urlscan.io logo urlscan.io
SecurityTrails logo

booking.thelesliemw.com Open in urlscan Pro
2606:4700:3037::6815:48be  Public Scan

Go To Rescan Add Verdict Report
URL: https://booking.thelesliemw.com/
Submission: On January 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3037::6815:48be, located in United States and belongs to CLOUDFLARENET, US. The main domain is booking.thelesliemw.com.
TLS certificate: Issued by E1 on December 3rd 2023. Valid for: 3 months.
This is the only time booking.thelesliemw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    2606:4700:3037::6815:48be (United States)

ASN13335 (CLOUDFLARENET, US)
booking.thelesliemw.com
1    2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3031::ac43:8857 (United States)

ASN13335 (CLOUDFLARENET, US)
raccoonstatic.com
5    2607:f8b0:4004:c08::69 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
6    2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
670 KB
7 thelesliemw.com
booking.thelesliemw.com
203 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 6
36 KB
1 raccoonstatic.com
raccoonstatic.com
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1 KB
20 5
Domain Requested by
7 booking.thelesliemw.com 1 redirects booking.thelesliemw.com
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com booking.thelesliemw.com
www.gstatic.com
www.google.com
1 fonts.gstatic.com www.google.com
1 raccoonstatic.com booking.thelesliemw.com
1 fonts.googleapis.com booking.thelesliemw.com
20 6

This site contains no links.

Subject Issuer Validity Valid
thelesliemw.com
E1		 2023-12-03 -
2024-03-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
raccoonstatic.com
GTS CA 1P5		 2024-01-09 -
2024-04-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://booking.thelesliemw.com/
Frame ID: 91AC5ADBE93DB2BE540FC289F5AE6E70
Requests: 8 HTTP requests in this frame

Frame: https://booking.thelesliemw.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 00ABAE4EE33B2878571E93144788531B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt&co=aHR0cHM6Ly9ib29raW5nLnRoZWxlc2xpZW13LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=atajfk0ny4a
Frame ID: 8D8EB94A841E0E9D8A4F7D418B9BFE1D
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt
Frame ID: 4836252941FD94AE20DA918EA53280EC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Book

