booking.esraotel.com Open in urlscan Pro
2620:1ec:46::65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://booking.esraotel.com/
Submission: On September 19 via automatic, source certstream-suspicious (September 19th 2023, 5:19:24 am UTC) — Scanned from DE

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 52 HTTP transactions. The main IP is 2620:1ec:46::65, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is booking.esraotel.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 22nd 2022. Valid for: a year.

This is the only time booking.esraotel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2620:1ec:46::65 2620:1ec:46::65	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:732	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	6

26 2620:1ec:46::65 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

booking.esraotel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:732 (United States)

ASN13335 (CLOUDFLARENET, US)

bookingapi.elektraweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	esraotel.com booking.esraotel.com	529 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	1 MB
8	google.com www.google.com — Cisco Umbrella Rank: 11	80 KB
4	elektraweb.com bookingapi.elektraweb.com	3 KB
52	4

	Domain	Requested by
26	booking.esraotel.com	booking.esraotel.com
10	www.gstatic.com	www.google.com www.gstatic.com
8	www.google.com	booking.esraotel.com www.gstatic.com www.google.com
4	bookingapi.elektraweb.com	booking.esraotel.com
4	fonts.gstatic.com	booking.esraotel.com www.google.com
52	5

This site contains no links.

Subject Issuer	Validity	Valid
booking.esraotel.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-22` - `2023-12-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
elektraweb.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2023-11-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://booking.esraotel.com/
Frame ID: D48A54D19C997FC8A2B909B195287238
Requests: 33 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26MsgAAAAAHQ4NUyFeEe23U9JYUoJwmrPPco0&co=aHR0cHM6Ly9ib29raW5nLmVzcmFvdGVsLmNvbTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=7cr4mnrqjkkj
Frame ID: 55B3427B6DBF5A3F434EFFFC2086B7EE
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXAd4lAAAAABz4fX7SBs9XyN3lL2N5p2FbvrbD&co=aHR0cHM6Ly9ib29raW5nLmVzcmFvdGVsLmNvbTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=3z9lxa9wgaro
Frame ID: 369F25ADA3397ED51E3C74BD49E9E9C6
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&k=6LeXAd4lAAAAABz4fX7SBs9XyN3lL2N5p2FbvrbD
Frame ID: CFE38B1D10DF407741820586BCB3FF68
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Elektraweb.com

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

52
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

1662 kB
Transfer

4282 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
booking.esraotel.com/ 18 KB
6 KB 415ms
103ms Document
text/html 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 96bd41cc0bc81ad950cd5dd049096d0a08b36cd57d3987e478aa5ab8ed55ebec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300
content-encoding: br
content-type: text/html
date: Tue, 19 Sep 2023 05:19:19 GMT
etag: W/"0x8DBB5BCEE65D1F3"
last-modified: Fri, 15 Sep 2023 07:25:26 GMT
vary: Accept-Encoding
x-azure-ref: 20230919T051919Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009up4
x-cache: TCP_REVALIDATED_HIT
x-ms-request-id: 939b9b28-301e-0076-6c59-ea2f9a000000
x-ms-version: 2018-03-28

GET
H2 200 styles.25a3c0357d3aadc1.css
booking.esraotel.com/ 155 KB
28 KB 158ms
157ms Stylesheet
text/css 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/styles.25a3c0357d3aadc1.css
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 567c1dd5f33a439c51180ed80773d1b0cd17a284080d398981c6c423ffdc3fec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.esraotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:19 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:24:55 GMT
etag: W/"0x8DBB5BCDC12E6CB"
vary: Accept-Encoding
x-azure-ref: 20230919T051919Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009upx
content-type: text/css
x-ms-request-id: 85154603-901e-001d-4159-ea72cc000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 runtime.b8accebef054489c.js Show response
booking.esraotel.com/ 7 KB
4 KB 500ms
499ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9d97214a6545d3c351819e3642fc2916038e4e3425f6e1574e14115476f0e858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.esraotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:24:42 GMT
etag: W/"0x8DBB5BCD44DD60D"
vary: Accept-Encoding
x-azure-ref: 20230919T051919Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009upz
content-type: application/javascript
x-ms-request-id: 86ab4bc9-b01e-0028-5d54-eadc99000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 137ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: booking.esraotel.com
URL: https://booking.esraotel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 17:53:32 GMT
x-content-type-options: nosniff
age: 41147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Sep 2024 17:53:32 GMT

