bc6430558a296c7e94b069d407bd43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 07:32:23 GMT
Via: 1.1 bc841916063a49c638b48e73f77a28e8.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Jul 2016 12:05:42 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P5
Age: 63145
ETag: "60bff7a2b860e20b7598ab0c49fcf793"
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1029
X-Amz-Cf-Id: Ky67zuZ1rfHMO-CkuThYKoe-OgLqRFjH0GpbYqe9o5kNL2F1sgqKiQ==

GET
H2 200 homepage_deals Show response
web-api.roomertravel.com/api/web/ 130 KB
28 KB 1621ms
1620ms XHR
application/json 2606:4700:20::ac43:485a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web-api.roomertravel.com/api/web/homepage_deals?start=0&length=1000&user_currency=EUR&member=false&gross_prices=false&filter=discount&sort=relevance&deal_type=hotel
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:485a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2dbf9b0f369fbc59b67a6ac6515fce37f43c3aff27f365b0e4dc78d85a218c9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.roomertravel.com/
accept-language: de-DE,de;q=0.9
partner: help@roomertravel.com
Authorization: Token token=bFBg41y5LyDy6A5JgAeCk8+hmGUcvlFdUVrSNVB0Fdw=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:04:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-request-id: d8ba0175-4201-4b1d-be82-f0e0d2fefcd0
x-runtime: 1.381195
server: cloudflare
etag: W/"b2425740bbd9615d654f82db52424c30"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.roomertravel.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67K8e4bo9yei6i%2BlGzhqe7Q65VICSKqrfUoNVqmDbE0fEX5O7di0CDjEOvaGFxIM74LbC9b3npRVu17ImlguUEzxlQCLyM3bZFaOS%2Bgp39O8IRPU1csZe429vwhogXCMbDVCtGyRKIAMHSMr6pjCS0w48yKsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public
access-control-allow-credentials: true
permissions-policy: browsing-topics=()
vary: Accept-Encoding, Origin
cf-ray: 85fe6f0e1c265c74-FRA

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 47ms
46ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.roomertravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:59:51 GMT
x-content-type-options: nosniff
age: 97496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 21:59:51 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7F0D 47 KB
29 KB 67ms
65ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdROMcUAAAAAA0H2aEoG5meomuGwPEC6WWhmTtG&co=aHR0cHM6Ly93d3cucm9vbWVydHJhdmVsLmNvbTo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=n5i4x1wrrz9g

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d76d325e81e699a18e449fb12d34413b7b4e069d5859192969ca8e9a3e32abc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-otveNRGAwgm2nLuiobWicQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.roomertravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-otveNRGAwgm2nLuiobWicQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Mar 2024 01:04:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 82ms
41ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9f1d6d9eafc7e8e08de76fea544d8967

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0881503e1ea201221bb787601a45100c1ce9c16f49c9c6f1cf93bfd2ccab2298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.roomertravel.com/
Origin: https://www.roomertravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 01:04:47 GMT
content-md5: EY5w6oos1yeheTgQOo/TXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87228
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: RFGBgi0gVgV3nuKOJSmj3Fr2u4Vn/pPywBdlogTuVsiNhiMMF6v/ExBPtOf6fseNnSvPx8mr+pAHKaW3wmK/TA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 3479ebd26151b7c8eb40da40bbf0d116
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "78b460ccf4589f7d8219476f5006f3cf"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 05 Mar 2025 22:30:52 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 7F0D 55 KB
24 KB 119ms
40ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdROMcUAAAAAA0H2aEoG5meomuGwPEC6WWhmTtG&co=aHR0cHM6Ly93d3cucm9vbWVydHJhdmVsLmNvbTo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=n5i4x1wrrz9g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 21:28:22 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 7F0D 494 KB
196 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 16:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 16:56:38 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 154ms
72ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=928812818612361&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.roomertravel.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-write=();report-to="permissions_policy"
strict-transport-security: max-age=15552000; preload
date: Wed, 06 Mar 2024 01:04:48 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: no-cache
x-fb-debug: kNJJYBL2CLKRdWGMYwkphsS0sXP3DYppZ4V8YJq3IMR9fuUvhNANd3DdlTFnzr8nhgYHctiCT6liUTyAHaQOEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.roomertravel.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js Show response
www.google.com/js/bg/ Frame 7F0D 17 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef6d8c216bbf4cc66241abb798069aac7b42936a5deab4d8c39a0db07e3047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdROMcUAAAAAA0H2aEoG5meomuGwPEC6WWhmTtG&co=aHR0cHM6Ly93d3cucm9vbWVydHJhdmVsLmNvbTo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=n5i4x1wrrz9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6963
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 23:50:05 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7F0D 102 B
135 B 50ms
49ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e6ccfa30b73831d6528662ece5421627caab9f02289cf4902a0a4d67cdc1dd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdROMcUAAAAAA0H2aEoG5meomuGwPEC6WWhmTtG&co=aHR0cHM6Ly93d3cucm9vbWVydHJhdmVsLmNvbTo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=n5i4x1wrrz9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2024 01:04:48 GMT

