urlscan.io logo urlscan.io
SecurityTrails logo

secure.estivotravel.com Open in urlscan Pro
35.204.215.69  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.estivotravel.com/
Submission: On October 15 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 31 HTTP transactions. The main IP is 35.204.215.69, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is secure.estivotravel.com.
TLS certificate: Issued by R10 on October 11th 2024. Valid for: 3 months.
This is the only time secure.estivotravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 35.204.215.69 396982 (GOOGLE-CL...)
12 34.160.228.48 396982 (GOOGLE-CL...)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:b... 396982 (GOOGLE-CL...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
31 10
7    35.204.215.69 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.215.204.35.bc.googleusercontent.com
secure.estivotravel.com
12    34.160.228.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.228.160.34.bc.googleusercontent.com
cdn-est-cms.maxxton.net
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
cdn.mxpnl.com
2    2a02:26f0:3500:18::1724:a29d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    2a02:26f0:3500:886::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
1    2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
imgsct.cookiebot.com
3    2a02:26f0:3500:880::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
newyse-res.cloudinary.com
Apex Domain
Subdomains		 Transfer
12 maxxton.net
cdn-est-cms.maxxton.net
935 KB
7 estivotravel.com
secure.estivotravel.com
7 KB
4 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4618
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5320
imgsct.cookiebot.com — Cisco Umbrella Rank: 5372
35 KB
3 cloudinary.com
newyse-res.cloudinary.com
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3511
19 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
103 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
6 KB
31 8
Domain Requested by
12 cdn-est-cms.maxxton.net secure.estivotravel.com
cdn-est-cms.maxxton.net
7 secure.estivotravel.com cdn-est-cms.maxxton.net
3 newyse-res.cloudinary.com
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 fonts.googleapis.com cdn-est-cms.maxxton.net
1 imgsct.cookiebot.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 cdn.mxpnl.com secure.estivotravel.com
1 www.googletagmanager.com secure.estivotravel.com
1 cdnjs.cloudflare.com secure.estivotravel.com
31 10

This site contains no links.

Subject Issuer Validity Valid
secure.estivotravel.com
R10		 2024-10-11 -
2025-01-09		 3 months crt.sh
*.maxxton.net
Sectigo RSA Domain Validation Secure Server CA		 2023-10-16 -
2024-11-14		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2024-07-15 -
2025-07-29		 a year crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-12-18 -
2025-01-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://secure.estivotravel.com/
Frame ID: B14B0F8760FFB0F41BE7B548299F0617
Requests: 30 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 9268D16AD4E673FCAB3AC1C2551B4C6E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

blank

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Page Statistics

31
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

10
IPs

4
Countries

1110 kB
Transfer

6412 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.estivotravel.com/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.215.69 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.215.204.35.bc.googleusercontent.com
Software
/
Resource Hash
5fe8122cd5b020f9438bcf8396e4d91696397cbcb9d4247ce4c8b5201dc9ae2a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4077
content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Tue, 15 Oct 2024 17:09:52 GMT
etag
W/"fed-8iiTyOOMb5ebY5EcrSTjDlKFyUY"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
estivo.7f7f558569a5537c9f047dab4923446c7dd3eb28a240755deae077e3613ce1e9.css
cdn-est-cms.maxxton.net/webmanager/styles/themes/estivo/ 		2 MB
109 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/webmanager/styles/themes/estivo/estivo.7f7f558569a5537c9f047dab4923446c7dd3eb28a240755deae077e3613ce1e9.css
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
3a66cf6f0b1c78a326faaec4fbe57e759d1319473625fc5d61b32b1ea85e75da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"1b290-e2Y2xWEnsk4g27JTCtG29empVQA"
age
121995
x-content-type-options
nosniff
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111248
x-xss-protection
1; mode=block
date
Mon, 14 Oct 2024 07:16:37 GMT
content-type
text/css; charset=utf-8
x-frame-options
SAMEORIGIN
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
431164
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ETwgwOZf4jLincceC50SCySAfB%2FFIschPfB5Zp6vsreaJVloHV4IJPUYb9VkYuiOIjtq0F08urXEwYVO5DX46HizeHUEnn3piAe%2Bq0bXDvWoZvll8sLprqamu4yHUy73dIj0ixN"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 17:09:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 17:09:52 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d316b5b8f250b42-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400|Roboto+Condensed:300,400|Ubuntu
Requested by
Host: cdn-est-cms.maxxton.net
URL: https://cdn-est-cms.maxxton.net/webmanager/styles/themes/estivo/estivo.7f7f558569a5537c9f047dab4923446c7dd3eb28a240755deae077e3613ce1e9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02ab3288fa5088785ffd46a49289a2ede1235997b61d822f1c01ac9d6d914642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cdn-est-cms.maxxton.net/webmanager/styles/themes/estivo/estivo.7f7f558569a5537c9f047dab4923446c7dd3eb28a240755deae077e3613ce1e9.css