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

20
Requests

95 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

7
IPs

1
Countries

915 kB
Transfer

2584 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://booking.thelesliemw.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://booking.thelesliemw.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
booking.thelesliemw.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://booking.thelesliemw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:48be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.13
Resource Hash
c6220527b09d42976137d17c00e1c6281adfc4e9aadd8172208ba96c17782b4e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
843e8860882742c9-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 16:28:26 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhSlwFkmyk6OnkrMy9IFxZDmNMK%2BLBEiZW3bX4mu7t%2FiFLmtxOO1AH9366Ikq8LO8F2GAW8nw1cA5zC5LUsxdDlqyhJDJ9Tiq4dDNsgQabY13%2Fn4Bd3R73LjnCqOW6MVbC5XiCeuq5UvvSAYIBY%2B0KQa4aHuJw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.13
bookingengine.css
booking.thelesliemw.com/css/ 		247 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://booking.thelesliemw.com/css/bookingengine.css?v1695800949
Requested by
Host: booking.thelesliemw.com
URL: https://booking.thelesliemw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:48be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509b4965c8070a4b940764dcff595f95896791680e87bc838ccd91ee08319e75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.thelesliemw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:28:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 07:49:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3dd6b-606526d2ed6a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ap8i7ruPlFOmos3phkSQJBocsU9R%2B1mtU7eej7He4%2B9NJL0VzgzhfbdmwpOm8y4qz%2FNXu7IT4uJeELLTgKlQdkVnIPbIIpv8B%2BaLBGhA70BWbxuVon4VxEgPzKD%2FNaxMdGTzFdzJbiTuJu2fFAPzCmZhZm3%2Bpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
843e886a1dae42c9-EWR
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800;900&display=swap
Requested by
Host: booking.thelesliemw.com
URL: https://booking.thelesliemw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26983119b2d1f8c7187952f37a4227468bad008c0e6ed7310de54716abc64b23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.thelesliemw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 16:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 15:52:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jan 2024 16:28:26 GMT
ricon.css
booking.thelesliemw.com/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://booking.thelesliemw.com/css/ricon.css?f=1696914028
Requested by
Host: booking.thelesliemw.com
URL: https://booking.thelesliemw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:48be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6113898e5797dae44633f46725e07dcee38dd14a16bed81e1db46ba28fbedccc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.thelesliemw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:28:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 07:49:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"14e9-606526d2eea28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAvvrW2SdpB%2B4gEc4bt3o0C727Vmq8Sl5JH83o6N5UBFlvCsQeoCe%2BbIUDzsuQVTMylsmeS06Rf7Zvk0kjkNP1fE6ImopzEfaH%2BxzQz5C5rSpEskI7YmdvULj%2BrCYonCtCQoqlqF2JZ9NBxO9UgcOz5xLkXnfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
843e886a1db042c9-EWR
alt-svc
h3=":443"; ma=86400
translations.be..js
raccoonstatic.com/cache/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://raccoonstatic.com/cache/translations.be..js?v=1700770451
Requested by
Host: booking.thelesliemw.com
URL: https://booking.thelesliemw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e72cace27914d1a22a374601dbe120b26e92028a64ebd72968046e2c318ccaf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.thelesliemw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:28:26 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 05 Dec 2023 08:00:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3489-60bbe9f297bdf-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBz88E6xLPu9Iiw4jskiolDs5TclvzdX4XjR6cM5UG6SYXFtW4HfDcVLhAyfh5wvuu0LmlLghZ%2FFtzQr2wDZ04D2RVcov%2BGnuY2ASYSy0gntxch6ZpVY8BrBKQv%2Fv9gsYmUHHJMg6x0EireJ8nl2kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
843e886a8f6c43f9-EWR
alt-svc
h3=":443"; ma=86400
js.js
booking.thelesliemw.com/minvs2/ 		571 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.thelesliemw.com/minvs2/js.js?g=bejs&v=1701161233
Requested by
Host: booking.thelesliemw.com
URL: https://booking.thelesliemw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:48be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.13
Resource Hash
ee25f71d76baaed1d27c8b73904d4c2177c012fd95098fb60a2a31880d1b4da3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.thelesliemw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:28:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 11 Jan 2024 16:28:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.13
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMkTKMMQ1cOt6FxMtXhk9qMm%2FSy5KFoyH8d1gGfBZV5qVrcledBQokQrcpEHtkXV6G8BZMUuqn4B7sz%2BQpuWgctSZeneUPA3DcjaJhFr%2FaHF43UP5ZLS%2FHRMct4zNxn3gqKjqTQRiQJLM9VX8Ag4sHMyB0VOjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2629743, must-revalidate
cf-ray
843e886a1db242c9-EWR
alt-svc
h3=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: booking.thelesliemw.com
URL: https://booking.thelesliemw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::69 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c0a8f2cd747b6b9cd15d4007388817291906a6b8b1c70b2bc39a64e603809b77
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.thelesliemw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 11 Jan 2024 16:28:26 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		503 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.thelesliemw.com/