GET
H2 200 nr-spa-1.252.0.min.js Show response
js-agent.newrelic.com/ 88 KB
29 KB 191ms
57ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.252.0.min.js

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9ac0994dcab574d46a0252d5f1d52de91f26d3e0e7d0da3a6e742e49539f4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.roomertravel.com/
Origin: https://www.roomertravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: 1zTB_zIu9GsCJr9CnWa8NksGpEL6v25e
content-encoding: br
via: 1.1 varnish
date: Wed, 06 Mar 2024 01:04:48 GMT
strict-transport-security: max-age=300
x-amz-request-id: FEERH90AG8VY3JW7
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29571
x-amz-id-2: stdARCSVFZ1L+eJjTUkgdU8wnxtyimQKhcW2clTWCkr85GZjQjqtW6mUdZGIwZFmDRdW+yhxSRQ=
x-served-by: cache-sof1510026-SOF
last-modified: Tue, 13 Feb 2024 00:41:07 GMT
server: AmazonS3
etag: "1b4209d0ae18545976f7eb2c5f94d6b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2008618

GET
H2 200 like.php Show response
web.facebook.com/v2.7/plugins/ Frame 6C1C 0
2 KB 75ms
73ms Document
text/html 2a03:2880:f083:6:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v2.7/plugins/like.php?action=like&app_id=928812818612361&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df44b56beb5b22889d%26domain%3Dwww.roomertravel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.roomertravel.com%252Fffe1e0b0928251df9%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fwww.facebook.com%2FRoomerHotDeals&layout=box_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9f1d6d9eafc7e8e08de76fea544d8967

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:6:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.roomertravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Wed, 06 Mar 2024 01:04:48 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://web.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://web.facebook.com/browser_reporting/coep/?minimize=0", default="https://web.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: drrwDAVp8ITjeLZ9ulRTsfxcxYKmLyXKYbBf7DoVtb4ssrJgAMcOTZuFki1BITnEbVSM1r1S4zG69zX1iCArqw==
x-xss-protection: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame D018 7 KB
1 KB 53ms
52ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdROMcUAAAAAA0H2aEoG5meomuGwPEC6WWhmTtG

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ca1bdbdfd3dec9ad27d2e5a8e8d3bab08ea3dcf839fef4d87fecc56ba11cfb7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c8O_q2e3MW8QQRVLi9J44g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.roomertravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-c8O_q2e3MW8QQRVLi9J44g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Mar 2024 01:04:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200 NRJS-bec6a613fcdc501cd64 Show response
bam.nr-data.net/1/ 40 B
496 B 400ms
252ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-bec6a613fcdc501cd64?a=1092776901&v=1.252.0&to=IV0NQRBdDVQAQE5RCw9XTFwMVgRA&rst=2785&ck=0&s=fe0ea7d9894e2be8&ref=https://www.roomertravel.com/&hr=0&af=err,xhr,stn,ins,spa&qt=4&ap=30&be=801&fe=1759&dc=1164&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1709687085802,%22n%22:0,%22f%22:319,%22dn%22:320,%22dne%22:320,%22c%22:320,%22s%22:364,%22ce%22:411,%22rq%22:411,%22rp%22:801,%22rpe%22:1084,%22di%22:1478,%22ds%22:1877,%22de%22:1965,%22dc%22:2540,%22l%22:2541,%22le%22:2560%7D,%22navigation%22:%7B%7D%7D&fp=1471&fcp=1471
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9c303a7ebd62689d3a1867f70cc6bdc12eb7700fac4acbf891f14b79fc872459

