urlscan.io logo urlscan.io
SecurityTrails logo

careers.revolutiontravel.ca Open in urlscan Pro
45.154.204.154  Public Scan

Go To Rescan Add Verdict Report
URL: https://careers.revolutiontravel.ca/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 16 via api from IT — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 19 HTTP transactions. The main IP is 45.154.204.154, located in Montreal, Canada and belongs to ONEPROVIDER-AS BrainStorm Network, Inc, CA. The main domain is careers.revolutiontravel.ca.
TLS certificate: Issued by R10 on November 16th 2024. Valid for: 3 months.
This is the only time careers.revolutiontravel.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 45.154.204.154 136258 (ONEPROVID...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 52.217.227.128 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
19 8
7    45.154.204.154 (Montreal, Canada)

ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA)
careers.revolutiontravel.ca
1    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:4400::ac40:9251 (United States)

ASN13335 (CLOUDFLARENET, US)
calendly.com
3    2606:4700:3036::6815:5a80 (United States)

ASN13335 (CLOUDFLARENET, US)
randomuser.me
2    52.217.227.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
7 revolutiontravel.ca
careers.revolutiontravel.ca
532 KB
3 randomuser.me
randomuser.me — Cisco Umbrella Rank: 201556
16 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
215 B
2 amazonaws.com
s3.amazonaws.com
704 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 calendly.com
calendly.com — Cisco Umbrella Rank: 11868
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
102 KB
19 8
Domain Requested by
7 careers.revolutiontravel.ca careers.revolutiontravel.ca
3 randomuser.me careers.revolutiontravel.ca
2 www.facebook.com careers.revolutiontravel.ca
2 s3.amazonaws.com careers.revolutiontravel.ca
2 connect.facebook.net careers.revolutiontravel.ca
connect.facebook.net
1 www.google-analytics.com www.googletagmanager.com
1 calendly.com careers.revolutiontravel.ca
1 www.googletagmanager.com careers.revolutiontravel.ca
19 8

This site contains links to these domains. Also see Links.

Domain
www.revolutiontravel.ca
www.facebook.com
www.instagram.com
www.tiktok.com
Subject Issuer Validity Valid
careers.revolutiontravel.ca
R10		 2024-11-16 -
2025-02-14		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-26 -
2024-11-24		 3 months crt.sh
calendly.com
WE1		 2024-10-25 -
2025-01-23		 3 months crt.sh
randomuser.me
WE1		 2024-10-25 -
2025-01-23		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-09-18 -
2025-09-16		 a year crt.sh

This page contains 2 frames:

Primary Page: https://careers.revolutiontravel.ca/
Frame ID: 20E81B9EBB29130F067433D91BEDE567
Requests: 18 HTTP requests in this frame

Frame: https://calendly.com/sean-revolutiontravel/30min?embed_type=Inline&embed_domain=1
Frame ID: 73D1F811E02ACF15D5926DE3799AF637
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Revolution Travel

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

19
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

1429 kB
Transfer

2711 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
careers.revolutiontravel.ca/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://careers.revolutiontravel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d7d5ef79a08aaa9b34b7bc0877571667d707e1a045c6b13251cf93f5c18faf3b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
837
Content-Type
text/html
Date
Sat, 16 Nov 2024 23:40:59 GMT
ETag
"61b-6227e31c9a889-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 19 Sep 2024 19:47:36 GMT
Server
Apache/2.4.41 (Ubuntu)
Upgrade
h2,h2c
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		294 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CPL3QRQW6G
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7bd0c547567a3e076dd010ad6c0c3498849620d7ef9067bdb78630c1d88cc9dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 23:40:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 23:40:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103318
x-xss-protection
0
server
Google Tag Manager
main.7586a3cc.js
careers.revolutiontravel.ca/static/js/ 		196 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careers.revolutiontravel.ca/static/js/main.7586a3cc.js
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fbaa3484eb9c2ead0a1821dc3e2ccc3d87ec49f8ff349ae221ddabdd861a39b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
"311fe-6227e31c9b829-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Date
Sat, 16 Nov 2024 23:40:59 GMT
Last-Modified
Thu, 19 Sep 2024 19:47:36 GMT
Vary
Accept-Encoding
Server
Apache/2.4.41 (Ubuntu)
Content-Type
application/javascript
main.6e2330bd.css
careers.revolutiontravel.ca/static/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://careers.revolutiontravel.ca/static/css/main.6e2330bd.css
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cc5061bce1e94dbc726494edce12f2b2f34da868e109427980e3ca547f992fbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

