urlscan.io logo urlscan.io
SecurityTrails logo

secure.rezserver.com Open in urlscan Pro
151.101.2.150  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Submission: On December 18 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 3 domains to perform 31 HTTP transactions. The main IP is 151.101.2.150, located in San Francisco, United States and belongs to FASTLY - Fastly, US. The main domain is secure.rezserver.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on February 5th 2018. Valid for: 2 years.
This is the only time secure.rezserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 151.101.2.150 54113 (FASTLY)
1 151.101.2.110 54113 (FASTLY)
1 54.230.95.66 16509 (AMAZON-02)
4 35.190.10.112 15169 (GOOGLE)
1 34.199.89.77 14618 (AMAZON-AES)
2 52.204.151.32 14618 (AMAZON-AES)
1 3 143.204.101.37 16509 (AMAZON-02)
1 52.5.0.90 14618 (AMAZON-AES)
1 34.204.59.204 14618 (AMAZON-AES)
5 18.213.255.128 14618 (AMAZON-AES)
31 11
9    151.101.2.150 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
secure.rezserver.com
1    151.101.2.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
client.perimeterx.net
1    54.230.95.66 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-66.fra2.r.cloudfront.net
7736390f98ba.cdn4.forter.com
4    35.190.10.112 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 112.10.190.35.bc.googleusercontent.com
collector-px4bynv8ar.perimeterx.net
1    34.199.89.77 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-89-77.compute-1.amazonaws.com
cdn3.forter.com
2    52.204.151.32 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-204-151-32.compute-1.amazonaws.com
cdn3.forter.com
3    143.204.101.37 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-37.fra50.r.cloudfront.net
cdn9.forter.com
1    52.5.0.90 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-5-0-90.compute-1.amazonaws.com
6f2905fe26e940d2bb9c0ce0cb840110-7736390f98ba.cdn.forter.com
1    34.204.59.204 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-204-59-204.compute-1.amazonaws.com
6f2905fe26e940d2bb9c0ce0cb840110-7736390f98ba.cdn5.forter.com
5    18.213.255.128 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-213-255-128.compute-1.amazonaws.com
cdn0.forter.com

This site contains no links.

Subject Issuer Validity Valid
*.rezserver.com
GeoTrust RSA CA 2018		 2018-02-05 -
2020-04-05		 2 years crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-12-06 -
2019-04-14		 4 months crt.sh
*.cdn4.forter.com
DigiCert SHA2 Secure Server CA		 2018-08-27 -
2020-10-27		 2 years crt.sh
*.perimeterx.net
COMODO RSA Domain Validation Secure Server CA		 2018-02-07 -
2019-07-24		 a year crt.sh
cdn3.forter.com
DigiCert SHA2 Secure Server CA		 2018-01-11 -
2019-05-09		 a year crt.sh
cdn9.forter.com
Amazon		 2018-07-23 -
2019-08-23		 a year crt.sh
*.cdn.forter.com
DigiCert SHA2 Secure Server CA		 2018-04-11 -
2020-06-19		 2 years crt.sh
*.cdn5.forter.com
DigiCert SHA2 Secure Server CA		 2017-12-31 -
2019-03-14		 a year crt.sh
cdn0.forter.com
DigiCert SHA2 Secure Server CA		 2017-12-31 -
2019-04-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.rezserver.com/flights/help/review/?refid=2681
Frame ID: F868033318F60A5F508FBC53E29A8E97
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /.*Varnish/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

31
Requests

87 %
HTTPS

0 %
IPv6

3
Domains

9
Subdomains

11
IPs

1
Countries

419 kB
Transfer

1304 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://cdn9.forter.com/vchk2 HTTP 301
  • https://cdn9.forter.com/vchk2/v1/78e958923c4f7a2e3f22e71318ae52bda2e197582edb1365ebb4695bbfc5c314ac7f48ca661656e4dff84bd2a271

