URL: https://booking.belorus.lt/
Submission: On March 31 via automatic, source certstream-suspicious

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 195.181.246.30, located in Lithuania and belongs to RACKRAY UAB Rakrejus, LT. The main domain is booking.belorus.lt.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 31st 2020. Valid for: 3 months.
This is the only time booking.belorus.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 195.181.246.30 62282 (RACKRAY U...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 194.135.83.110 62282 (RACKRAY U...)
15 4
Domain Requested by
10 booking.belorus.lt booking.belorus.lt
3 www.google.com booking.belorus.lt
www.gstatic.com
1 belorus.bookingrobot.eu booking.belorus.lt
1 www.gstatic.com www.google.com
15 4

This site contains links to these domains. Also see Links.

Domain
www.belorus.lt
bookingrobot.eu
Subject Issuer Validity Valid
booking.belorus.lt
Let's Encrypt Authority X3
2020-01-31 -
2020-04-30
3 months crt.sh
www.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
belorus.bookingrobot.eu
Let's Encrypt Authority X3
2020-02-26 -
2020-05-26
3 months crt.sh

This page contains 3 frames:

Primary Page: https://booking.belorus.lt/
Frame ID: C9420CB9A8D03C006D758AE4F1E54917
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfR3k4UAAAAAD2uKnewYjd6OpdQ3N57VyeCkX5E&co=aHR0cHM6Ly9ib29raW5nLmJlbG9ydXMubHQ6NDQz&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=bp7sx5qvg5h5
Frame ID: 309C4914675AEB2B52000AC4C0B1B0FB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LfR3k4UAAAAAD2uKnewYjd6OpdQ3N57VyeCkX5E&cb=si503ksmpvp8
Frame ID: 169156C66174E54883B85912E91B6D11
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