GET
H2 200 polyfills.fc05a223b37a27a7.js Show response
booking.esraotel.com/ 46 KB
19 KB 91ms
91ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/polyfills.fc05a223b37a27a7.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: efa70681757b506adc844bc959f9e161c22fc60b5a03c999a29603e3391d74e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.esraotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:27 GMT
etag: W/"0x8DBB5BCEF34C36F"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uw7
content-type: application/javascript
x-ms-request-id: 10a2d2bf-501e-0029-01b8-eadd64000000
cache-control: public, max-age=300
x-cache: TCP_MISS
x-ms-version: 2018-03-28

GET
H2 200 main.2706dfc12f628bb0.js Show response
booking.esraotel.com/ 650 KB
241 KB 92ms
92ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/main.2706dfc12f628bb0.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 54cd11431bd40f4f85f5728dba30a8f9dda8818575afb75c9edd6a4eb69fd6dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.esraotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:06 GMT
etag: W/"0x8DBB5BCE2B8A7E0"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uwx
content-type: application/javascript
x-ms-request-id: 8721245b-701e-003e-1469-ea1d07000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 136ms
50ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lf26MsgAAAAAHQ4NUyFeEe23U9JYUoJwmrPPco0

Requested by

Host: booking.esraotel.com
URL: https://booking.esraotel.com/main.2706dfc12f628bb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ccf79b699250394085467779494de0b98a1afd0807e91d1c2b1bdc68d2068c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.esraotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 862
x-xss-protection: 1; mode=block
expires: Tue, 19 Sep 2023 05:19:20 GMT

GET
H2 200 7114.8682a2fc58dfb2a4.js Show response
booking.esraotel.com/ 26 KB
6 KB 133ms
133ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/7114.8682a2fc58dfb2a4.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: db2cee6b76ae7f14c6a9b44ebbe5e961799403a60ea331f2b2774d387d2a7eb6

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:38 GMT
etag: W/"0x8DBB5BCF5AFAA45"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uyv
content-type: application/javascript
x-ms-request-id: c55cd586-401e-0036-5459-ea0674000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 6194.84d32f7cf751af32.js Show response
booking.esraotel.com/ 62 KB
20 KB 89ms
89ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/6194.84d32f7cf751af32.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8b53b23d39e486d4db7e70fec834a0b01b77a808f297177aa8d0fecde239bd08

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:18 GMT
etag: W/"0x8DBB5BCE9910A4B"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uyw
content-type: application/javascript
x-ms-request-id: 3a5cee89-801e-0020-0555-eac7ea000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 8986.9525a7c2e3261c96.js Show response
booking.esraotel.com/ 40 KB
13 KB 139ms
139ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/8986.9525a7c2e3261c96.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a9e1805a7f9c6c755de5c72b6184ba47c24eb42538a3491f0dd8416ecd22e3bf

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:24:52 GMT
etag: W/"0x8DBB5BCDA7133CC"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uyx
content-type: application/javascript
x-ms-request-id: 34b44712-601e-0065-4555-ea1a7b000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 3075.917e7b26b9c156b3.js Show response
booking.esraotel.com/ 46 KB
13 KB 88ms
88ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/3075.917e7b26b9c156b3.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44a27f09951159cea6e76a8fea8cdf18abdb5454beeec71b1868bc08192e2167

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:24:56 GMT
etag: W/"0x8DBB5BCDC7913B0"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uyy
content-type: application/javascript
x-ms-request-id: ec2ec233-601e-0003-1659-eaa821000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 7322.905f8bc593632639.js Show response
booking.esraotel.com/ 30 KB
8 KB 88ms
88ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/7322.905f8bc593632639.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2005c764a0aa3cf413c1f29318f982d9a5fdf65047b0cf57e4fe02a1cb0f69ee