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 15 Oct 2024 17:09:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 17:09:52 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 15 Oct 2024 17:09:52 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		14 KB
831 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn-est-cms.maxxton.net
URL: https://cdn-est-cms.maxxton.net/webmanager/styles/themes/estivo/estivo.7f7f558569a5537c9f047dab4923446c7dd3eb28a240755deae077e3613ce1e9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cdn-est-cms.maxxton.net/webmanager/styles/themes/estivo/estivo.7f7f558569a5537c9f047dab4923446c7dd3eb28a240755deae077e3613ce1e9.css

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 15 Oct 2024 17:09:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 17:09:53 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 15 Oct 2024 15:31:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		322 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PZVM567V
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b14d7b8af5ce0d83f5bee7cf7c89f85dc9139292a3d7dbaca8da16ef15e4022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 15 Oct 2024 17:09:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 17:09:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 15 Oct 2024 16:35:27 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104730
x-xss-protection
0
server
Google Tag Manager
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

x-goog-metageneration
2
content-encoding
gzip
x-goog-hash
crc32c=rciEWw==, md5=Ay7nz7moeiyGH/GIFXVIQg==
etag
"032ee7cfb9a87a2c861ff18815754842"
age
542
x-goog-stored-content-encoding
gzip
expires
Tue, 15 Oct 2024 17:10:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
19057
date
Tue, 15 Oct 2024 17:00:53 GMT
last-modified
Tue, 27 Aug 2024 18:10:17 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY1n9tUwKtWjZbtulqad-8poimfVViONSd-Kg2yaDyVGcKLwjINx6m8cVDZP0txkOwGDkSU
cache-control
public,max-age=600
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724782217794014
content-length
19057
server
UploadServer
d577061059f4747b087c230c40e419e2aa39171c08a17ae235409410702a32b2
cdn-est-cms.maxxton.net/page-cms-api-cache/ 		14 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/page-cms-api-cache/d577061059f4747b087c230c40e419e2aa39171c08a17ae235409410702a32b2?pageUrl=http%3A%2F%2Fsecure.estivotravel.com%2F%3F
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c4abe35770edd04241283b7a4bb01f292ecc453fe729103032cb0524d1f0e742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

access-control-max-age
1728000
content-encoding
gzip
etag
W/"e4e-9a3nesFikUG6UKaiV20+D+mZxFo"
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 17:09:55 GMT
content-type
text/html; charset=utf-8
access-control-allow-headers
x-csrf-token,authorization,content-type,accept,origin,x-requested-with,access-control-allow-origin,pragma,cache-control,user-agent,expires,referer,mxtsdataaccesskeys
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
access-control-allow-origin
https://secure.estivotravel.com
content-length
3662
x-xss-protection
1; mode=block
/
cdn-est-cms.maxxton.net/page-mxts-api-cache/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/page-mxts-api-cache/?pageUrl=http%3A%2F%2Fsecure.estivotravel.com%2F%3F
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0373d03fb4db674510fae640d2dfd7291c0ab90daf898d2a059c56a5caef27ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