641 kB
Transfer

1398 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
booking.belorus.lt/
123 KB
22 KB
Document
General
Full URL
https://booking.belorus.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.246.30 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
gui.ateisiu.lt
Software
nginx /
Resource Hash
37951259a29c9aede42b332f031905d2b542d5c2e272fd89da601e12a4ef5508
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Host
booking.belorus.lt
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, private
Date
Tue, 31 Mar 2020 21:08:11 GMT
Set-Cookie
XSRF-TOKEN=eyJpdiI6IlFvSVliQjVqUm9GYmFWeWRYWTZOUFE9PSIsInZhbHVlIjoiR0J0SDdrRk5jeG9cL2FBU3JnNW9SczFQT2V6U3krUUxTMWhiQ2J5bklvM2c3Y0VPZHB5eThWa1o3NlU4bHJ5a0EiLCJtYWMiOiJkYWRkY2U0NDhiOTQ5MjZmYzk4MDkxOGViZjVhODVjYjk5MjZjOGNkNzQ5ZWNhOGNhMjE4NzQzZWM5YmZiNmEzIn0%3D; expires=Tue, 31-Mar-2020 23:08:11 GMT; Max-Age=7200; path=/ laravel_session=ORirNeKlOvvOOxjv1ZvGAnJxoNZhYZ9COrxoTl06; expires=Tue, 31-Mar-2020 23:08:11 GMT; Max-Age=7200; path=/; httponly
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Encoding
gzip
app.css
booking.belorus.lt/css/theme1518958363/
567 KB
77 KB
Stylesheet
General
Full URL
https://booking.belorus.lt/css/theme1518958363/app.css?v=1584373212
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.246.30 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
gui.ateisiu.lt
Software
nginx /
Resource Hash
950ef658b664c158e3846f1d930ff9ff829ef0aee8ceda93517a4ffb7157da35
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Referer
https://booking.belorus.lt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 31 Mar 2020 21:08:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 16 Mar 2020 15:34:48 GMT
Server
nginx
ETag
W/"5e6f9c98-8dd02"
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Type
text/css
Cache-Control
max-age=691200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 08 Apr 2020 21:08:11 GMT
bundle.js
booking.belorus.lt/js/
363 KB
364 KB
Script
General
Full URL
https://booking.belorus.lt/js/bundle.js?v=1584373212
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.246.30 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
gui.ateisiu.lt
Software
nginx /
Resource Hash
293f42ddcb3a950c8cb5abb3ef324b1976ae541a0ef86930bb457d7dabefc1e4
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Referer
https://booking.belorus.lt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 21:08:11 GMT
Last-Modified
Mon, 16 Mar 2020 15:40:09 GMT
Server
nginx
ETag
"5e6f9dd9-5acfa"
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Type
application/javascript
Cache-Control
max-age=691200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
371962
Expires
Wed, 08 Apr 2020 21:08:11 GMT
logo.png
booking.belorus.lt/img/client1518958363/
19 KB
19 KB
Image
General
Full URL
https://booking.belorus.lt/img/client1518958363/logo.png?v=1535444537
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.246.30 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
gui.ateisiu.lt
Software
nginx /
Resource Hash
2c8d2250edbd372f795b6b2a84a2e0d0e17fd30b443999471eb4dc6bdbd73305
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Referer
https://booking.belorus.lt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 21:08:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 14 Feb 2020 09:48:36 GMT
Server
nginx
ETag
W/"5e466cf4-4af9"
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Type
image/png
Cache-Control
max-age=691200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 08 Apr 2020 21:08:11 GMT
dashed_arc.svg
booking.belorus.lt/img/
1 KB
965 B
Image
General
Full URL
https://booking.belorus.lt/img/dashed_arc.svg
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.246.30 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
gui.ateisiu.lt
Software
nginx /
Resource Hash
9998ae9b122ae1f944b9471727ce92cb0e77f821a108f8cd5bae01eb1d41fb7c
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Referer
https://booking.belorus.lt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 21:08:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 23 Mar 2018 13:16:11 GMT
Server
nginx
ETag
W/"5ab4fe1b-46f"
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Type
image/svg+xml
Cache-Control
max-age=691200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 08 Apr 2020 21:08:11 GMT
icon_gift_white.svg
booking.belorus.lt/img/
2 KB
1 KB
Image
General
Full URL
https://booking.belorus.lt/img/icon_gift_white.svg
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.246.30 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
gui.ateisiu.lt
Software
nginx /
Resource Hash
e173262056f21034d7de0f2b04f40bc0979f5f0a5ff8193b8bae6123e2c83071
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Referer
https://booking.belorus.lt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 21:08:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 23 Mar 2018 13:16:07 GMT
Server
nginx
ETag
W/"5ab4fe17-8af"
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Type
image/svg+xml
Cache-Control
max-age=691200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 08 Apr 2020 21:08:11 GMT
icon_vm.png
booking.belorus.lt/img/
26 KB
26 KB
Image
General
Full URL
https://booking.belorus.lt/img/icon_vm.png
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.246.30 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
gui.ateisiu.lt
Software
nginx /
Resource Hash
a56ecf875686c21edcae0d526465e95031e853ba9efed3f9662d5a3dfa3f6571
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Referer
https://booking.belorus.lt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 21:08:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 23 Mar 2018 13:16:10 GMT
Server
nginx
ETag
W/"5ab4fe1a-693c"
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Type
image/png
Cache-Control
max-age=691200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 08 Apr 2020 21:08:11 GMT
api.js
www.google.com/recaptcha/
733 B
559 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f1340acf0fdf535c81277458a6513993f03fe86c0d6bc1d4ad0181508a2edb3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.belorus.lt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 31 Mar 2020 21:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
465
x-xss-protection
1; mode=block
expires
Tue, 31 Mar 2020 21:08:11 GMT
bricons.woff
booking.belorus.lt/css/fonts/bricons/
18 KB
18 KB
Font
General
Full URL
https://booking.belorus.lt/css/fonts/bricons/bricons.woff?v=1035
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.246.30 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
gui.ateisiu.lt
Software
nginx /
Resource Hash
93f293b4106c76ab8f557f530ed7fc743d781985334d3592c479c992ceec4a70
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Referer
https://booking.belorus.lt/css/theme1518958363/app.css?v=1584373212
Origin
https://booking.belorus.lt
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 21:08:11 GMT
Last-Modified
Tue, 05 Nov 2019 11:14:46 GMT
Server
nginx
ETag
"5dc159a6-48b8"
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18616
recaptcha__en.js
www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/
259 KB
93 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8750509f5a4895bc45c5d3cbc3e3892a09d34e3463fcacdde920882eed78be8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.belorus.lt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 16:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Mar 2020 04:05:21 GMT
server
sffe
age
102496
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
94752
x-xss-protection
0
expires
Tue, 30 Mar 2021 16:39:55 GMT
cart
booking.belorus.lt/api/v2/
45 B
568 B
XHR
General
Full URL
https://booking.belorus.lt/api/v2/cart?refresh=true
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/js/bundle.js?v=1584373212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.246.30 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
gui.ateisiu.lt
Software
nginx /
Resource Hash
10793bbf70e5b3dcfa111aa712a9573a065efe772e3b230af971d4b83dbfd368
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://booking.belorus.lt/
Sec-Fetch-Dest
empty
X-CSRF-TOKEN
O2eNwvY0OF7TTjgChmQeSTkc9iUvSK4Q96gdYUx3
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 21:08:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Type
text/html; charset=UTF-8
X-RateLimit-Remaining
59
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-RateLimit-Limit
60
Connection
keep-alive
islogin
belorus.bookingrobot.eu/admin/login/
31 B
600 B
Script
General
Full URL
https://belorus.bookingrobot.eu/admin/login/islogin?jsonp=1&_dc=1585688891&callback=jsonp_callback&_=1585688891813
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/js/bundle.js?v=1584373212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.135.83.110 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
backend.ateisiu.lt
Software
nginx/1.12.1 /
Resource Hash
34ade8e267dd7c1ea60b51a4396c0ef40810bd602d1edd27d176844ef32fa165
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Referer
https://booking.belorus.lt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Tue, 31 Mar 2020 21:08:12 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Type
application/json
Keep-Alive
timeout=2
Expires
Thu, 19 Nov 1981 08:52:00 GMT
glyphicons-halflings-regular.woff2
booking.belorus.lt/css/fonts/bootstrap/
18 KB
18 KB
Font
General
Full URL
https://booking.belorus.lt/css/fonts/bootstrap/glyphicons-halflings-regular.woff2
Requested by
Host: booking.belorus.lt
URL: https://booking.belorus.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.246.30 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
gui.ateisiu.lt
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubdomains