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:24:52 GMT
etag: W/"0x8DBB5BCDA2BF796"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uyz
content-type: application/javascript
x-ms-request-id: bf23fd40-c01e-0041-7e59-ea8335000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 4107.eab55d1a0840cc20.js Show response
booking.esraotel.com/ 23 KB
9 KB 88ms
87ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/4107.eab55d1a0840cc20.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ddbdf853891cc9aa91b5e3379f37aec0d7c098dcf378e77187b657bcb5c19bbb

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:24:58 GMT
etag: W/"0x8DBB5BCDDDD9F95"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uz0
content-type: application/javascript
x-ms-request-id: 58763ae6-601e-0003-0eb8-eaa821000000
cache-control: public, max-age=300
x-cache: TCP_MISS
x-ms-version: 2018-03-28

GET
H2 200 4815.c0544de2dd8112fb.js Show response
booking.esraotel.com/ 47 KB
10 KB 86ms
86ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/4815.c0544de2dd8112fb.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a8e7c6a91c77ff9c08a1c339c8f8a186ff7fe8100c08612de44e06599600c2c0

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:24:49 GMT
etag: W/"0x8DBB5BCD8AAC025"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uz1
content-type: application/javascript
x-ms-request-id: a24af2b6-f01e-006b-1259-eaf670000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 7238.08f36cf6a7e7cba9.js Show response
booking.esraotel.com/ 13 KB
5 KB 87ms
86ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/7238.08f36cf6a7e7cba9.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 618d217b950c82ff6a7cb405d9855442b0b852fd7a8bc956ec18250d52d26f6d

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:30 GMT
etag: W/"0x8DBB5BCF12833F3"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uz2
content-type: application/javascript
x-ms-request-id: 86baa225-b01e-0028-0859-eadc99000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 4759.1626fc7f2c614baf.js Show response
booking.esraotel.com/ 42 KB
14 KB 87ms
87ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/4759.1626fc7f2c614baf.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 92e08d189bfd30cd276f26653092cc538d989364d0e9f2a857ffa19f6b81ac17

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:21 GMT
etag: W/"0x8DBB5BCEBCFF7AA"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uz3
content-type: application/javascript
x-ms-request-id: c794845a-e01e-003b-3759-eae978000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 common.cf2fff1656c14454.js Show response
booking.esraotel.com/ 4 KB
2 KB 113ms
112ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/common.cf2fff1656c14454.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ed1d7cb8fd5057de545c6cf22ab5d1761753674d2025172faf30479ab20f1041

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:33 GMT
etag: W/"0x8DBB5BCF301DEAE"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uz8
content-type: application/javascript
x-ms-request-id: 98a594a4-401e-0079-4d59-eac26c000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 8811.a1f90e463785bd25.js Show response
booking.esraotel.com/ 66 KB
18 KB 125ms
125ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/8811.a1f90e463785bd25.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3303ec65b8921683470816a5b6983fe19a8968c80cc9e3ad611c5c8496e9871b

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:20 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:28 GMT
etag: W/"0x8DBB5BCEFE868BA"
vary: Accept-Encoding
x-azure-ref: 20230919T051920Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009uz9
content-type: application/javascript
x-ms-request-id: e9b1ec7b-301e-005f-63b8-ea59d8000000
cache-control: public, max-age=300
x-cache: TCP_MISS
x-ms-version: 2018-03-28

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ 455 KB
184 KB 140ms
42ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lf26MsgAAAAAHQ4NUyFeEe23U9JYUoJwmrPPco0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187512
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Sep 2024 20:49:01 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 55B3 51 KB
28 KB 65ms
64ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26MsgAAAAAHQ4NUyFeEe23U9JYUoJwmrPPco0&co=aHR0cHM6Ly9ib29raW5nLmVzcmFvdGVsLmNvbTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=7cr4mnrqjkkj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