Origin
https://booking.thelesliemw.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 16:20:16 GMT
main.js
booking.thelesliemw.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 00AB
Redirect Chain
  • https://booking.thelesliemw.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://booking.thelesliemw.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.thelesliemw.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: booking.thelesliemw.com
URL: https://booking.thelesliemw.com/
Protocol
H3
Server
2606:4700:3037::6815:48be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3da3720258580c2ca89a66bced16793295ff76d8794fb5bb8fb5a7c974d7e62b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVUu0uG1MquMdShnJi7aKtPt%2B3%2FpcLuSiZFskFNsjyMeGovdHSbyyLLROvJpGmHhLA%2B5iEPGoZ%2BmYGEcnRaR%2FMCdP%2B8WHWFAsTk%2FlQL0bzYNhKFk8V%2BmuxSPTTa%2B8ab6UloTCpDVwGVCVhVmIJ88bc0a0Cy08g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
843e886ddb9b0f8f-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 11 Jan 2024 16:28:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJi%2FKsrFWAb6j%2BoMsCR%2FHxerwiub7EEVzXdLf6N%2FzYsq53KyGUzBBIuJn3rfdAo3rEn1rNZFyey1LFHiKM0Ce1eBpuz%2FlEIx%2FJrpECUyPWM6Lg2yLoOVAIxXF%2BND5ob1ScCcSvEQF4Pgr6JrEtD%2FV6%2FoiW60xg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
843e886dab6a0f8f-EWR
alt-svc
h3=":443"; ma=86400
843e8860882742c9
booking.thelesliemw.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 00AB 		0
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.thelesliemw.com/cdn-cgi/challenge-platform/h/b/jsd/r/843e8860882742c9
Requested by
Host: booking.thelesliemw.com
URL: https://booking.thelesliemw.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:48be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 16:28:27 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRhXxw5UxhzCS21TqbhKd%2BGO%2BO8BSEjvEC23%2F6aqjjzv6KC3EfZ6mNy4Y60d%2FxE9rgeaoDYFfZcMaX%2F6VLpoL%2BlVQGJdGsZuUGByzir22sw%2FfcxhYRhGlPUkhHKH5G%2BC8QtUzHJAIgLnC9RL9Py8DRyY5CPvhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
843e886f5d770f8f-EWR
alt-svc
h3=":443"; ma=86400
anchor
www.google.com/recaptcha/api2/ Frame 8D8E 		42 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt&co=aHR0cHM6Ly9ib29raW5nLnRoZWxlc2xpZW13LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=atajfk0ny4a
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::69 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a7397b486945f0650dda5572cc2e2c0e4c9d001df1e6d632d5fb20a6825d400f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4A8fHTEeEsZsegX5EH_50w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.thelesliemw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4A8fHTEeEsZsegX5EH_50w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 16:28:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 8D8E 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt&co=aHR0cHM6Ly9ib29raW5nLnRoZWxlc2xpZW13LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=atajfk0ny4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 16:20:17 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 8D8E 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt&co=aHR0cHM6Ly9ib29raW5nLnRoZWxlc2xpZW13LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=atajfk0ny4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 16:20:16 GMT
truncated
/ Frame 8D8E 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8D8E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8D8E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:02:16 GMT
x-content-type-options
nosniff
age
113171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Jan 2024 09:02:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D8E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt&co=aHR0cHM6Ly9ib29raW5nLnRoZWxlc2xpZW13LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=atajfk0ny4a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:18:45 GMT
x-content-type-options
nosniff
age
112182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 09:18:45 GMT
lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
www.google.com/js/bg/ Frame 8D8E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::69 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt&co=aHR0cHM6Ly9ib29raW5nLnRoZWxlc2xpZW13LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=atajfk0ny4a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:23:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
50670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 02:23:57 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 8D8E 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt&co=aHR0cHM6Ly9ib29raW5nLnRoZWxlc2xpZW13LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=atajfk0ny4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::69 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt&co=aHR0cHM6Ly9ib29raW5nLnRoZWxlc2xpZW13LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=atajfk0ny4a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 11 Jan 2024 16:28:27 GMT
bframe
www.google.com/recaptcha/api2/ Frame 4836 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::69 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
87f71fbca8677928c986d1156fca7651cd2d23f21da036889532f90eb2281143
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e2RB21sucsICSdYxy8DzXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.thelesliemw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-e2RB21sucsICSdYxy8DzXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 16:28:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 4836 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 16:20:17 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 4836 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeUeSATAAAAAIfwomHRfCn5Vv7niqnEH6ph_Blt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 16:20:16 GMT

