wx1.getthere.net
Open in
urlscan Pro
151.193.164.6
Public Scan
URL:
https://wx1.getthere.net/DispatcherServlet?requestType=logininq&site=ptsdus
Submission: On September 13 via manual from US
Submission: On September 13 via manual from US
Summary
This website contacted 6 IPs
in 2 countries
across 4 domains to perform 19 HTTP transactions.
The main IP is 151.193.164.6, located in
United States and
belongs to ASN-TSG - Sabre GLBL Inc., US.
The main domain is wx1.getthere.net.
TLS certificate: Issued by GlobalSign Organization Validation CA... on September 26th 2018. Valid for: 2 years.
This is the only time wx1.getthere.net was scanned on urlscan.io!
TLS certificate: Issued by GlobalSign Organization Validation CA... on September 26th 2018. Valid for: 2 years.
This is the only time wx1.getthere.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 8 | 151.193.164.6 151.193.164.6 | 6334 (ASN-TSG) (ASN-TSG - Sabre GLBL Inc.) | |
| 2 | 2.18.232.23 2.18.232.23 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 4 | 45.60.46.204 45.60.46.204 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
| 2 | 13.35.253.31 13.35.253.31 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 2 | 66.117.29.227 66.117.29.227 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 2 | 52.86.6.215 52.86.6.215 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 19 | 6 |
8
151.193.164.6
(United States)
ASN6334 (ASN-TSG - Sabre GLBL Inc., US)
PTR: wx1.getthere.net
ASN6334 (ASN-TSG - Sabre GLBL Inc., US)
PTR: wx1.getthere.net
| wx1.getthere.net |
2
2.18.232.23
(Ascension Island)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com
| assets.adobedtm.com |
2
13.35.253.31
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-31.fra6.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-31.fra6.r.cloudfront.net
| cdn.userreplay.net |
2
66.117.29.227
(United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
| sabregetthere1.sc.omtrdc.net |
2
52.86.6.215
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-86-6-215.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-86-6-215.compute-1.amazonaws.com
| us1-00000026.userreplay.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
getthere.net
wx1.getthere.net cdn.getthere.net |
439 KB |
| 4 |
userreplay.net
cdn.userreplay.net us1-00000026.userreplay.net |
21 KB |
| 2 |
omtrdc.net
1 redirects
sabregetthere1.sc.omtrdc.net |
2 KB |
| 2 |
adobedtm.com
assets.adobedtm.com |
41 KB |
| 19 | 4 |
| Domain | Requested by | |
|---|---|---|
| 8 | wx1.getthere.net |
wx1.getthere.net
|
| 4 | cdn.getthere.net |
wx1.getthere.net
|
| 2 | us1-00000026.userreplay.net |
cdn.userreplay.net
|
| 2 | sabregetthere1.sc.omtrdc.net |
1 redirects
wx1.getthere.net
|
| 2 | cdn.userreplay.net |
cdn.getthere.net
cdn.userreplay.net |
| 2 | assets.adobedtm.com |
wx1.getthere.net
assets.adobedtm.com |
| 19 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.brainshark.com |
| www.dhs.gov |
| corp.americanexpress.com |
| www.getthere.com |
| www.americanexpress.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| wx1.getthere.net GlobalSign Organization Validation CA - SHA256 - G2 |
2018-09-26 - 2020-04-21 |
2 years | crt.sh |
| assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-06-27 - 2021-07-01 |
2 years | crt.sh |
| incapsula.com GlobalSign CloudSSL CA - SHA256 - G3 |
2019-08-15 - 2020-05-26 |
9 months | crt.sh |
| *.userreplay.net Amazon |
2019-03-21 - 2020-04-21 |
a year | crt.sh |
| *.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2019-04-23 - 2020-04-14 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://wx1.getthere.net/DispatcherServlet?requestType=logininq&site=ptsdus
Frame ID: DC30A5FF58957913A3BEF7F3050E0AE2
Requests: 18 HTTP requests in this frame
Frame:
https://cdn.userreplay.net/us10c98c5748abff9e24b67c90575e8a767.html
Frame ID: 7B64A90479AF799D8B109147B47C2F40
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Java
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^Apache-Coyote(?:\/([\d.]+))?/i
Apache Tomcat
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^Apache-Coyote(?:\/([\d.]+))?/i
Adobe DTM
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/assets.adobedtm.com\//i
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/s[_-]code.*\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: http://www.brainshark.com/amexbusinesstravel/vu?pi=169793288