67bdabc53d2f2cb959a4a5f2306244fec64ae40dbaceaee92a944be224c301e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G-nwau353p76yP1HKP4RIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://booking.esraotel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28509
content-security-policy: script-src 'report-sample' 'nonce-G-nwau353p76yP1HKP4RIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 05:19:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 55B3 55 KB
24 KB 119ms
39ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26MsgAAAAAHQ4NUyFeEe23U9JYUoJwmrPPco0&co=aHR0cHM6Ly9ib29raW5nLmVzcmFvdGVsLmNvbTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=7cr4mnrqjkkj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 02:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 02:03:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 55B3 455 KB
183 KB 139ms
60ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187512
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Sep 2024 20:49:01 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 55B3 2 KB
2 KB 44ms
43ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:44:15 GMT
x-content-type-options: nosniff
age: 77706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Sep 2023 07:44:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 55B3 15 KB
15 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 267678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 55B3 15 KB
15 KB 53ms
53ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 05:51:22 GMT
x-content-type-options: nosniff
age: 257279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 05:51:22 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 55B3 102 B
134 B 53ms
52ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=uEf7E1417z6GNSkRx7AyL8K8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa619b53bd27f4d0595f858544068ecc8e1556610e8a36feee5eb550d3aec09c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26MsgAAAAAHQ4NUyFeEe23U9JYUoJwmrPPco0&co=aHR0cHM6Ly9ib29raW5nLmVzcmFvdGVsLmNvbTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=7cr4mnrqjkkj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 19 Sep 2023 05:19:21 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 55B3 34 KB
20 KB 90ms
89ms XHR
application/json 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lf26MsgAAAAAHQ4NUyFeEe23U9JYUoJwmrPPco0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3dac67a0b3acf5c72f482048121ba5ee721edd236face869802e0c15100c1ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf26MsgAAAAAHQ4NUyFeEe23U9JYUoJwmrPPco0&co=aHR0cHM6Ly9ib29raW5nLmVzcmFvdGVsLmNvbTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=7cr4mnrqjkkj
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 19 Sep 2023 05:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20256
x-xss-protection: 1; mode=block
expires: Tue, 19 Sep 2023 05:19:21 GMT

OPTIONS
H2 200 publicToken
bookingapi.elektraweb.com/ Frame 0
0 221ms
120ms Preflight
text/html 2606:4700:20::681a:732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingapi.elektraweb.com/publicToken

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://booking.esraotel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: JWT,OTA-B2B,X-Captcha,X-Captcha-v2,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://booking.esraotel.com
access-control-max-age: 600
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 808f5f9268889bb3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 19 Sep 2023 05:19:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2VbY13U%2BNMwLLsHFxsweW8LfIPv61B%2BwGm81YSDKBVtSWLNxA5usf%2BhTaUTqn%2BbV82U5M5wrCWxSJUOKe%2BZDsw4M6FOASVpmJD111iGeO9zF1xtIpwQMcFNicVax%2FOHEt9v8AeGqJ0V4JmM6YJYerDSc7l%2FBQY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express

POST
H2 412 publicToken Show response
bookingapi.elektraweb.com/ 2 KB
2 KB 177ms
176ms XHR
application/json 2606:4700:20::681a:732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingapi.elektraweb.com/publicToken

Requested by

Host: booking.esraotel.com
URL: https://booking.esraotel.com/polyfills.fc05a223b37a27a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

43a9a71bc1853043234b36ad3da431408618f7e32be3b0fc889fb77d3fdcb2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://booking.esraotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 1786
server: cloudflare
etag: W/"6fa-ouMb+Z1+xtWM0klZob+AWeq+vC8"
access-control-max-age: 600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://booking.esraotel.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nALg1IcIq4AUAfKHultDzt0oxR11E5utBGaQLYd0ceu5b5yXisd30jY7fD01%2BRIfh0fqO11NH4TjivgNgr4iOpIyYkRCWg6R0qwx8uJD2R8Q6YkLZ0VrOJoM88GdmzQm%2Fv6ifqt70zmgqQMUZ6cJQBDeu8HKN8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 808f5f93293c9bb3-FRA
access-control-allow-headers: JWT,OTA-B2B,X-Captcha,X-Captcha-v2,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