Content-Encoding
gzip
ETag
"476b-6227e31c9b829-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4599
Keep-Alive
timeout=5, max=98
Date
Sat, 16 Nov 2024 23:40:59 GMT
Last-Modified
Thu, 19 Sep 2024 19:47:36 GMT
Vary
Accept-Encoding
Server
Apache/2.4.41 (Ubuntu)
Content-Type
text/css
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-WaWIMZXN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 23:40:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-WaWIMZXN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=5690, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
I4tCwp1kD/k+Q8VvZJnMBBc8Rd8afDydiCGekbLAQR55pGgj3iLY6j2Ohycpc0wGZwgI75q7tslKjb+FEOpXcQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
30min
calendly.com/sean-revolutiontravel/ Frame 73D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://calendly.com/sean-revolutiontravel/30min?embed_type=Inline&embed_domain=1
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/static/js/main.7586a3cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://careers.revolutiontravel.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e3b544a7a854301-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 16 Nov 2024 23:41:00 GMT
link
<https://assets.calendly.com/assets/booking/css/booking-22b9e309.css>; rel=preload; as=style; nopush
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-request-id
d61a4bb33648395f0f76763b24362d32
x-runtime
0.221254
1.jpg
randomuser.me/api/portraits/men/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomuser.me/api/portraits/men/1.jpg
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5a80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f6209ae26207ebe11c243a659f0e5e15a0a48232261ecf3c05211a40af2225

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

cf-cache-status
HIT
etag
"62c38589-e0e"
age
282070
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNA%2FpyaDjaZSe3fZdzemZNjQir9m63iEZg4xsiByE2a%2Bt1y4B%2FyQO6V2njiaCzsMQzRpSZlBcvzm7iNiVLG5cte8fYEmg3ljXqqQFFdbUgSHkFWbVpBhDn7DWwZlF6cWWbciwqPEkVRYgLjJ"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 17:19:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36704&sent=16&recv=9&lost=0&retrans=0&sent_bytes=9672&recv_bytes=4985&delivery_rate=81907&cwnd=12000&unsent_bytes=0&cid=194d548f2ed6c94d&ts=63&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 23:40:59 GMT
content-type
image/jpeg
last-modified
Tue, 05 Jul 2022 00:27:53 GMT
vary
Accept-Encoding
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b544a3e3143b0-EWR
accept-ranges
bytes
content-length
3598
server
cloudflare
2.jpg
randomuser.me/api/portraits/men/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomuser.me/api/portraits/men/2.jpg
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5a80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
716cfb40836039a4e9e34d89320b6398ba7871ea7882e32b7397029586f6dda7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

cf-cache-status
HIT
etag
"62c38589-125d"
age
1273842
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SWPGKcAkvX9s2OXFMFhKpO8phTQ8dBz3g9sGNC%2BAaqGXFKLNk%2Fo4p9vZjNOagj6nalrlUuQnWdvKt5cAr8V0jqOU3RswPn6uvC3z4VCg3XPfy0B%2BN8eP26C%2B1ft2MmgiiDR3ZvwFxc1V8EkG"}],"group":"cf-nel","max_age":604800}
expires
Mon, 02 Dec 2024 05:50:17 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36704&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4985&delivery_rate=81907&cwnd=12000&unsent_bytes=0&cid=194d548f2ed6c94d&ts=62&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 23:40:59 GMT
content-type
image/jpeg
last-modified
Tue, 05 Jul 2022 00:27:53 GMT
vary
Accept-Encoding
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b544a4e3543b0-EWR
accept-ranges
bytes
content-length
4701
server
cloudflare
3.jpg
randomuser.me/api/portraits/men/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomuser.me/api/portraits/men/3.jpg
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5a80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cff4f892ece6dca0865313df96f11ac30e11b6dcbf3b9a86bad86a3049aa6e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

cf-cache-status
HIT
etag
"62c38589-15ff"
age
710859
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y80H77LGwc3aUeSLv6Uq1lJgAQjrM1L%2BALrRajt1sCOSWdQX5Y1aHYOxBTf2Z7GzxvcqFC3N4oYPncrGsI2H5AFJCYSzZG8O2WF33O9jXFwHq0nbcb5aJmsX20bcho0auEyf2bHra4bYx3S3"}],"group":"cf-nel","max_age":604800}
expires
Sun, 08 Dec 2024 18:13:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36704&sent=20&recv=9&lost=0&retrans=0&sent_bytes=14030&recv_bytes=4985&delivery_rate=81907&cwnd=12000&unsent_bytes=0&cid=194d548f2ed6c94d&ts=73&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 23:40:59 GMT
content-type
image/jpeg
last-modified
Tue, 05 Jul 2022 00:27:53 GMT
vary
Accept-Encoding
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b544a4e3743b0-EWR
accept-ranges
bytes
content-length
5631
server
cloudflare
Portugal.jpeg
careers.revolutiontravel.ca/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://careers.revolutiontravel.ca/Portugal.jpeg
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
63f3dfd5ecb3152b638aac6765b07f2015d93d1c18f0088293b97fa0e7c85a4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