Title: Online Training Information
Title: Online Training Information
Search URL Search Domain Scan URL
URL: http://www.dhs.gov/
Title: US Department of Homeland Security
Title: US Department of Homeland Security
Search URL Search Domain Scan URL
URL: http://corp.americanexpress.com/gcs/travel/us/corp/amexonline/docs/getthere_quickrefguide.pdf
Title: Quick Reference Guide
Title: Quick Reference Guide
Search URL Search Domain Scan URL
URL: http://www.getthere.com/home/about/privacy_policy
Title: GetThere privacy policy
Title: GetThere privacy policy
Search URL Search Domain Scan URL
URL: http://www.getthere.com/cookies-policy
Title: GetThere cookie policy
Title: GetThere cookie policy
Search URL Search Domain Scan URL
URL: http://www.americanexpress.com/usonlineprivacystatement
Title: Additional privacy policy
Title: Additional privacy policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://sabregetthere1.sc.omtrdc.net/b/ss/sabregtprod/1/JS-1.5.1-D7QN/s15280119798046?AQB=1&ndh=1&pf=1&t=13%2F8%2F2019%2018%3A44%3A55%205%20-120&D=D%3D&fid=4CA508346EF3AF91-08FBBDBE1DE8FC8E&ce=UTF-8&ns=sabregetthere&pageName=login-page&g=https%3A%2F%2Fwx1.getthere.net%2FDispatcherServlet%3FrequestType%3Dlogininq%26site%3Dptsdus&cc=USD&events=event1%2Cevent25%3D1.9&v1=login-page&c2=https%3A%2F%2Fwx1.getthere.net%2FDispatcherServlet%3FrequestType%3Dlogininq%26site%3Dptsdus&v2=https%3A%2F%2Fwx1.getthere.net%2FDispatcherServlet%3FrequestType%3Dlogininq%26site%3Dptsdus&c4=Unknown&v4=D%3Dc4&v6=1.9&c7=11%3A44%20AM%7CFriday&v7=11%3A44%20AM%7CFriday&c8=traveler&v8=D%3Dc8&v9=D%3Dc11&c10=ptsdus&v10=D%3Dc10&v15=New&v17=1&c19=en_US&v19=D%3Dc19&v28=D%3Dc28&v42=D%3Dc42&v48=D%3Dc48&v58=D%3Dc58&v59=D%3Dc59&v67=D%3Dc67&v68=D%3Dc68&v69=D%3Dc69&v70=D%3Dc70&c73=SABRE&v73=D%3Dc73&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://sabregetthere1.sc.omtrdc.net/b/ss/sabregtprod/1/JS-1.5.1-D7QN/s15280119798046?AQB=1&pccr=true&vidn=2EBDE3C38530BE18-4000030020004476&&ndh=1&pf=1&t=13%2F8%2F2019%2018%3A44%3A55%205%20-120&D=D%3D&fid=4CA508346EF3AF91-08FBBDBE1DE8FC8E&ce=UTF-8&ns=sabregetthere&pageName=login-page&g=https%3A%2F%2Fwx1.getthere.net%2FDispatcherServlet%3FrequestType%3Dlogininq%26site%3Dptsdus&cc=USD&events=event1%2Cevent25%3D1.9&v1=login-page&c2=https%3A%2F%2Fwx1.getthere.net%2FDispatcherServlet%3FrequestType%3Dlogininq%26site%3Dptsdus&v2=https%3A%2F%2Fwx1.getthere.net%2FDispatcherServlet%3FrequestType%3Dlogininq%26site%3Dptsdus&c4=Unknown&v4=D%3Dc4&v6=1.9&c7=11%3A44%20AM%7CFriday&v7=11%3A44%20AM%7CFriday&c8=traveler&v8=D%3Dc8&v9=D%3Dc11&c10=ptsdus&v10=D%3Dc10&v15=New&v17=1&c19=en_US&v19=D%3Dc19&v28=D%3Dc28&v42=D%3Dc42&v48=D%3Dc48&v58=D%3Dc58&v59=D%3Dc59&v67=D%3Dc67&v68=D%3Dc68&v69=D%3Dc69&v70=D%3Dc70&c73=SABRE&v73=D%3Dc73&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
19 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
DispatcherServlet
wx1.getthere.net/ |
21 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lib.css
wx1.getthere.net/assets/2019-07-18-0400/ |
237 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.css
wx1.getthere.net/assets/2019-07-18-0400/ |
153 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satelliteLib-d19d61951c39dad66844b0fa03c1c7d4ce56f837.js
assets.adobedtm.com/a3d5823bd3f5f717253b7cd9d22c68891feb1f09/ |
92 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.3.1.min.js
wx1.getthere.net/lib/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
title.logo.gif
cdn.getthere.net/skyline/images/site/3304333/ |
926 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hdr.product_name.gif
cdn.getthere.net/skyline/images/site/3304333/ |
919 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
activityIndicator.gif
cdn.getthere.net/mustang/images/graphics/ |
20 KB 21 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lib.js
wx1.getthere.net/assets/2019-07-18-0400/ |
691 KB 175 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-i18n.2015.06.26.js
wx1.getthere.net/lib/ |
21 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.js
wx1.getthere.net/assets/2019-07-18-0400/ |
207 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
userreplay-config.js
cdn.getthere.net/lib/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff2
wx1.getthere.net/lib/font-awesome-4.7.0-getthere/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