Request headers

Referer: https://www.roomertravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 06 Mar 2024 01:04:48 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.roomertravel.com
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://www.roomertravel.com
Content-Length: 40
x-served-by: cache-fra-etou8220071-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame D018 55 KB
24 KB 42ms
41ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdROMcUAAAAAA0H2aEoG5meomuGwPEC6WWhmTtG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 21:28:22 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame D018 494 KB
196 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdROMcUAAAAAA0H2aEoG5meomuGwPEC6WWhmTtG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 16:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 16:56:38 GMT

POST
H/1.1 200 NRJS-bec6a613fcdc501cd64 Show response
bam.nr-data.net/resources/1/ 36 B
360 B 250ms
250ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRJS-bec6a613fcdc501cd64?a=1092776901&v=1.252.0&to=IV0NQRBdDVQAQE5RCw9XTFwMVgRA&rst=3198&ck=0&s=fe0ea7d9894e2be8&ref=https://www.roomertravel.com/&st=1709687085802&hr=0&fts=1709687085802&n=26&fsh=1
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e427f8e6f18bd23045c531c44930a8d6408d06ab3c0b85f5d8bdb8e233b6e899

Request headers

Referer: https://www.roomertravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 06 Mar 2024 01:04:49 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.roomertravel.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 36
x-served-by: cache-fra-etou8220071-FRA

POST
H/1.1 200 NRJS-bec6a613fcdc501cd64 Show response
bam.nr-data.net/events/1/ 24 B
347 B 331ms
254ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-bec6a613fcdc501cd64?a=1092776901&v=1.252.0&to=IV0NQRBdDVQAQE5RCw9XTFwMVgRA&rst=3205&ck=0&s=fe0ea7d9894e2be8&ref=https://www.roomertravel.com/&hr=0
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.roomertravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 06 Mar 2024 01:04:49 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.roomertravel.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-etou8220111-FRA

GET
H/1.1 200
OK placeholder_galleria.png
d3vk1fw5taqp37.cloudfront.net/styleguide/ 15 KB
16 KB 47ms
47ms Image
image/png 18.245.62.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3vk1fw5taqp37.cloudfront.net/styleguide/placeholder_galleria.png
Requested by: Host: www.roomertravel.com
URL: https://www.roomertravel.com/assets/application-39f668e4051798c4b0d9787a3b7bedf5.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.62.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-62-185.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52ffbf348972b0cab5a743514c85ef73ac1bdb3bbdfde44350f419010074ab1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 08:58:39 GMT
Via: 1.1 bc841916063a49c638b48e73f77a28e8.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Jan 2019 11:56:24 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P5
Age: 57972
ETag: "62229c297776bbe1a5d563503014c796"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15481
X-Amz-Cf-Id: xyJ7P2tsG5dW0idye7ZrBkX04u1IL1_ycWbODOofD5FCYmjdABXXVA==

GET
H2 200 450595121.jpg%3Fk=0278da1ca0f7c58138d98634da43cf01129f90126b6263b24b14f0dbcc537794&o=
i.roomerapi.com/_/rs:fill:0:643/plain/https://q-xx.bstatic.com/xdata/images/hotel/max2500/ 119 KB
119 KB 3293ms
3105ms Image
image/jpeg 2600:9000:2761:4400:18:c6f9:8200:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roomerapi.com/_/rs:fill:0:643/plain/https://q-xx.bstatic.com/xdata/images/hotel/max2500/450595121.jpg%3Fk=0278da1ca0f7c58138d98634da43cf01129f90126b6263b24b14f0dbcc537794&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:4400:18:c6f9:8200:93a1 -, , ASN (),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

6bc00d6b371cfdb7b19fce1d0f76909f590d26c8ce10b88b475a4e458fd797b7

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 15:22:06 GMT
content-security-policy: script-src 'none'
via: 1.1 10f6ed997c15c1439b3ae1db258c7d16.cloudfront.net (CloudFront)
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P8
age: 207766
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
content-disposition: inline; filename="450595121.jpg"
content-length: 121680
x-amz-cf-id: RPhj76D4PIYbAYtrN_s4FuX1Qy4vo5TtkVzUN6fnoIff-6SGW86RmQ==
x-request-id: z062E3XE6CmtxWFB_XV8y
expires: Mon, 03 Mar 2025 15:22:06 GMT