ETag
"1dcf7-6227e3152b2a6"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
122103
Keep-Alive
timeout=5, max=97
Date
Sat, 16 Nov 2024 23:40:59 GMT
Last-Modified
Thu, 19 Sep 2024 19:47:28 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
Top100.jpeg
careers.revolutiontravel.ca/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://careers.revolutiontravel.ca/Top100.jpeg
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
022f69535a0effb4ab080da439b01ce7713de62353068a6ea69cbe445954188d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

Upgrade
h2,h2c
ETag
"2139f-6227e3152b2a6"
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Length
136095
Keep-Alive
timeout=5, max=100
Date
Sat, 16 Nov 2024 23:40:59 GMT
Last-Modified
Thu, 19 Sep 2024 19:47:28 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
VVHeadOffice.jpeg
careers.revolutiontravel.ca/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://careers.revolutiontravel.ca/VVHeadOffice.jpeg
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
50af97d25250423401125290f78ea242a467ba0528ec35256a47ca9347308a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

ETag
"1ca5f-6227e3152b2a6"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117343
Keep-Alive
timeout=5, max=96
Date
Sat, 16 Nov 2024 23:40:59 GMT
Last-Modified
Thu, 19 Sep 2024 19:47:28 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
Prima.jpeg
careers.revolutiontravel.ca/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://careers.revolutiontravel.ca/Prima.jpeg
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c4a174a91e1007ed9f38a83faeb924a9b0ae3b80dd94cc89728e648a50143da8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

ETag
"188ce-6227e3152b2a6"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
100558
Keep-Alive
timeout=5, max=99
Date
Sat, 16 Nov 2024 23:40:59 GMT
Last-Modified
Thu, 19 Sep 2024 19:47:28 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
smills.jpg
s3.amazonaws.com/ttand/uploads/users/logos/ 		703 KB
704 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/ttand/uploads/users/logos/smills.jpg
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.227.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e58fac3c62daf08aba94c8f57dc9072d8b57c99c0fe31562ff5ba9c1398c7ef7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

x-amz-id-2
cKmIBF8/9/cSvtLyE3fVwB2uDBj7X5qM7jDNdKINKAg9XdvoSUW4ZZfipehyyBN6Fm+OGrke0xA=
ETag
"49e364c880331e77aa73f8e54a1c12c8"
x-amz-request-id
YRXH6E8RZJ5JD1QK
Accept-Ranges
bytes
Content-Length
720029
Date
Sat, 16 Nov 2024 23:41:00 GMT
Last-Modified
Wed, 22 Feb 2023 19:13:13 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
187491609270565
connect.facebook.net/signals/config/ 		78 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/187491609270565?v=2.9.177&r=stable&domain=careers.revolutiontravel.ca&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39847ac91cba4e419764129655e915e8e4772df71326762121e884f3d8c1eca7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-Yt7XFPWu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 23:40:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-Yt7XFPWu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=77, mss=1232, tbw=72184, tp=68, tpl=0, uplat=166, ullat=1
pragma
public
x-fb-debug
DFLvFUzxg42D1eR83XKnVh7OzW8VkjSQ2HvJiH8t6EfTfRascmt3iZaKQpVbe/ySZSkBSxNtzfK44nh4AF5+rg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CPL3QRQW6G&gtm=45je4bc0v885184792za200&_p=1731800459544&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855&cid=205662105.1731800460&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731800459&sct=1&seg=0&dl=https%3A%2F%2Fcareers.revolutiontravel.ca%2F&dt=Revolution%20Travel&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=683
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CPL3QRQW6G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://careers.revolutiontravel.ca
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 23:41:00 GMT
content-type
text/plain
server
Golfe2
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=187491609270565&ev=PageView&dl=https%3A%2F%2Fcareers.revolutiontravel.ca%2F&rl=&if=false&ts=1731800460044&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731800460041.445017354531659826&cs_est=true&ler=empty&cdl=API_unavailable&it=1731800459800&coo=false&rqm=GET
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=5739, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 16 Nov 2024 23:41:00 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=187491609270565&ev=PageView&dl=https%3A%2F%2Fcareers.revolutiontravel.ca%2F&rl=&if=false&ts=1731800460044&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731800460041.445017354531659826&cs_est=true&ler=empty&cdl=API_unavailable&it=1731800459800&coo=false&rqm=FGET
Requested by
Host: careers.revolutiontravel.ca
URL: https://careers.revolutiontravel.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438026340135630590"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 23:41:00 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
SXFhNc1IpWBDh95+wYwDTxa08o8OIaDdUvHC2ZRzaiwjvSF3zpl/49LDlnUzBFgHr1FqqVnxgAi2PXM4nRmsNA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438026340135630590", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=6107, tp=14, tpl=0, uplat=65, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
smills.jpg
s3.amazonaws.com/ttand/uploads/users/logos/ 		703 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/ttand/uploads/users/logos/smills.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.227.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e58fac3c62daf08aba94c8f57dc9072d8b57c99c0fe31562ff5ba9c1398c7ef7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://careers.revolutiontravel.ca/