access-control-max-age
1728000
content-encoding
gzip
etag
W/"6e1-vtLLNgDCk84vjmxESb8iRuYcaw8"
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 17:09:55 GMT
content-type
text/html; charset=utf-8
access-control-allow-headers
x-csrf-token,authorization,content-type,accept,origin,x-requested-with,access-control-allow-origin,pragma,cache-control,user-agent,expires,referer,mxtsdataaccesskeys
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300, stale-while-revalidate=600, stale-if-error=600
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
access-control-allow-origin
https://secure.estivotravel.com
content-length
1761
x-xss-protection
1; mode=block
moment.8dc8f38672e0cde85cdc.js
cdn-est-cms.maxxton.net/webmanager/js/ 		287 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/webmanager/js/moment.8dc8f38672e0cde85cdc.js
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a09547b20800a61dd3ec8fcee408469b103e9a875edda6007d663f0c59e1b323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
age
123311
x-content-type-options
nosniff
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57174
x-xss-protection
1; mode=block
date
Mon, 14 Oct 2024 06:54:44 GMT
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
reactstrap.21bc76748f795260a606.js
cdn-est-cms.maxxton.net/webmanager/js/ 		76 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/webmanager/js/reactstrap.21bc76748f795260a606.js
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e9270b95efa4f28df3f0ae71e238d44e58a00e770cbe17a2b0a243350812869b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
age
123311
x-content-type-options
nosniff
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16319
x-xss-protection
1; mode=block
date
Mon, 14 Oct 2024 06:54:44 GMT
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
material-ui.6107f86a62ed534445b7.js
cdn-est-cms.maxxton.net/webmanager/js/ 		159 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/webmanager/js/material-ui.6107f86a62ed534445b7.js
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
7ddf446011f5d791a988bf53a4400d2f7c4ae354105c700a859aa39468f806d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
age
123311
x-content-type-options
nosniff
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42374
x-xss-protection
1; mode=block
date
Mon, 14 Oct 2024 06:54:44 GMT
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
lodash.0c5b03071301a6140693.js
cdn-est-cms.maxxton.net/webmanager/js/ 		116 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/webmanager/js/lodash.0c5b03071301a6140693.js
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
f7ab0a88355e2148c2cf620e6b01db47503afcdd4ee67d9d01f7910a3da75666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
age
123311
x-content-type-options
nosniff
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31608
x-xss-protection
1; mode=block
date
Mon, 14 Oct 2024 06:54:44 GMT
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
redux.4d4f8d00435439cc9e19.js
cdn-est-cms.maxxton.net/webmanager/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/webmanager/js/redux.4d4f8d00435439cc9e19.js
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
978c433012a1b76d3153422e38f38bc9b3e8f8755d56563de6596583a1b47cea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
age
123311
x-content-type-options
nosniff
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5281
x-xss-protection
1; mode=block
date
Mon, 14 Oct 2024 06:54:44 GMT
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
vendors.602ffcfa1e2244c2b6dd.js
cdn-est-cms.maxxton.net/webmanager/js/ 		2 MB
366 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/webmanager/js/vendors.602ffcfa1e2244c2b6dd.js
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
550f5019df21e5a9dfb08d296d5e1af21af8d370b6de3f092636c32ab2ba58a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
age
123311
x-content-type-options
nosniff
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
date
Mon, 14 Oct 2024 06:54:44 GMT
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
app.13f43f69bdf232b00082.js
cdn-est-cms.maxxton.net/webmanager/js/ 		2 MB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/webmanager/js/app.13f43f69bdf232b00082.js
Requested by
Host: secure.estivotravel.com
URL: https://secure.estivotravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
04f25b5871ac6c4d082937c41db6a005c755ad0812f705e2cfebcfb67fb00c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
age
123311
x-content-type-options
nosniff
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246961
x-xss-protection
1; mode=block
date
Mon, 14 Oct 2024 06:54:44 GMT
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
locales
secure.estivotravel.com/api/v1/ 		1 KB
677 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.estivotravel.com/api/v1/locales?
Requested by
Host: cdn-est-cms.maxxton.net
URL: https://cdn-est-cms.maxxton.net/webmanager/js/vendors.602ffcfa1e2244c2b6dd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.215.69 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.215.204.35.bc.googleusercontent.com
Software
/
Resource Hash
60fb7a68206b9d481d309bbca1386a6b97656b10644a0ac192bb368df4a0f712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Referer
https://secure.estivotravel.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Pragma
no-cache