OPTIONS
H3 200 coral-params
bookingapi.elektraweb.com/hotel/0/ Frame 0
0 129ms
129ms Preflight
text/html 2606:4700:20::681a:732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingapi.elektraweb.com/hotel/0/coral-params?portalid=1&language=en&cnameweb=esraotel.com&cnamewebsub=booking.esraotel.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://booking.esraotel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: JWT,OTA-B2B,X-Captcha,X-Captcha-v2,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://booking.esraotel.com
access-control-max-age: 600
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 808f5f944d5a3a98-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 19 Sep 2023 05:19:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoUPSlY%2Fc3ErQ9F34CVj5QQt%2BLHgFLOWSGSGnibRlNL5aHuy8FVMkfMGEgC69G%2BjT%2F9Vthwi5kZIL3UBqCI22htWEIq5odmUrhrA4IWW%2FnFonVLM6M4nWFWiMmLR4SfOxFWeVqgLJokZXHPxIUp19Z9GHL%2BUoU0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express

GET
H3 401 coral-params Show response
bookingapi.elektraweb.com/hotel/0/ 53 B
777 B 130ms
129ms XHR
application/json 2606:4700:20::681a:732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingapi.elektraweb.com/hotel/0/coral-params?portalid=1&language=en&cnameweb=esraotel.com&cnamewebsub=booking.esraotel.com

Requested by

Host: booking.esraotel.com
URL: https://booking.esraotel.com/polyfills.fc05a223b37a27a7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0ceafc83e7774f6aa65b9141e6991afc81ba0eac81d5b320a83a8277fe9edec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://booking.esraotel.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 53
server: cloudflare
etag: W/"35-IiN+RRxX1PsywtXvSCP/r8KNEsw"
access-control-max-age: 600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://booking.esraotel.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yx84ydLeEXP9JbB7YQmAjIi0FiWSO1%2B%2FmAbtq9AQQpx6roCDQGj9FRC8Hw9kcbulOHPzHR5cI5vfGWBbLBjVDtDFFHMgos5%2FscR2mw2uWcUxz3hWLEjKxLPOrbdCoVvOhpH3OK00kU4k1kC8vul%2FSLsvQMHQGig%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-credentials: true
cf-apo-via: origin,host
cf-ray: 808f5f951e2a3a98-FRA
access-control-allow-headers: JWT,OTA-B2B,X-Captcha,X-Captcha-v2,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 507.d592d01546287a88.js Show response
booking.esraotel.com/ 2 KB
1 KB 247ms
247ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/507.d592d01546287a88.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 37d2c0cf1c80c2c380e751d6f7dd6770aae930298c8801df1696d5c04b9f77f8

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:06 GMT
etag: W/"0x8DBB5BCE2B9440C"
vary: Accept-Encoding
x-azure-ref: 20230919T051922Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009vcx
content-type: application/javascript
x-ms-request-id: 7c5efdf1-701e-0053-47b8-eab729000000
cache-control: public, max-age=300
x-cache: TCP_MISS
x-ms-version: 2018-03-28

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
879 B 49ms
48ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=ng2recaptchaloaded

Requested by

Host: booking.esraotel.com
URL: https://booking.esraotel.com/main.2706dfc12f628bb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a121a0e120a5e6420fa72f4fc1374769fa8b615c1c57d17214ad568db507585f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.esraotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 858
x-xss-protection: 1; mode=block
expires: Tue, 19 Sep 2023 05:19:22 GMT

GET
H2 200 8833.69bd8a1d932ff0e4.js Show response
booking.esraotel.com/ 12 KB
5 KB 135ms
133ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/8833.69bd8a1d932ff0e4.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 93fe9dddf03693a5dc637de677f15dffc2a0cc81ee0837ddedc2c56f37574615

Request headers

Referer: https://booking.esraotel.com/UA
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:16 GMT
etag: W/"0x8DBB5BCE8EAF78E"
vary: Accept-Encoding
x-azure-ref: 20230919T051922Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009veq
content-type: application/javascript
x-ms-request-id: 7c5eff1d-701e-0053-0fb8-eab729000000
cache-control: public, max-age=300
x-cache: TCP_MISS
x-ms-version: 2018-03-28

GET
H2 200 1125.14d24b5288d1e97b.js Show response
booking.esraotel.com/ 16 KB
6 KB 140ms
138ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/1125.14d24b5288d1e97b.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ddd864e481922fcf76fdafef88005c0f41fa7bcd1e119930ea83d4737bbd51b5