us10c98c5748abff9e24b67c90575e8a767_3.js
cdn.userreplay.net/ |
70 KB 20 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s-code-contents-da0db2fab105a34010973f74b86ce3b33bb8d2e5.js
assets.adobedtm.com/a3d5823bd3f5f717253b7cd9d22c68891feb1f09/ |
37 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s15280119798046
sabregetthere1.sc.omtrdc.net/b/ss/sabregtprod/1/JS-1.5.1-D7QN/ Redirect Chain
|
43 B 752 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
us10c98c5748abff9e24b67c90575e8a767.html
cdn.userreplay.net/ Frame 7B64 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
us1-00000026.userreplay.net/ |
87 B 447 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
us1-00000026.userreplay.net/ |
87 B 447 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _satellite object| digitalData function| $ function| jQuery boolean| maskAllFieldsInUR function| moment object| ES6Promise object| Handlebars object| L object| orion object| s function| s_doPlugins function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in number| s_objectID number| s_giq number| d object| eo number| y object| s_i_sabregtprod object| urStorage function| MouseOutEvent function| FieldKeydownEvent string| STR_RESPONSETEXT_UNAVAILABLE string| STR_RESPONSETYPE_UNAVAILABLE object| urCapture function| UrConfig20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .getthere.net/ | Name: _urDomainCheck Value: getthere.net |
|
| .getthere.net/ | Name: s_vmonthnum Value: 1569880800595%26vn%3D1 |
|
| .getthere.net/ | Name: s_fid Value: 4CA508346EF3AF91-08FBBDBE1DE8FC8E |
|
| wx1.getthere.net/ | Name: _sdsat_In frame Value: false |
|
| .getthere.net/ | Name: s_nr Value: 1568393095598-New |
|
| wx1.getthere.net/ | Name: _sdsat_site_Name Value: ptsdus |
|
| .getthere.net/ | Name: nlbi_1853523 Value: 9wQ+FFezVnC5cvszqRuayQAAAAANpWNB/Ir6v4vMBQ4VsM8g |
|
| wx1.getthere.net/ | Name: ADRUM_BT2 Value: "R:0|i:133632|e:684" |
|
| .getthere.net/ | Name: s_cc Value: true |
|
| .getthere.net/ | Name: s_monthinvisit Value: true |
|
| wx1.getthere.net/ | Name: _sdsat_Site Language Value: en_US |
|
| .getthere.net/ | Name: UrCapture Value: d216f6ee-9351-f695-8e9f-7280d7be728e |
|
| .getthere.net/ | Name: incap_ses_408_1853523 Value: MPlqaAKloBaaFpD0pYOpBYbHe10AAAAAE5gHL5xrMKtg49oPpEiWww== |
|
| wx1.getthere.net/ | Name: ADRUM_BT1 Value: "R:0|i:133632|e:684|d:62" |
|
| wx1.getthere.net/ | Name: _sdsat_Access Type Value: Unknown |
|
| .getthere.net/ | Name: gpv Value: login-page |
|
| wx1.getthere.net/ | Name: _sdsat_User Type Value: traveler |
|
| .getthere.net/ | Name: visid_incap_1853523 Value: fZRUBUffTFGFmOv8iAiamIXHe10AAAAAQUIPAAAAAADg2MidwBhZHMyOQQu0nSMl |
|
| wx1.getthere.net/ | Name: JSESSIONID Value: 814BF3C2615AC01E3A971CDCD1642ED9 |
|
| wx1.getthere.net/ | Name: ADRUM_BTa Value: "R:0|g:ba353673-19db-4258-90b2-4ebc9b14c4c3|n:Sabre_9e6c885b-de5c-4175-ac13-773e8d4b7ab2" |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | frame-ancestors 'none' |
| X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
cdn.getthere.net
cdn.userreplay.net
sabregetthere1.sc.omtrdc.net
us1-00000026.userreplay.net
wx1.getthere.net
13.35.253.31
151.193.164.6
2.18.232.23
45.60.46.204
52.86.6.215
66.117.29.227
14e615cace79caf1dff9a48ce763f485445fda2f9cfd94154d23ce5c2603f9e6
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16112279c51e447dff5068a4102aab08f21fb4095268ff18dc2cf80fa9519c8a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d6261b679de66729110a48116796e521297a65a227d7049d88b2be366d775e3
2eca6bbe396da2b17aa1d77c5675f96c7bc36ed9b5e2d14dac3c0ff549e18b24
33acee1918bc23709bfea7c0af4bfdfe56d08e149d9176fb6f6848f84ac611e8
423d4f5f3bb5d97a563d53be6b63d45d428ce9cb1e83c1707f3afb64da11d254
47ecee365330a3b87bba270f2bcbf6e0d614b2cf46b27dfded9b60f51c081a6c
5495c8d77f9dd5559309128d8698c5d7a69f6904c77e1bf7f7dc1bee94a2604c
5bc6fe1eaebf8118ab852973565d79e6374ac735c8859211bf18849c8db5a812
903b39d39d205afc08e89db6387f833fda30f5566444f9340f775a17cd2ddf17
a0ab0c76932c5dfd6a13919564a0a50c885fc5de6ea6f1799083816b6b883c31
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aea6996307b14fc33799729afc0832e36ad82d7d457cc875e184d41f76221277
b1e0646ec822982b69f8230a66145c5fe2d4281004928657316ebed38fac28a1
bc4901cb3b66fe69308ad74aab955fdb91974235c771e79128f61d1dc6ea5346