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.rezserver.com/flights/help/review/ 		45 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.150 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
4c6461a6bb748800cf25212836294094a36f42bd04be2f2892696546cd0c18bf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
secure.rezserver.com
:scheme
https
:path
/flights/help/review/?refid=2681
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
Apache
set-cookie
hotel_rooms=1; expires=Tue, 25-Dec-2018 06:14:40 GMT; Max-Age=604800; path=/; domain=secure.rezserver.com SITESERVER=ID=abefea4e8c43e123db90ee0545ba407f; expires=Fri, 18-Dec-2048 06:14:40 GMT; Max-Age=946771200; path=/; domain=secure.rezserver.com varid=1b2a3b4a80a126a141b143a155a159b160a162z166a169z171z172b173a174b176z179a182b188a191a192b193a194a195b196a201b; expires=Tue, 25-Dec-2018 06:14:40 GMT; Max-Age=604800; path=/; domain=secure.rezserver.com; HttpOnly currency=EUR; expires=Tue, 25-Dec-2018 06:14:40 GMT; Max-Age=604800; path=/; domain=secure.rezserver.com _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c; expires=Tue, 01-Jan-2019 06:14:40 GMT; Max-Age=1209600; path=/; HttpOnly
cache-control
no-cache
x-runtime
0.365702
content-encoding
gzip
x-ua-compatible
IE=Edge,chrome=1
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
accept-ranges
bytes bytes bytes bytes
age
0 0 0 0
via
1.1 varnish 1.1 varnish
date
Tue, 18 Dec 2018 06:14:40 GMT
x-served-by
cache-iad2125-IAD, cache-fra19148-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1545113680.936701,VS0,VE505
vary
Accept-Encoding
wsheader
ws=fFRA/fIAD/
content-length
9451
support-2681.css
secure.rezserver.com/hotels/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/hotels/css/support-2681.css
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.150 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
85d0d8f855628939fc47d52ecdd7375633f8aaaa8be3f13af742a0a86235a863
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/hotels/css/support-2681.css
pragma
no-cache
cookie
hotel_rooms=1; SITESERVER=ID=abefea4e8c43e123db90ee0545ba407f; varid=1b2a3b4a80a126a141b143a155a159b160a162z166a169z171z172b173a174b176z179a182b188a191a192b193a194a195b196a201b; currency=EUR; _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
secure.rezserver.com
referer
https://secure.rezserver.com/flights/help/review/?refid=2681
:scheme
https
:method
GET
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

wsheader
ws=fFRA/fIAD/
date
Tue, 18 Dec 2018 06:14:41 GMT
content-encoding
gzip
age
0 0 0 0
x-cache
MISS, MISS
status
200
content-length
4805
x-served-by
cache-iad2126-IAD, cache-fra19148-FRA
x-runtime
0.452291
server
Apache
x-timer
S1545113680.453643,VS0,VE624
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
via
1.1 varnish 1.1 varnish
cache-control
no-cache
x-ua-compatible
IE=Edge,chrome=1
set-cookie
hotel_rooms=1; expires=Tue, 25-Dec-2018 06:14:40 GMT; Max-Age=604800; path=/; domain=secure.rezserver.com _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c; expires=Tue, 01-Jan-2019 06:14:40 GMT; Max-Age=1209599; path=/; HttpOnly
accept-ranges
bytes bytes bytes bytes
x-cache-hits
0, 0
rs_template_boilerplate.css
secure.rezserver.com/shared/css/ 		840 B
573 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/shared/css/rs_template_boilerplate.css
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.150 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
b1f4cedd4844e0b00720ad68627ffe0c91bf19c10d2baeea7ee98cb222b70a94
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/shared/css/rs_template_boilerplate.css
pragma
no-cache
cookie
hotel_rooms=1; SITESERVER=ID=abefea4e8c43e123db90ee0545ba407f; varid=1b2a3b4a80a126a141b143a155a159b160a162z166a169z171z172b173a174b176z179a182b188a191a192b193a194a195b196a201b; currency=EUR; _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
secure.rezserver.com
referer
https://secure.rezserver.com/flights/help/review/?refid=2681
:scheme
https
:method
GET
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

wsheader
ws=fFRA/fIAD/
date
Tue, 18 Dec 2018 06:14:40 GMT
content-encoding
gzip
vary
Accept-Encoding
age
0 0
x-cache
MISS, MISS
status
200
content-length
481
x-served-by
cache-iad2139-IAD, cache-fra19148-FRA
last-modified
Fri, 14 Dec 2018 16:09:38 GMT
server
Apache
x-timer
S1545113680.453663,VS0,VE176
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
via
1.1 varnish 1.1 varnish
accept-ranges
bytes bytes bytes bytes bytes
x-cache-hits
0, 0
jquery-3.1.1.min.js
secure.rezserver.com/shared/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/shared/js/jquery-3.1.1.min.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.150 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/shared/js/jquery-3.1.1.min.js
pragma
no-cache
cookie
hotel_rooms=1; SITESERVER=ID=abefea4e8c43e123db90ee0545ba407f; varid=1b2a3b4a80a126a141b143a155a159b160a162z166a169z171z172b173a174b176z179a182b188a191a192b193a194a195b196a201b; currency=EUR; _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.rezserver.com
referer
https://secure.rezserver.com/flights/help/review/?refid=2681
:scheme
https
:method
GET
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