Response headers

x-amz-id-2
cKmIBF8/9/cSvtLyE3fVwB2uDBj7X5qM7jDNdKINKAg9XdvoSUW4ZZfipehyyBN6Fm+OGrke0xA=
ETag
"49e364c880331e77aa73f8e54a1c12c8"
x-amz-request-id
YRXH6E8RZJ5JD1QK
Accept-Ranges
bytes
Content-Length
720029
Date
Sat, 16 Nov 2024 23:41:00 GMT
Last-Modified
Wed, 22 Feb 2023 19:13:13 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer function| fbq function| _fbq object| webpackChunkrt_careers string| __reactRouterVersion object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

6 Cookies

Domain/Path Name / Value
.revolutiontravel.ca/ Name: _ga_CPL3QRQW6G
Value: GS1.1.1731800459.1.0.1731800459.0.0.0
.revolutiontravel.ca/ Name: _ga
Value: GA1.1.205662105.1731800460
.revolutiontravel.ca/ Name: _fbp
Value: fb.1.1731800460041.445017354531659826
.calendly.com/ Name: _cfuvid
Value: AIn_.j1dLWOr8RENqE_POSJjew8GKP7X5v5iKi6H17E-1731800460362-0.0.1.1-604800000
.calendly.com/ Name: __cfruid
Value: ed50b43873748640945f151824b5191c312f5bb5-1731800460
.calendly.com/ Name: cf_clearance
Value: i.CgS5KWKeumrUlaNORIV_XfojqDmc_UazMeOUVbc.A-1731800460-1.2.1.1-yS16Q_D6fgr66piaQCFwV6BZh.AcS0npCBEEDXlqvgITsYGobM29.kZyQspojLqjbdrVexs0La4mXfcQFnBie1o_7XVGPaiXtSazMY.uoXpBa2zlHRNIxu00SnV0iWDbw8mGaIHRo5xYoCQUXOmVOBLsT_UQLn6EPCrahZjDD6HvvqnWEqImqUxXQvAFl2nI5UdBgM4YknG2ARJPfdzNQRDvrDFtLXu13mTaPEoBpsIgxBtvLKV9T2_KGBfigin36B0HnUBH.R4FhKA7TIKSaYxCENQyAZcnc5IyyBM.Sbu9BVTgO94BE2sFYXak6Si1a1x3IRx7d_OMmpFfFqp4WUh7yorC7r5sbnC1nDcOKbFXHAVnfa0S11hrLsuQRO07.w5XqYUuisNrL3swoK0i2Q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

calendly.com
careers.revolutiontravel.ca
connect.facebook.net
randomuser.me
s3.amazonaws.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
2606:4700:3036::6815:5a80
2606:4700:4400::ac40:9251
2607:f8b0:4006:807::200e
2607:f8b0:4006:821::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
45.154.204.154
52.217.227.128
022f69535a0effb4ab080da439b01ce7713de62353068a6ea69cbe445954188d
39847ac91cba4e419764129655e915e8e4772df71326762121e884f3d8c1eca7
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
4cff4f892ece6dca0865313df96f11ac30e11b6dcbf3b9a86bad86a3049aa6e1
50af97d25250423401125290f78ea242a467ba0528ec35256a47ca9347308a36
63f3dfd5ecb3152b638aac6765b07f2015d93d1c18f0088293b97fa0e7c85a4d
716cfb40836039a4e9e34d89320b6398ba7871ea7882e32b7397029586f6dda7
7bd0c547567a3e076dd010ad6c0c3498849620d7ef9067bdb78630c1d88cc9dd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1f6209ae26207ebe11c243a659f0e5e15a0a48232261ecf3c05211a40af2225
c4a174a91e1007ed9f38a83faeb924a9b0ae3b80dd94cc89728e648a50143da8
cc5061bce1e94dbc726494edce12f2b2f34da868e109427980e3ca547f992fbc
d7d5ef79a08aaa9b34b7bc0877571667d707e1a045c6b13251cf93f5c18faf3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58fac3c62daf08aba94c8f57dc9072d8b57c99c0fe31562ff5ba9c1398c7ef7
fbaa3484eb9c2ead0a1821dc3e2ccc3d87ec49f8ff349ae221ddabdd861a39b0