Request headers

Referer: https://booking.esraotel.com/UA
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:47 GMT
etag: W/"0x8DBB5BCFB63669B"
vary: Accept-Encoding
x-azure-ref: 20230919T051922Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009ver
content-type: application/javascript
x-ms-request-id: 6e650fd7-a01e-001e-0655-ea71cb000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 8925.def5fb0520f4fd8e.js Show response
booking.esraotel.com/ 11 KB
4 KB 135ms
133ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/8925.def5fb0520f4fd8e.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 134801170883b3bf9ab8e5ea79d4c423efbcf8e353bd9981747a6c9786556435

Request headers

Referer: https://booking.esraotel.com/UA
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:01 GMT
etag: W/"0x8DBB5BCDFD2215E"
vary: Accept-Encoding
x-azure-ref: 20230919T051922Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009ves
content-type: application/javascript
x-ms-request-id: 03473fa7-101e-006a-7859-eaf78d000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 6856.97e117254f42434f.js Show response
booking.esraotel.com/ 88 KB
25 KB 139ms
138ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/6856.97e117254f42434f.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 61ba95d2d71ab718c9456dddc922272afd44ae3593b898f3e0fb8c19e671880e

Request headers

Referer: https://booking.esraotel.com/UA
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:24:40 GMT
etag: W/"0x8DBB5BCD320F3D8"
vary: Accept-Encoding
x-azure-ref: 20230919T051922Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009vet
content-type: application/javascript
x-ms-request-id: a26eb8dc-701e-0035-7359-ea0573000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 3251.2ee03938dbd6f504.js Show response
booking.esraotel.com/ 40 KB
13 KB 133ms
132ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/3251.2ee03938dbd6f504.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 24e484aecec3497ffca5d5ab8ff23f9c8fbbd1cdf48d8e9867059b6e152c144a

Request headers

Referer: https://booking.esraotel.com/UA
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:25 GMT
etag: W/"0x8DBB5BCEDF2608B"
vary: Accept-Encoding
x-azure-ref: 20230919T051922Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009veu
content-type: application/javascript
x-ms-request-id: 43d8a5da-301e-0010-6659-ea9dc0000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 1079.727bc971fd7691f9.js Show response
booking.esraotel.com/ 15 KB
6 KB 138ms
137ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/1079.727bc971fd7691f9.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c501303a2fd73c465b8b87e8ff68796145839c05e0e5a89e53a59e9470128a91

Request headers

Referer: https://booking.esraotel.com/UA
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:23 GMT
etag: W/"0x8DBB5BCED05D949"
vary: Accept-Encoding
x-azure-ref: 20230919T051922Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009vev
content-type: application/javascript
x-ms-request-id: 3a7798a2-801e-0020-1659-eac7ea000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 2333.c3ee8f4132f26e31.js Show response
booking.esraotel.com/ 10 KB
5 KB 214ms
213ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/2333.c3ee8f4132f26e31.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 14896d0c5a35a68d0a564e199750e4ea9db80c129060fbd0f814ac0386763c49

Request headers

Referer: https://booking.esraotel.com/UA
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:13 GMT
etag: W/"0x8DBB5BCE6B6B701"
vary: Accept-Encoding
x-azure-ref: 20230919T051922Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009vew
content-type: application/javascript
x-ms-request-id: b56edd7a-d01e-0011-5155-ea9c3d000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 9960.21556ac6efb0c732.js Show response
booking.esraotel.com/ 15 KB
6 KB 133ms
133ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/9960.21556ac6efb0c732.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1718b84b7a4591f666a109bf79a4f76f32809fe594d686989a4063c9d84f3099

Request headers

Referer: https://booking.esraotel.com/UA
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:25:04 GMT
etag: W/"0x8DBB5BCE1B91094"
vary: Accept-Encoding
x-azure-ref: 20230919T051922Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009vex
content-type: application/javascript
x-ms-request-id: 3ab77ea6-701e-001c-79b8-ea7331000000
cache-control: public, max-age=300
x-cache: TCP_MISS
x-ms-version: 2018-03-28

GET
H2 200 4125.592c5d1991c713a8.js Show response
booking.esraotel.com/ 130 KB
41 KB 174ms
174ms Script
application/javascript 2620:1ec:46::65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.esraotel.com/4125.592c5d1991c713a8.js
Requested by: Host: booking.esraotel.com
URL: https://booking.esraotel.com/runtime.b8accebef054489c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9113cce46126c138c91e508c0d119af91d5bad3f1315b6723f29f1361b3f6ab0