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
date
Tue, 15 Oct 2024 17:09:56 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
uc.js
consent.cookiebot.com/ 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=2901be96-e28a-4a30-8b33-e0d10e552ac9&implementation=gtm&consentmode-dataredaction=dynamic&culture=com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZVM567V
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=366
content-encoding
gzip
etag
"42d4c62e8219db1:0"
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires
Tue, 15 Oct 2024 17:16:02 GMT
accept-ranges
bytes
content-length
34533
date
Tue, 15 Oct 2024 17:09:56 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 13:01:25 GMT
vary
Accept-Encoding
chunk.5965.9bfd83a57c9c30df2cc1.js
cdn-est-cms.maxxton.net/webmanager/js/ 		241 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/webmanager/js/chunk.5965.9bfd83a57c9c30df2cc1.js
Requested by
Host: cdn-est-cms.maxxton.net
URL: https://cdn-est-cms.maxxton.net/webmanager/js/app.13f43f69bdf232b00082.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6ec15d0c501d97f3cadc7d9e7b8c6dcb58fd9d52c1a3c8423c7dd0230f8c4a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
age
121998
x-content-type-options
nosniff
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63057
x-xss-protection
1; mode=block
date
Mon, 14 Oct 2024 07:16:38 GMT
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
chunk.page.bdd1e4d4b6c59c5bbc4b.js
cdn-est-cms.maxxton.net/webmanager/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-est-cms.maxxton.net/webmanager/js/chunk.page.bdd1e4d4b6c59c5bbc4b.js
Requested by
Host: cdn-est-cms.maxxton.net
URL: https://cdn-est-cms.maxxton.net/webmanager/js/app.13f43f69bdf232b00082.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.228.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.228.160.34.bc.googleusercontent.com
Software
/
Resource Hash
f0bf0ff032dde2ed21082178b11386b469b9123bb7e688cb7fd6a416aaf9fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
age
122024
x-content-type-options
nosniff
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2383
x-xss-protection
1; mode=block
date
Mon, 14 Oct 2024 07:16:12 GMT
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 9268 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=2901be96-e28a-4a30-8b33-e0d10e552ac9&implementation=gtm&consentmode-dataredaction=dynamic&culture=com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://secure.estivotravel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 15 Oct 2024 17:09:56 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Wed, 15 Oct 2025 17:09:56 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1729012196887_388276618_709891835_20_894_31_33_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/2901be96-e28a-4a30-8b33-e0d10e552ac9/ 		379 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/2901be96-e28a-4a30-8b33-e0d10e552ac9/cc.js?renew=false&referer=secure.estivotravel.com&dnt=false&init=false&culture=com
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=2901be96-e28a-4a30-8b33-e0d10e552ac9&implementation=gtm&consentmode-dataredaction=dynamic&culture=com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
55cc09b362cdc6f68a6a1545769fdf582a76591ef7cd12084019bafbbc1b4d4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

cache-control
private, max-age=60
access-control-expose-headers
Request-Context
content-encoding
gzip
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length
367
date
Tue, 15 Oct 2024 17:09:56 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
66c352990151743adb1deba8
secure.estivotravel.com/api/v1/locale/id/ 		240 B
477 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.estivotravel.com/api/v1/locale/id/66c352990151743adb1deba8?
Requested by
Host: cdn-est-cms.maxxton.net
URL: https://cdn-est-cms.maxxton.net/webmanager/js/vendors.602ffcfa1e2244c2b6dd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.215.69 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.215.204.35.bc.googleusercontent.com
Software
/
Resource Hash
55a0e8013bfc9f1c95dbfe34bc289826ab43ef65425d4bfa729156637ade2707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Referer
https://secure.estivotravel.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Pragma
no-cache

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
date
Tue, 15 Oct 2024 17:09:56 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
66c3529901517410391deba5
secure.estivotravel.com/api/v1/locale/id/ 		243 B
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.estivotravel.com/api/v1/locale/id/66c3529901517410391deba5?
Requested by
Host: cdn-est-cms.maxxton.net
URL: https://cdn-est-cms.maxxton.net/webmanager/js/vendors.602ffcfa1e2244c2b6dd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.215.69 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.215.204.35.bc.googleusercontent.com
Software
/
Resource Hash
9a87d847d82ac6353ac56d1c4e268b6239fa275e3414bb7b59c301a5d3a428bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Referer
https://secure.estivotravel.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Pragma
no-cache

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
date
Tue, 15 Oct 2024 17:09:56 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
66c3529901517420ee1deba7
secure.estivotravel.com/api/v1/locale/id/ 		238 B
467 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.estivotravel.com/api/v1/locale/id/66c3529901517420ee1deba7?
Requested by
Host: cdn-est-cms.maxxton.net
URL: https://cdn-est-cms.maxxton.net/webmanager/js/vendors.602ffcfa1e2244c2b6dd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.215.69 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.215.204.35.bc.googleusercontent.com
Software
/
Resource Hash
b5d2885b4c155ab510656aa06ac72d8955ab7dabdb5486b6c16864a28bb3dbe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Referer
https://secure.estivotravel.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Pragma
no-cache

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
date
Tue, 15 Oct 2024 17:09:56 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
66c3529901517403821deba6
secure.estivotravel.com/api/v1/locale/id/ 		238 B
478 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.estivotravel.com/api/v1/locale/id/66c3529901517403821deba6?
Requested by
Host: cdn-est-cms.maxxton.net
URL: https://cdn-est-cms.maxxton.net/webmanager/js/vendors.602ffcfa1e2244c2b6dd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.215.69 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.215.204.35.bc.googleusercontent.com
Software
/
Resource Hash
5de1fd86f8a8e672a31a23869eb208fa22468aca4b2d8afad6b7073cfd6d4291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Referer
https://secure.estivotravel.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Pragma
no-cache