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| loadCssFromRMS function| loadJsFromRMS function| submit object| lc string| lang string| ccLang string| locale string| localeAlt string| dateFormatLocale string| dateFormatUS number| firstDayOfWeek string| currencyCode string| sTimezone string| csrfToken string| basicTemplate string| advancedTemplate string| basicCancelTemplate string| transChooseRoom string| transNotSaved string| transEmail string| transNoShow string| transNoData string| transSearch string| transZoek string| transLaden string| transToonXResultaten string| transGefilterd string| transShowEntries string| transPrevious string| transNext string| transLastReservation string| imageDeleteConfirm string| transCheckoutConfirm string| transResetTour string| transRemoveConfirm string| transLeavePage string| defaultTemplateContent string| transValidateDateError string| transUpgrade string| transInvoiceConfirm string| transInvoiceZero string| transInvoiceGuestMissing string| transInvoiceOverpriced string| transEmptyReference string| transRoomAmountEmpty object| transTax string| transNight string| transNights string| transReservationDelete string| transReservationLocked string| transMailDocConfirmEmail string| transMailDocConfirmNotification string| transMailDocErrorNotification string| transSplitInvoiceSuccess string| transUndoSplitSuccess string| transUndoSplitConfirm string| transDragReservationError string| transErrorEmptyRateTypeOnCheckout string| transRoomNotAvailable string| transRoomRestrictionWarning string| transRoomNotAvailableWarning string| transMoveErrorSelect string| transMoveTargetLabel string| transMoveSourceLabel string| transMoveDiffRoomType string| transMoveOverbookRoom string| transWarningChangeRoom string| transColumnFilterName string| transFromPlaceholder string| transToPlaceholder string| transMaxRows string| transDownloadZip string| transDownloadZipError string| transCustomReportDelete string| transConfirmMail1 string| transConfirmMail2 string| transConfirmMail3 string| transConfirmMail5 string| transConfirmMail6 string| transConfirmMail7 string| transConfirmMail8 string| transConfirmMail9 string| transConfirmMail10 string| transConfirmMail11 string| transConfirmMail12 string| transConfirmMail23 string| transConfirmMail24 string| transConfirmMail25 string| transConfirmMail26 string| transConfirmMail27 string| emailNotSentDocumentMissing string| transCancelMail1 string| transCancelMail2 string| transDeleteUserContact string| transDeleteConfirmUserContact string| transMan string| transWoman string| transGuestDetails string| transRoomsInAllotment string| transSelectRateType string| transExceedsAvailability string| missingCity string| transIncorrectPasswordCC string| transPoliceReportNoGuests string| settingsRequired string| settingsRemote string| settingsEmail string| settingsUrl string| settingsDate string| settingsDateISO string| settingsNumber string| settingsDigits string| settingsCreditcard string| settingsEqualTo string| settingsAccept string| settingsState string| settingsProvince string| cmsettingsPrompt string| transSameRateType string| addExtraRoom string| notAllowedToAddConnectivity string| settingsRateTypePriceChange string| transRateThresholdMin string| transRateThresholdMax string| transConfirmCreditcardCharge string| transConfirmCreditcardRebate string| transConfirmCreditcardPreauth string| transConfirmCreditcardCapture string| transTerminalPayment string| transInvalidPartialAmount string| transNoAmexCh string| transCreditCardExpired string| transPaymentMethod string| transPaymentStatus string| transPaymentReservation string| transAddressValid string| transAddressInvalid string| transDateEffectiveWarning string| transChargeCreditCardFor string| transVirtualChargeCreditCardFor string| transVirtualChargeFillInAmount string| transRatesMinimumStayError string| transOnlineCheckinDuplicateFields string| transInvoiceVoidConfirm string| transNoAvailBe string| transRrOnboardingDeleteShareholder string| transAddonBreakdownPerson string| transAddonBreakdownNights string| transAddonBreakdownTotal string| transAddonBreakdownOverridden string| transCheckOutdatedReservation string| settingsInvalidCityTaxRules string| confirmRequestTerminals string| transXeroInvoiceOverpayment string| transUnknownError string| transErrorConfig string| transPaymentMethodRequired string| transPaymentInitialsRequired string| transUpdateBrowser string| transUpdateBeBrowser string| transRemindLater string| transNoThanks string| transCameraDisabled string| transScanFail string| transScanFailSize string| transOcItMissingLeader string| transOcItOnlyOneLeader string| transCcAnnotationsError string| transProposedAmountLimitError string| transProposedAmountNotnumericError string| transIstatHouseTypeError object| bpTrans string| transTourTitle string| transTourStart string| transTourStop string| transTourNext string| transTourPrevious string| transTourContinue string| tourShowClose string| isSuper string| rateBulkUpdaterHeading string| rateBulkUpdaterBody string| rateBulkUpdaterLearnMoreLink string| learnMore string| gotIt string| channelSyncEnabled string| channelSyncDisabled string| channelSyncWarning boolean| debug object| beSettings boolean| storeData boolean| firstPageLoad boolean| fixedHeader boolean| bIncludeCityTax boolean| bIncludeVat boolean| bHideCityTaxTxt boolean| isAddOnsIncluded object| allottedData object| availableRooms object| thisRes string| sEcommerceCode object| aEcommercePrice string| sGoogleAdsCode function| browserSpecs function| browserSupportWarning function| remindLater function| remindNever function| getAvailableRooms function| processAvailabilityData function| checkCorporateRate function| checkEmailExists function| handleUserData function| checkReservation function| updateDateRange function| updateMultiPropertyDropDown function| addReservationAjax function| generateRoomObjectEcommerce function| sendGoogleAds function| executeScript function| reportErrors function| updateStoredataRateTypes function| checkAddonsInventoryLimit function| getStoreData function| placeContent function| clearStoreData function| touchStoreData function| isStillAvailable function| updateTotalPrice function| addBooking function| editBooking function| removeBooking function| checkCompany function| loadToggle function| loadToggleDatepicker function| stepToggle undefined| pricePosition function| scrollRateType function| scrollFormField function| getQueryString function| showConvertedDateHtml function| convertDate function| whichDay function| isValidEmail function| absorbEvent_ function| preventLongPressMenu function| mobileCheck function| confirmOnPageExit function| firstRoomName function| checkAnnotationsOnCC object| creditCardTypes undefined| ccNumberElement function| availabilityDatepickers function| parseUrlQueryStr function| convertToFormattedDate function| rateShopper function| resolveAfterMS function| displayPrice function| $ function| jQuery object| classie function| EventEmitter object| eventie function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| TapListener function| imagesLoaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_647009