wsheader
ws=fFRA/fIAD/
date
Tue, 18 Dec 2018 06:14:40 GMT
content-encoding
gzip
vary
Accept-Encoding
age
0 0
x-cache
MISS, MISS
status
200
content-length
30312
x-served-by
cache-iad2144-IAD, cache-fra19148-FRA
last-modified
Fri, 14 Dec 2018 16:09:38 GMT
server
Apache
x-timer
S1545113680.453681,VS0,VE180
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
via
1.1 varnish 1.1 varnish
accept-ranges
bytes bytes bytes bytes bytes
x-cache-hits
0, 0
jquery-migrate-3.0.0.min.js
secure.rezserver.com/shared/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/shared/js/jquery-migrate-3.0.0.min.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.150 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/shared/js/jquery-migrate-3.0.0.min.js
pragma
no-cache
cookie
hotel_rooms=1; SITESERVER=ID=abefea4e8c43e123db90ee0545ba407f; varid=1b2a3b4a80a126a141b143a155a159b160a162z166a169z171z172b173a174b176z179a182b188a191a192b193a194a195b196a201b; currency=EUR; _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.rezserver.com
referer
https://secure.rezserver.com/flights/help/review/?refid=2681
:scheme
https
:method
GET
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

wsheader
ws=fFRA/fIAD/
date
Tue, 18 Dec 2018 06:14:40 GMT
content-encoding
gzip
vary
Accept-Encoding
age
0 0
x-cache
MISS, MISS
status
200
content-length
2716
x-served-by
cache-iad2133-IAD, cache-fra19148-FRA
last-modified
Fri, 14 Dec 2018 16:09:38 GMT
server
Apache
x-timer
S1545113680.453926,VS0,VE174
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
via
1.1 varnish 1.1 varnish
accept-ranges
bytes bytes bytes bytes bytes
x-cache-hits
0, 0
hotel.min.js
secure.rezserver.com/public/f83334b/app/ 		796 KB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/public/f83334b/app/hotel.min.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.150 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
115d059483768af577ae40e5596c3959cb540fb1a1dfc4f586783ef03f3a78fa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/f83334b/app/hotel.min.js
pragma
no-cache
cookie
hotel_rooms=1; SITESERVER=ID=abefea4e8c43e123db90ee0545ba407f; varid=1b2a3b4a80a126a141b143a155a159b160a162z166a169z171z172b173a174b176z179a182b188a191a192b193a194a195b196a201b; currency=EUR; _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.rezserver.com
referer
https://secure.rezserver.com/flights/help/review/?refid=2681
:scheme
https
:method
GET
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

wsheader
ws=fFRA
date
Tue, 18 Dec 2018 06:14:40 GMT
content-encoding
gzip
age
296753
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
content-length
238225
x-served-by
cache-iad2139-IAD, cache-fra19148-FRA
last-modified
Fri, 14 Dec 2018 16:16:43 GMT
server
Apache
x-timer
S1545113680.454923,VS0,VE3
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish 1.1 varnish
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Sun, 13 Jan 2019 19:48:47 GMT
help.min.js
secure.rezserver.com/public/f83334b/ 		113 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/public/f83334b/help.min.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.150 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
50e5abc9698c084764b51e49eb56ab0f3a7fb93a37f2da74ebf777010c1dad6f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/f83334b/help.min.js
pragma
no-cache
cookie
hotel_rooms=1; SITESERVER=ID=abefea4e8c43e123db90ee0545ba407f; varid=1b2a3b4a80a126a141b143a155a159b160a162z166a169z171z172b173a174b176z179a182b188a191a192b193a194a195b196a201b; currency=EUR; _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.rezserver.com
referer
https://secure.rezserver.com/flights/help/review/?refid=2681
:scheme
https
:method
GET
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