GET
H2 200 54633072.jpg%3Fk=831a30e72fd58cedbe6e2c500d9140e587203792dea772acdb36dcb450ff9392&o=
i.roomerapi.com/_/rs:fill:0:643/plain/https://q-xx.bstatic.com/xdata/images/hotel/max2500/ 55 KB
55 KB 2925ms
2738ms Image
image/jpeg 2600:9000:2761:4400:18:c6f9:8200:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roomerapi.com/_/rs:fill:0:643/plain/https://q-xx.bstatic.com/xdata/images/hotel/max2500/54633072.jpg%3Fk=831a30e72fd58cedbe6e2c500d9140e587203792dea772acdb36dcb450ff9392&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:4400:18:c6f9:8200:93a1 -, , ASN (),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

6e166ea6730e293f787fd6c93bf75de4aef340e8551041632e5c9b6dfb77c916

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 20:41:19 GMT
content-security-policy: script-src 'none'
via: 1.1 10f6ed997c15c1439b3ae1db258c7d16.cloudfront.net (CloudFront)
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P8
age: 188612
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
content-disposition: inline; filename="54633072.jpg"
content-length: 55995
x-amz-cf-id: -U9A1WqawNb8tsu83JE6hnMXDoMvswrut_xCTou4kjLzYXR06VsyZw==
x-request-id: l3cBfAYedWHPNaTnH_sU_
expires: Mon, 03 Mar 2025 20:41:19 GMT

GET
H2 200 54551276.jpg%3Fk=0352aa94b2b14b414cebb810dc332e60b1227bb588148563f68e2ebe09d8ffd0&o=
i.roomerapi.com/_/rs:fill:0:643/plain/https://q-xx.bstatic.com/xdata/images/hotel/max2500/ 146 KB
146 KB 3256ms
3069ms Image
image/jpeg 2600:9000:2761:4400:18:c6f9:8200:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roomerapi.com/_/rs:fill:0:643/plain/https://q-xx.bstatic.com/xdata/images/hotel/max2500/54551276.jpg%3Fk=0352aa94b2b14b414cebb810dc332e60b1227bb588148563f68e2ebe09d8ffd0&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:4400:18:c6f9:8200:93a1 -, , ASN (),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

7f8db58e1767ae722559ce32b5b788f307344546bd58f8fc644e03b1ae78788e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 10:27:18 GMT
content-security-policy: script-src 'none'
via: 1.1 10f6ed997c15c1439b3ae1db258c7d16.cloudfront.net (CloudFront)
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P8
age: 398254
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
content-disposition: inline; filename="54551276.jpg"
content-length: 149032
x-amz-cf-id: m77nAJ_KnR6LZus8EIlonY8j5SPfvt6TlrnNdshcLagqA3HujZPneA==
x-request-id: AU47Rt-_YIjLLY9z-XWlG
expires: Sat, 01 Mar 2025 10:27:18 GMT

GET
H2 200 768283a_hb_l_001.jpg
i.roomerapi.com/_/rs:fill:0:643/plain/https://photos.hotelbeds.com/giata/original/76/768283/ 71 KB
72 KB 2962ms
2776ms Image
image/jpeg 2600:9000:2761:4400:18:c6f9:8200:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roomerapi.com/_/rs:fill:0:643/plain/https://photos.hotelbeds.com/giata/original/76/768283/768283a_hb_l_001.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:4400:18:c6f9:8200:93a1 -, , ASN (),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

79fc99b0de3e83820148b72f95da895ad3e4a02496837ef673a693a55284035e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 12:28:28 GMT
content-security-policy: script-src 'none'
via: 1.1 10f6ed997c15c1439b3ae1db258c7d16.cloudfront.net (CloudFront)
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P8
age: 4797384
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
content-disposition: inline; filename="768283a_hb_l_001.jpg"
content-length: 73089
x-amz-cf-id: W7n66qqRO_rJGnRmlNusPoaptO6g9a31qHLzkr2Lz_WVLI09B2WsCw==
x-request-id: NbiKsKLGN0NJ492dYRsjc
expires: Thu, 09 Jan 2025 12:28:28 GMT