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
*
date
Tue, 15 Oct 2024 17:09:56 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
log-data
secure.estivotravel.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.estivotravel.com/log-data
Requested by
Host: cdn-est-cms.maxxton.net
URL: https://cdn-est-cms.maxxton.net/webmanager/js/app.13f43f69bdf232b00082.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.215.69 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.215.204.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Allow-Origin
*
Referer
https://secure.estivotravel.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Access-Control-Allow-Headers
X-Requested-With

Response headers

access-control-allow-headers
x-csrf-token,authorization,content-type,accept,origin,x-requested-with,access-control-allow-origin,pragma,cache-control,user-agent,expires,referer,mxtsdataaccesskeys
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
1728000
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
access-control-allow-credentials
true
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://secure.estivotravel.com
content-length
0
date
Tue, 15 Oct 2024 17:09:57 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
1.gif
imgsct.cookiebot.com/ 		35 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsct.cookiebot.com/1.gif?dgi=2901be96-e28a-4a30-8b33-e0d10e552ac9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

x-goog-metageneration
1
Access-Control-Expose-Headers
*
x-goog-hash
crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
ETag
"c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
35
Date
Tue, 15 Oct 2024 17:09:57 GMT
Last-Modified
Mon, 23 Oct 2023 11:39:32 GMT
Content-Type
image/gif
X-GUploader-UploadID
AHmUCY1xrFQC8Oxyh_ujbNnP8bg_Dsid1wjVIc_bF53zhPpz3BIB5k4srLQN3JNurYWFXMHIsjCqlPcSBw
Cache-Control
public,max-age=1800
x-goog-storage-class
STANDARD
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
x-goog-generation
1698061172769999
Content-Length
35
Server
UploadServer
116-32001.png
newyse-res.cloudinary.com/image/upload/t_mcms_favicon/f_auto/v1726669808/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://newyse-res.cloudinary.com/image/upload/t_mcms_favicon/f_auto/v1726669808/116-32001.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
5e5290ee4e27648bc9fb675f46ce73a66edc030bc24c347e6f99b5565c154b5e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

x-request-id
2dee8e2509750620f77d1153db397ce8
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag
"7307b65fb9de2f221e38b7ec5432fb65"
x-content-type-options
nosniff
server-timing
cld-akam;dur=7;start=2024-10-15T17:09:57.402Z;desc=hit,rtt;dur=25,content-info;desc="width=160,height=160,bytes=2452,owidth=64,oheight=64,obytes=1657,ef=(1,11,13,17,97)"
date
Tue, 15 Oct 2024 17:09:57 GMT
content-type
image/webp
content-disposition
inline; filename="116-32001.webp"
vary
Accept,User-Agent
last-modified
Wed, 18 Sep 2024 14:30:50 GMT
strict-transport-security
max-age=604800
cache-control
private, no-transform, immutable, max-age=31536000
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
2452
server
Cloudinary
116-32001.png
newyse-res.cloudinary.com/image/upload/t_mcms_favicon/f_auto/v1726669808/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://newyse-res.cloudinary.com/image/upload/t_mcms_favicon/f_auto/v1726669808/116-32001.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
5e5290ee4e27648bc9fb675f46ce73a66edc030bc24c347e6f99b5565c154b5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

x-request-id
2dee8e2509750620f77d1153db397ce8
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag
"7307b65fb9de2f221e38b7ec5432fb65"
x-content-type-options
nosniff
server-timing
cld-akam;dur=7;start=2024-10-15T17:09:57.402Z;desc=hit,rtt;dur=25,content-info;desc="width=160,height=160,bytes=2452,owidth=64,oheight=64,obytes=1657,ef=(1,11,13,17,97)"
date
Tue, 15 Oct 2024 17:09:57 GMT
content-type
image/webp
content-disposition
inline; filename="116-32001.webp"
vary
Accept,User-Agent
last-modified
Wed, 18 Sep 2024 14:30:50 GMT
cache-control
private, no-transform, immutable, max-age=31536000
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
2452
server
Cloudinary
116-32001.png
newyse-res.cloudinary.com/image/upload/t_mcms_favicon/f_auto/v1726669808/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://newyse-res.cloudinary.com/image/upload/t_mcms_favicon/f_auto/v1726669808/116-32001.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
5e5290ee4e27648bc9fb675f46ce73a66edc030bc24c347e6f99b5565c154b5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.estivotravel.com/