Request headers

Referer: https://booking.esraotel.com/UA
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: br
last-modified: Fri, 15 Sep 2023 07:24:51 GMT
etag: W/"0x8DBB5BCD9C221B6"
vary: Accept-Encoding
x-azure-ref: 20230919T051922Z-m0xunkt6s57dpad8nq8p1dpyzn00000006hg000000009vey
content-type: application/javascript
x-ms-request-id: 939ba4d5-301e-0076-0759-ea2f9a000000
cache-control: public, max-age=300
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2018-03-28

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ 455 KB
183 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=ng2recaptchaloaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.esraotel.com/
Origin: https://booking.esraotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187512
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Sep 2024 20:49:01 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 369F 52 KB
29 KB 63ms
62ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXAd4lAAAAABz4fX7SBs9XyN3lL2N5p2FbvrbD&co=aHR0cHM6Ly9ib29raW5nLmVzcmFvdGVsLmNvbTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=3z9lxa9wgaro

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

678bec22585a455b71dc82b2b9c06c964e703df8effaf2692b81c14e7ae67509

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZLAZxnCVu16eWRMpHGPFfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://booking.esraotel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 29430
content-security-policy: script-src 'report-sample' 'nonce-ZLAZxnCVu16eWRMpHGPFfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 05:19:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 369F 55 KB
24 KB 42ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXAd4lAAAAABz4fX7SBs9XyN3lL2N5p2FbvrbD&co=aHR0cHM6Ly9ib29raW5nLmVzcmFvdGVsLmNvbTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=3z9lxa9wgaro

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 02:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 02:03:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 369F 455 KB
183 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187512
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Sep 2024 20:49:01 GMT

GET
DATA 200
OK truncated
/ Frame 369F 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 369F 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 369F 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:44:15 GMT
x-content-type-options: nosniff
age: 77707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Sep 2023 07:44:15 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 369F 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 267679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 02:58:03 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 369F 102 B
134 B 49ms
47ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=uEf7E1417z6GNSkRx7AyL8K8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa619b53bd27f4d0595f858544068ecc8e1556610e8a36feee5eb550d3aec09c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXAd4lAAAAABz4fX7SBs9XyN3lL2N5p2FbvrbD&co=aHR0cHM6Ly9ib29raW5nLmVzcmFvdGVsLmNvbTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=3z9lxa9wgaro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 19 Sep 2023 05:19:22 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame CFE3 7 KB
1 KB 52ms
52ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&k=6LeXAd4lAAAAABz4fX7SBs9XyN3lL2N5p2FbvrbD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc2d903df7089c4a135546c0d516acc418f67cd13f5fcacc809121c40ce8db92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qOl0azuhOoDNHnKa2khF_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://booking.esraotel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1162
content-security-policy: script-src 'report-sample' 'nonce-qOl0azuhOoDNHnKa2khF_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 05:19:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame CFE3 55 KB
24 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&k=6LeXAd4lAAAAABz4fX7SBs9XyN3lL2N5p2FbvrbD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 02:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 02:03:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame CFE3 455 KB
183 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&k=6LeXAd4lAAAAABz4fX7SBs9XyN3lL2N5p2FbvrbD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187512
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Sep 2024 20:49:01 GMT

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 19:10:52	Name: _GRECAPTCHA Value: 09AIMuWcDW9PoPbVtgYlgBi1CkNgKe8xjGwa3IubbjtcrepNnqqtfPAhwOo7QE3tsiLCCnZp4j5sNUIj33TNCrOY4