GET
H2 200 466627249.jpg%3Fk=c02fe87883d17ef831e946d91f599c830c44b8ab96211a597bc70dc89917481e&o=
i.roomerapi.com/_/rs:fill:0:643/plain/https://q-xx.bstatic.com/xdata/images/hotel/max2500/ 153 KB
153 KB 2989ms
2803ms Image
image/jpeg 2600:9000:2761:4400:18:c6f9:8200:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roomerapi.com/_/rs:fill:0:643/plain/https://q-xx.bstatic.com/xdata/images/hotel/max2500/466627249.jpg%3Fk=c02fe87883d17ef831e946d91f599c830c44b8ab96211a597bc70dc89917481e&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:4400:18:c6f9:8200:93a1 -, , ASN (),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

8a541961501c50b1a80a8b6381f05ff982068569849166b9c55356b366a1bb26

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:02:08 GMT
content-security-policy: script-src 'none'
via: 1.1 10f6ed997c15c1439b3ae1db258c7d16.cloudfront.net (CloudFront)
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P8
age: 5079763
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
content-disposition: inline; filename="466627249.jpg"
content-length: 156385
x-amz-cf-id: cO-Jxs00-LrcotulHtE2U7PFbG1NuQWOxmgt4ywlPKGRdzYzCexUNw==
x-request-id: hX32kKPGrpjv2jvv39aqZ
expires: Mon, 06 Jan 2025 06:02:08 GMT

GET
H2 200 428305523.jpg%3Fk=58e056cac6a9cf77167726786c8f0cdc43a7bd8964002cd8e860642f30742baa&o=&hp=1
i.roomerapi.com/_/rs:fill:0:643/plain/https://cf.bstatic.com/xdata/images/hotel/max1280x900/ 77 KB
77 KB 2870ms
2684ms Image
image/jpeg 2600:9000:2761:4400:18:c6f9:8200:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roomerapi.com/_/rs:fill:0:643/plain/https://cf.bstatic.com/xdata/images/hotel/max1280x900/428305523.jpg%3Fk=58e056cac6a9cf77167726786c8f0cdc43a7bd8964002cd8e860642f30742baa&o=&hp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:4400:18:c6f9:8200:93a1 -, , ASN (),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

895f2c3586ae52a93dfdf67acea57126419b3892f7fb60a1c37eb34f91c791b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:36 GMT
content-security-policy: script-src 'none'
via: 1.1 10f6ed997c15c1439b3ae1db258c7d16.cloudfront.net (CloudFront)
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P8
age: 50116
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public
content-disposition: inline; filename="428305523.jpg"
content-length: 78753
x-amz-cf-id: KHM7UlD5mq7iCL2Lg1Bc7ZgWxe12bZKqhSSEn1apG0Jm5aaW9VelVA==
x-request-id: YqKUw-MA2043meeYOW7w1
expires: Wed, 05 Mar 2025 11:09:36 GMT

GET
H2 200 ACg8ocKka3ZcpELcjR0NuBcDhiFaCY2VL8BKasRs7iKL32moKQ=s96-c
lh3.googleusercontent.com/a/ 4 KB
4 KB 2796ms
2707ms Image
image/jpeg 2a00:1450:4001:82a::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocKka3ZcpELcjR0NuBcDhiFaCY2VL8BKasRs7iKL32moKQ=s96-c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

f3678cf3364af41e4722cb3ed80513cd54dbc4d76d90dd29a0d5de103bfceb27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:04:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3828
x-xss-protection: 0
server: fife
etag: "v34"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 07 Mar 2024 01:04:50 GMT

GET
H3 200 Avenir_Light.ttf
www.roomertravel.com/assets/Avenir/ 55 KB
56 KB 2558ms
2558ms Font
application/octet-stream 2606:4700:20::681a:792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.roomertravel.com/assets/Avenir/Avenir_Light.ttf