Response headers

x-request-id
2dee8e2509750620f77d1153db397ce8
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag
"7307b65fb9de2f221e38b7ec5432fb65"
x-content-type-options
nosniff
server-timing
cld-akam;dur=7;start=2024-10-15T17:09:57.402Z;desc=hit,rtt;dur=25,content-info;desc="width=160,height=160,bytes=2452,owidth=64,oheight=64,obytes=1657,ef=(1,11,13,17,97)"
date
Tue, 15 Oct 2024 17:09:57 GMT
content-type
image/webp
content-disposition
inline; filename="116-32001.webp"
vary
Accept,User-Agent
last-modified
Wed, 18 Sep 2024 14:30:50 GMT
cache-control
private, no-transform, immutable, max-age=31536000
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
2452
server
Cloudinary

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| mixpanel function| loadWebmanager object| cmsConfig object| cmsOptions string| version string| releaseTimeStamp string| hash string| renderHash string| pageUrl object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime function| _ function| setImmediate function| clearImmediate object| __mcms object| google_tag_manager object| google_tag_data number| gtmPageLoadId object| mxtsDataAccessTokenManager object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent string| cookiedomainwarning object| mcmsActivePageManager

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-est-cms.maxxton.net
cdn.mxpnl.com
cdnjs.cloudflare.com
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
imgsct.cookiebot.com
newyse-res.cloudinary.com
secure.estivotravel.com
www.googletagmanager.com
104.17.24.14
2600:1901:0:bc29::
2a00:1450:4001:81d::2008
2a00:1450:4001:831::200a
2a02:26f0:3500:18::1724:a29d
2a02:26f0:3500:880::523
2a02:26f0:3500:886::f09
2a02:26f0:3500:887::f09
34.160.228.48
35.204.215.69
02ab3288fa5088785ffd46a49289a2ede1235997b61d822f1c01ac9d6d914642
0373d03fb4db674510fae640d2dfd7291c0ab90daf898d2a059c56a5caef27ef
04f25b5871ac6c4d082937c41db6a005c755ad0812f705e2cfebcfb67fb00c0b
3a66cf6f0b1c78a326faaec4fbe57e759d1319473625fc5d61b32b1ea85e75da
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996
550f5019df21e5a9dfb08d296d5e1af21af8d370b6de3f092636c32ab2ba58a4
55a0e8013bfc9f1c95dbfe34bc289826ab43ef65425d4bfa729156637ade2707
55cc09b362cdc6f68a6a1545769fdf582a76591ef7cd12084019bafbbc1b4d4d
5de1fd86f8a8e672a31a23869eb208fa22468aca4b2d8afad6b7073cfd6d4291
5e5290ee4e27648bc9fb675f46ce73a66edc030bc24c347e6f99b5565c154b5e
5fe8122cd5b020f9438bcf8396e4d91696397cbcb9d4247ce4c8b5201dc9ae2a
60fb7a68206b9d481d309bbca1386a6b97656b10644a0ac192bb368df4a0f712
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b14d7b8af5ce0d83f5bee7cf7c89f85dc9139292a3d7dbaca8da16ef15e4022
6ec15d0c501d97f3cadc7d9e7b8c6dcb58fd9d52c1a3c8423c7dd0230f8c4a84
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ddf446011f5d791a988bf53a4400d2f7c4ae354105c700a859aa39468f806d7
978c433012a1b76d3153422e38f38bc9b3e8f8755d56563de6596583a1b47cea
9a87d847d82ac6353ac56d1c4e268b6239fa275e3414bb7b59c301a5d3a428bd
a09547b20800a61dd3ec8fcee408469b103e9a875edda6007d663f0c59e1b323
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5
b5d2885b4c155ab510656aa06ac72d8955ab7dabdb5486b6c16864a28bb3dbe2
c4abe35770edd04241283b7a4bb01f292ecc453fe729103032cb0524d1f0e742
e9270b95efa4f28df3f0ae71e238d44e58a00e770cbe17a2b0a243350812869b
f0bf0ff032dde2ed21082178b11386b469b9123bb7e688cb7fd6a416aaf9fd6b
f7ab0a88355e2148c2cf620e6b01db47503afcdd4ee67d9d01f7910a3da75666