wsheader
ws=fFRA
date
Tue, 18 Dec 2018 06:14:40 GMT
content-encoding
gzip
age
296745
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
content-length
27033
x-served-by
cache-iad2148-IAD, cache-fra19148-FRA
last-modified
Fri, 14 Dec 2018 16:17:37 GMT
server
Apache
x-timer
S1545113680.455707,VS0,VE2
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish 1.1 varnish
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Sun, 13 Jan 2019 19:48:55 GMT
client.js
secure.rezserver.com/sdk/v1/2681/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/sdk/v1/2681/client.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.150 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
c154c5bc9b377bda1b3e0a49762afcebc327f8ef97137fac188b159619d73dd6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/sdk/v1/2681/client.js
pragma
no-cache
cookie
hotel_rooms=1; SITESERVER=ID=abefea4e8c43e123db90ee0545ba407f; varid=1b2a3b4a80a126a141b143a155a159b160a162z166a169z171z172b173a174b176z179a182b188a191a192b193a194a195b196a201b; currency=EUR; _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.rezserver.com
referer
https://secure.rezserver.com/flights/help/review/?refid=2681
:scheme
https
:method
GET
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

wsheader
ws=fFRA/fIAD/
date
Tue, 18 Dec 2018 06:14:40 GMT
content-encoding
gzip
age
0 0 0 0
x-cache
MISS, MISS
status
200
content-length
2189
x-served-by
cache-iad2142-IAD, cache-fra19148-FRA
x-runtime
0.117396
server
Apache
x-timer
S1545113680.455757,VS0,VE264
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish 1.1 varnish
cache-control
max-age=300, private
x-ua-compatible
IE=Edge,chrome=1
set-cookie
hotel_rooms=1; expires=Tue, 25-Dec-2018 06:14:40 GMT; Max-Age=604800; path=/; domain=secure.rezserver.com _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c; expires=Tue, 01-Jan-2019 06:14:40 GMT; Max-Age=1209600; path=/; HttpOnly
accept-ranges
bytes bytes bytes bytes
x-cache-hits
0, 0
4f32dbb8-9b6f-4684-ad4d-0640668ee6bc
https://secure.rezserver.com/ 		0
0
cafda432-f7a9-4f1e-ba13-3d4cb355fcdf
https://secure.rezserver.com/ 		0
0
650260e8-8bd9-4f3f-b271-fbc5043bd036
https://secure.rezserver.com/ 		0
0
f367e8e3-6ec9-4199-b74f-5f5dc84f614b
https://secure.rezserver.com/ 		0
0
truncated
/ 		118 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8f2e27fe9c6227944f2f5eccf178e23f5f861f3489685962f07829ec029174f

Request headers

Response headers

Content-Type
image/png
rs.woff
secure.rezserver.com/shared/icons/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/shared/icons/rs.woff
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.150 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
325b0b2153e7cebb65db7b4741d360f38d8c3482287917f6df6f62d7fc3cdb6d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/shared/icons/rs.woff
pragma
no-cache
cookie
hotel_rooms=1; _session_id=e2ac5cbffb6b9e4ca1497109765c1d2c
origin
https://secure.rezserver.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.rezserver.com
referer
https://secure.rezserver.com/flights/help/review/?refid=2681
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com

Response headers

wsheader
ws=fFRA/fIAD/
date
Tue, 18 Dec 2018 06:14:41 GMT
via
1.1 varnish 1.1 varnish
last-modified
Fri, 14 Dec 2018 16:09:38 GMT
server
Apache
age
0 0
x-served-by
cache-iad2148-IAD, cache-fra19148-FRA
x-frame-options
SAMEORIGIN
x-cache
MISS, MISS
content-type
application/x-font-woff
status
200
accept-ranges
bytes bytes bytes bytes bytes
x-timer
S1545113681.406220,VS0,VE196
content-length
26504
x-cache-hits
0, 0
main.min.js
client.perimeterx.net/PX4BynV8ar/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.perimeterx.net/PX4BynV8ar/main.min.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
0693a216c7ee62a0962dbdb47c7183f635fc439555d876d97513fcac1b1fd86b