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/assets/application-39f668e4051798c4b0d9787a3b7bedf5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:792 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2fe47a5728ffc2c7931e1a819242d43e4dc1263502167466a848dad503ee4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.roomertravel.com/assets/application-39f668e4051798c4b0d9787a3b7bedf5.css
Origin: https://www.roomertravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 01:04:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1707153718&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=LCo%2Bs%2FKYMUfGvWJqnbn5sz5xdZ7X5dpz1luklGaJEGA%3D
x-request-id: bd12b4e9-ed51-409a-a327-a8c19c16b0c6
x-runtime: 0.002470
last-modified: Tue, 30 Jan 2024 12:18:40 GMT
server: cloudflare
etag: W/"7006f613e93a74c4daaca140de93e635"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1707153718&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=LCo%2Bs%2FKYMUfGvWJqnbn5sz5xdZ7X5dpz1luklGaJEGA%3D"}]}
content-type: application/octet-stream
cache-control: public, must-revalidate
permissions-policy: browsing-topics=()
cf-ray: 85fe6f29d88137f8-FRA

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 114ms
113ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7SM2EKJ74C&gtm=45je42t1h1v9171677130za220&_p=1709687086628&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=56211797.1709687087&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=3&uid=&sid=1709687086&sct=1&seg=0&dl=https%3A%2F%2Fwww.roomertravel.com%2F&dt=Roomer%3A%20The%20marketplace%20for%20discounted%20hotel%20reservations&en=view_homepage&_ee=1&_et=795&tfd=6905
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7SM2EKJ74C
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.roomertravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 01:04:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.roomertravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
366 B 386ms
97ms XHR
application/json 107.178.240.159

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1709687092991

Requested by

Host: www.roomertravel.com
URL: https://www.roomertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.roomertravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 06 Mar 2024 01:04:53 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.roomertravel.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 48
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.roomertravel.com/	1970-01-21 04:30:47	Name: user_uid Value: ad7b469f-6350-4c72-bea9-7f2c6c75116b
www.roomertravel.com/	1969-12-31 23:59:59	Name: rt_currency Value: EUR
www.roomertravel.com/	1969-12-31 23:59:59	Name: rt_currency_symbol Value: %E2%82%AC
.roomertravel.com/	1970-01-21 04:30:47	Name: rt_locale Value: en
.roomertravel.com/	1970-01-21 04:30:47	Name: _ga Value: GA1.1.56211797.1709687087
.roomertravel.com/	1970-01-21 04:30:47	Name: forterToken Value: _1709687087263__
.roomertravel.com/	1970-01-21 04:30:47	Name: _ga_7SM2EKJ74C Value: GS1.1.1709687086.1.0.1709687087.0.0.0
.roomertravel.com/	1970-01-21 03:40:23	Name: mp_2e3598478ed05d590df508aeb90564b3_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18e114aa33884e-0268f53f87dc1e-14313374-1d4c00-18e114aa33884e%22%2C%22%24device_id%22%3A%20%2218e114aa33884e-0268f53f87dc1e-14313374-1d4c00-18e114aa33884e%22%2C%22Locale%22%3A%20%22en%22%2C%22POS%22%3A%20%22us%22%2C%22TaxIncluded%22%3A%20%22false%22%2C%22utm_meta%22%3A%20%22%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.roomertravel.com/	1969-12-31 23:59:59	Name: _roomer_session Value: MWFHMEpNcFhmNVdYT0w5Q0JDYWNhZGsrbGxtdnp0RDVvS01IRmFyUzNNcnJoTmVscTBmQ1pFZE1rZHZ0d3ZOMTA5V0FaRkErenBKOXVWWnpXRzRCbzRUWC95RjlJRWwvbTVFS1VSTjR5R3BDT0ExNEx6MDE2RVhRcjhKTmdSM3htc0QxVE9CQnhLTm9TWDFRREV5eW9nPT0tLVZTbHlndUNJL0Rlc2x1RmtHckFSRVE9PQ%3D%3D--5dc9964929128a7d2b95c8446759976af694315d