Request headers

Referer
https://booking.belorus.lt/css/theme1518958363/app.css?v=1584373212
Origin
https://booking.belorus.lt
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 21:08:11 GMT
Last-Modified
Fri, 23 Mar 2018 13:16:10 GMT
Server
nginx
ETag
"5ab4fe1a-466c"
Strict-Transport-Security
max-age=604800; includeSubdomains
Content-Type
application/font-woff2
Cache-Control
max-age=691200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18028
Expires
Wed, 08 Apr 2020 21:08:11 GMT
anchor
www.google.com/recaptcha/api2/ Frame 309C
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfR3k4UAAAAAD2uKnewYjd6OpdQ3N57VyeCkX5E&co=aHR0cHM6Ly9ib29raW5nLmJlbG9ydXMubHQ6NDQz&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=bp7sx5qvg5h5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T6xew7Zmjc8wLk2ETD8jeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfR3k4UAAAAAD2uKnewYjd6OpdQ3N57VyeCkX5E&co=aHR0cHM6Ly9ib29raW5nLmJlbG9ydXMubHQ6NDQz&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=bp7sx5qvg5h5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://booking.belorus.lt/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://booking.belorus.lt/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 31 Mar 2020 21:08:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-T6xew7Zmjc8wLk2ETD8jeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10130
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
bframe
www.google.com/recaptcha/api2/ Frame 1691
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LfR3k4UAAAAAD2uKnewYjd6OpdQ3N57VyeCkX5E&cb=si503ksmpvp8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fbODtF4CIPjxwPj8rczwDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LfR3k4UAAAAAD2uKnewYjd6OpdQ3N57VyeCkX5E&cb=si503ksmpvp8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://booking.belorus.lt/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://booking.belorus.lt/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 31 Mar 2020 21:08:12 GMT
content-security-policy
script-src 'report-sample' 'nonce-fbODtF4CIPjxwPj8rczwDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1181
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| auto_expire_reservation_minutes function| stickyOptions function| stickySide function| Interval function| trim function| validateEmail function| validatePhone function| validate function| countChar object| rcaptcha_ids function| onloadCallback number| breakpoint object| gtm object| gae object| bookingrobot object| br function| $ function| jQuery object| jQuery112105218117993823534 object| noUiSlider function| Picker function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| Cookiebot object| translations object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| jsonp_callback undefined| standalone string| userAgent boolean| safari boolean| ios object| recaptcha object| closure_lm_361785

2 Cookies

Domain/Path Name / Value
booking.belorus.lt/ Name: laravel_session
Value: ORirNeKlOvvOOxjv1ZvGAnJxoNZhYZ9COrxoTl06
booking.belorus.lt/ Name: XSRF-TOKEN
Value: eyJpdiI6IlFvSVliQjVqUm9GYmFWeWRYWTZOUFE9PSIsInZhbHVlIjoiR0J0SDdrRk5jeG9cL2FBU3JnNW9SczFQT2V6U3krUUxTMWhiQ2J5bklvM2c3Y0VPZHB5eThWa1o3NlU4bHJ5a0EiLCJtYWMiOiJkYWRkY2U0NDhiOTQ5MjZmYzk4MDkxOGViZjVhODVjYjk5MjZjOGNkNzQ5ZWNhOGNhMjE4NzQzZWM5YmZiNmEzIn0%3D

2 Console Messages

Source Level URL
Text
console-api info URL: https://booking.belorus.lt/js/bundle.js?v=1584373212(Line 1)
Message:
[INFO] BookingRobot has started
console-api log URL: https://booking.belorus.lt/js/bundle.js?v=1584373212(Line 1)
Message:
enterBreakpoint992

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=604800; includeSubdomains