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bookingapi.elektraweb.com/publicToken Message: Failed to load resource: the server responded with a status of 412 ()
network	error	URL: https://bookingapi.elektraweb.com/hotel/0/coral-params?portalid=1&language=en&cnameweb=esraotel.com&cnamewebsub=booking.esraotel.com Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.esraotel.com
bookingapi.elektraweb.com
fonts.gstatic.com
www.google.com
www.gstatic.com
2606:4700:20::681a:732
2620:1ec:46::65
2a00:1450:4001:803::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2003
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ceafc83e7774f6aa65b9141e6991afc81ba0eac81d5b320a83a8277fe9edec0
134801170883b3bf9ab8e5ea79d4c423efbcf8e353bd9981747a6c9786556435
14896d0c5a35a68d0a564e199750e4ea9db80c129060fbd0f814ac0386763c49
1718b84b7a4591f666a109bf79a4f76f32809fe594d686989a4063c9d84f3099
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2005c764a0aa3cf413c1f29318f982d9a5fdf65047b0cf57e4fe02a1cb0f69ee
24e484aecec3497ffca5d5ab8ff23f9c8fbbd1cdf48d8e9867059b6e152c144a
2ccf79b699250394085467779494de0b98a1afd0807e91d1c2b1bdc68d2068c7
3303ec65b8921683470816a5b6983fe19a8968c80cc9e3ad611c5c8496e9871b
3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150
37d2c0cf1c80c2c380e751d6f7dd6770aae930298c8801df1696d5c04b9f77f8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43a9a71bc1853043234b36ad3da431408618f7e32be3b0fc889fb77d3fdcb2ca
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44a27f09951159cea6e76a8fea8cdf18abdb5454beeec71b1868bc08192e2167
54cd11431bd40f4f85f5728dba30a8f9dda8818575afb75c9edd6a4eb69fd6dd
567c1dd5f33a439c51180ed80773d1b0cd17a284080d398981c6c423ffdc3fec
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
618d217b950c82ff6a7cb405d9855442b0b852fd7a8bc956ec18250d52d26f6d
61ba95d2d71ab718c9456dddc922272afd44ae3593b898f3e0fb8c19e671880e
678bec22585a455b71dc82b2b9c06c964e703df8effaf2692b81c14e7ae67509
67bdabc53d2f2cb959a4a5f2306244fec64ae40dbaceaee92a944be224c301e4
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
8b53b23d39e486d4db7e70fec834a0b01b77a808f297177aa8d0fecde239bd08
9113cce46126c138c91e508c0d119af91d5bad3f1315b6723f29f1361b3f6ab0
92e08d189bfd30cd276f26653092cc538d989364d0e9f2a857ffa19f6b81ac17
93fe9dddf03693a5dc637de677f15dffc2a0cc81ee0837ddedc2c56f37574615
96bd41cc0bc81ad950cd5dd049096d0a08b36cd57d3987e478aa5ab8ed55ebec
9d97214a6545d3c351819e3642fc2916038e4e3425f6e1574e14115476f0e858
a121a0e120a5e6420fa72f4fc1374769fa8b615c1c57d17214ad568db507585f
a3dac67a0b3acf5c72f482048121ba5ee721edd236face869802e0c15100c1ed
a8e7c6a91c77ff9c08a1c339c8f8a186ff7fe8100c08612de44e06599600c2c0
a9e1805a7f9c6c755de5c72b6184ba47c24eb42538a3491f0dd8416ecd22e3bf
c501303a2fd73c465b8b87e8ff68796145839c05e0e5a89e53a59e9470128a91
db2cee6b76ae7f14c6a9b44ebbe5e961799403a60ea331f2b2774d387d2a7eb6
ddbdf853891cc9aa91b5e3379f37aec0d7c098dcf378e77187b657bcb5c19bbb
ddd864e481922fcf76fdafef88005c0f41fa7bcd1e119930ea83d4737bbd51b5
ed1d7cb8fd5057de545c6cf22ab5d1761753674d2025172faf30479ab20f1041
efa70681757b506adc844bc959f9e161c22fc60b5a03c999a29603e3391d74e2
fa619b53bd27f4d0595f858544068ecc8e1556610e8a36feee5eb550d3aec09c
fc2d903df7089c4a135546c0d516acc418f67cd13f5fcacc809121c40ce8db92

booking.esraotel.com Open in urlscan Pro 2620:1ec:46::65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

100 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

1662 kBTransfer

4282 kBSize

1 Cookies

0 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

booking.esraotel.com Open in urlscan Pro
2620:1ec:46::65 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

1662 kB
Transfer

4282 kB
Size

1
Cookies

52 HTTP transactions
2 data transactions