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
b2b.roomerapi.com
bam.nr-data.net
cdn.mxpnl.com
cdn.rollbar.com
cdn4.forter.com
connect.facebook.net
d3vk1fw5taqp37.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
i.roomerapi.com
js-agent.newrelic.com
lh3.googleusercontent.com
region1.google-analytics.com
scontent-vie1-1.xx.fbcdn.net
web-api.roomertravel.com
web.facebook.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.roomertravel.com
107.178.240.159
13.33.187.40
13.35.58.61
162.247.243.29
18.245.62.185
2001:4860:4802:32::36
2600:1901:0:bc29::
2600:9000:2761:4400:18:c6f9:8200:93a1
2606:4700:20::681a:692
2606:4700:20::681a:792
2606:4700:20::ac43:485a
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2004
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f083:6:face:b00c:0:2
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::649
52.70.168.244
05477cbc06dfe9b25fa01047878548d588aba1cba5ace8cd0d1f853565b6c7fb
0881503e1ea201221bb787601a45100c1ce9c16f49c9c6f1cf93bfd2ccab2298
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1ca1bdbdfd3dec9ad27d2e5a8e8d3bab08ea3dcf839fef4d87fecc56ba11cfb7
39a06a9ab868dc87cd14f036706fbe17504be30638f25e2b7269f9575cfd85cf
3aa7d09fff69aedd4d3496f8a958f3bee2db9d6fafd7e055ae74369690ba6e7c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d
52ffbf348972b0cab5a743514c85ef73ac1bdb3bbdfde44350f419010074ab1e
5e6ccfa30b73831d6528662ece5421627caab9f02289cf4902a0a4d67cdc1dd8
6bc00d6b371cfdb7b19fce1d0f76909f590d26c8ce10b88b475a4e458fd797b7
6cf9de89ab0017c6e560244ae14f1225f9c3f9319bb7a85a2174e51c6d2f0c2e
6d76d325e81e699a18e449fb12d34413b7b4e069d5859192969ca8e9a3e32abc
6e166ea6730e293f787fd6c93bf75de4aef340e8551041632e5c9b6dfb77c916
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78f335c4bb91a0901fa856cde7114285fa2e0a0020d890daabf1569eb93e7f22
79fc99b0de3e83820148b72f95da895ad3e4a02496837ef673a693a55284035e
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50
7f8db58e1767ae722559ce32b5b788f307344546bd58f8fc644e03b1ae78788e
7f94864a531f88b7ccd34b6e7a6bb3be847fe2573c90212c021331f04f0cc22c
7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a
81cf2142369afec9e5758dbbe5923ac596369f577456c02b452b4801639eff5f
886a399a6b5a3748fa81bb2ac008a74e474ddbef5e88cb455e516992077983be
895f2c3586ae52a93dfdf67acea57126419b3892f7fb60a1c37eb34f91c791b0
8a541961501c50b1a80a8b6381f05ff982068569849166b9c55356b366a1bb26
8d300b9ab92d40783cab239d68a9bc35dfab6480cadd8cb5ff8aed97b0eccf41
9c303a7ebd62689d3a1867f70cc6bdc12eb7700fac4acbf891f14b79fc872459
a096f16f44d386b1be652b4a7cbc324c55bc6430558a296c7e94b069d407bd43
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e48ce78c27fdf1eb221920e6c170b166418d857f4312d98f352f4187d78d98
b1412b06ee170a306a479f9cc099bb9a64cd6271ff88a2f90a860fa34472837d
b2dbf9b0f369fbc59b67a6ac6515fce37f43c3aff27f365b0e4dc78d85a218c9
c1a1851621adf8f2f14e6b58f7c4ced52055d54eae1f4078e7b56db6bca0c1d2
ca64e2133ef2995f03a8b3ae59d82484a9da1f93f2cc0bba160b2d19cc29af80
d2fe47a5728ffc2c7931e1a819242d43e4dc1263502167466a848dad503ee4f6
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e427f8e6f18bd23045c531c44930a8d6408d06ab3c0b85f5d8bdb8e233b6e899
e9ac0994dcab574d46a0252d5f1d52de91f26d3e0e7d0da3a6e742e49539f4ff
ef6d8c216bbf4cc66241abb798069aac7b42936a5deab4d8c39a0db07e3047f8
f18c13dd052559f98602abaea443f382c5424cafe8eac4f51f0f38e800073332
f3678cf3364af41e4722cb3ed80513cd54dbc4d76d90dd29a0d5de103bfceb27
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.roomertravel.com Open in urlscan Pro 2606:4700:20::681a:792 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

74 %IPv6

18 Domains

23 Subdomains

22 IPs

3 Countries

2920 kBTransfer

7061 kBSize

9 Cookies

16 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.roomertravel.com Open in urlscan Pro
2606:4700:20::681a:792 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

74 %
IPv6

18
Domains

23
Subdomains

22
IPs

3
Countries

2920 kB
Transfer

7061 kB
Size

9
Cookies

54 HTTP transactions
0 data transactions