3 Cookies

Domain/Path Name / Value
booking.thelesliemw.com/ Name: PHPSESSID
Value: od303kp21gbni991qu9lii2bia
booking.thelesliemw.com/ Name: Csrf-Token
Value: K3cwOEtHUkFKYzlFNytLb0xmbmpBOU00d3liekxSckQ4UmJPWFFlNTRRcTg4SXp2bllkNnNnR3AwUjMyZWo4Uw..
.thelesliemw.com/ Name: cf_clearance
Value: XVao3nYNVvlqZdJWdNK3niDc08PlQ8KJkzKmH8lB1IQ-1704990507-0-2-75e5bb66.bfaaeedd.9e9de7d7-0.2.1704990507

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.thelesliemw.com
fonts.googleapis.com
fonts.gstatic.com
raccoonstatic.com
www.google.com
www.gstatic.com
2606:4700:3031::ac43:8857
2606:4700:3037::6815:48be
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::69
2607:f8b0:4004:c1d::5e
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
26983119b2d1f8c7187952f37a4227468bad008c0e6ed7310de54716abc64b23
3da3720258580c2ca89a66bced16793295ff76d8794fb5bb8fb5a7c974d7e62b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
509b4965c8070a4b940764dcff595f95896791680e87bc838ccd91ee08319e75
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
5e72cace27914d1a22a374601dbe120b26e92028a64ebd72968046e2c318ccaf
6113898e5797dae44633f46725e07dcee38dd14a16bed81e1db46ba28fbedccc
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
87f71fbca8677928c986d1156fca7651cd2d23f21da036889532f90eb2281143
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
a7397b486945f0650dda5572cc2e2c0e4c9d001df1e6d632d5fb20a6825d400f
c0a8f2cd747b6b9cd15d4007388817291906a6b8b1c70b2bc39a64e603809b77
c6220527b09d42976137d17c00e1c6281adfc4e9aadd8172208ba96c17782b4e
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee25f71d76baaed1d27c8b73904d4c2177c012fd95098fb60a2a31880d1b4da3