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Dec 2018 06:14:41 GMT
content-encoding
gzip
age
0
etag
W/"104da-mH7gdZpOvYCDnwq27IaGiBActIA"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=600
x-cache-hits
1
accept-ranges
bytes
x-timer
S1545113682.512481,VS0,VE213
content-length
24729
via
1.1 varnish
x-served-by
cache-fra19120-FRA
script.js
7736390f98ba.cdn4.forter.com/sn/7736390f98ba/ 		137 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7736390f98ba.cdn4.forter.com/sn/7736390f98ba/script.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-66.fra2.r.cloudfront.net
Software
/
Resource Hash
b34e185ffb0fea6991bd289aaca63756ede3da3c83ec7590513732d589a6df08
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 04 Dec 2018 12:27:37 GMT
content-encoding
gzip
age
1187225
x-cache
Hit from cloudfront
status
200
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 7af5638099b4c0c5cbf2f9c79d5100fd.cloudfront.net (CloudFront)
last-modified
Tue, 04 Dec 2018 12:27:37 GMT
x-sourcemap
https://cdn4.forter.com/map/suid/7736390f98ba/11081814179
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=300
timing-allow-origin
*
x-amz-cf-id
TRdIL94cWBdXkLxrUNzvJy-Zvi2lgsG-me7NM40XBCB0pE1G5WKD5g==
expires
Tue, 04 Dec 2018 12:32:37 GMT
collector
collector-px4bynv8ar.perimeterx.net/api/v1/ 		440 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-px4bynv8ar.perimeterx.net/api/v1/collector
Requested by
Host: client.perimeterx.net
URL: https://client.perimeterx.net/PX4BynV8ar/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.10.112 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
112.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d7712f52fc7c73e672e381557529818a219eb3cc702f4be4cf31456a5a60133f

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Dec 2018 06:14:41 GMT
via
1.1 google
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.rezserver.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
440
events
cdn3.forter.com/ 		0
372 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.89.77 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-199-89-77.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 06:14:42 GMT
Strict-Transport-Security
max-age=86400; includeSubDomains
Vary
Origin
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
-1
collector
collector-px4bynv8ar.perimeterx.net/api/v1/ 		270 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-px4bynv8ar.perimeterx.net/api/v1/collector
Requested by
Host: client.perimeterx.net
URL: https://client.perimeterx.net/PX4BynV8ar/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.10.112 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
112.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7c9341a03876d32f5becc0c3264a305f0cc2a8709935f0c70e8f4d348e9f6767

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Dec 2018 06:14:42 GMT
via
1.1 google
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.rezserver.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
270
events
cdn3.forter.com/ 		0
372 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.151.32 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-204-151-32.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 06:14:42 GMT
Strict-Transport-Security
max-age=86400; includeSubDomains
Vary
Origin
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
-1
events
cdn3.forter.com/ 		0
372 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.151.32 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-204-151-32.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 06:14:42 GMT
Strict-Transport-Security
max-age=86400; includeSubDomains
Vary
Origin
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
-1
78e958923c4f7a2e3f22e71318ae52bda2e197582edb1365ebb4695bbfc5c314ac7f48ca661656e4dff84bd2a271
cdn9.forter.com/vchk2/v1/
Redirect Chain
  • https://cdn9.forter.com/vchk2
  • https://cdn9.forter.com/vchk2/v1/78e958923c4f7a2e3f22e71318ae52bda2e197582edb1365ebb4695bbfc5c314ac7f48ca661656e4dff84bd2a271
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn9.forter.com/vchk2/v1/78e958923c4f7a2e3f22e71318ae52bda2e197582edb1365ebb4695bbfc5c314ac7f48ca661656e4dff84bd2a271
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.37 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-37.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Dec 2018 06:14:42 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
location
https://cdn9.forter.com/vchk2/v1/78e958923c4f7a2e3f22e71318ae52bda2e197582edb1365ebb4695bbfc5c314ac7f48ca661656e4dff84bd2a271
x-cache
Miss from cloudfront
status
301
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
content-length
0
x-amz-cf-id
-UZHPj-79VGim9JgdGoNkXL5-uxgu9OOOzIzpZitLD1zBUYrtNjyxw==

Redirect headers

date
Tue, 18 Dec 2018 06:14:42 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
status
301
location
https://cdn9.forter.com/vchk2/v1/78e958923c4f7a2e3f22e71318ae52bda2e197582edb1365ebb4695bbfc5c314ac7f48ca661656e4dff84bd2a271
x-cache
Miss from cloudfront
access-control-allow-origin
*
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
content-length
0
x-amz-cf-id
-UZHPj-79VGim9JgdGoNkXL5-uxgu9OOOzIzpZitLD1zBUYrtNjyxw==
prop.json
6f2905fe26e940d2bb9c0ce0cb840110-7736390f98ba.cdn.forter.com/ 		46 B
674 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6f2905fe26e940d2bb9c0ce0cb840110-7736390f98ba.cdn.forter.com/prop.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.0.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-5-0-90.compute-1.amazonaws.com
Software
Apache /
Resource Hash
941032dc28a420ebf9a1587b4822eb4bd171d85ebc79f594e2755af92993b1df

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 18 Dec 2018 06:14:42 GMT
Connection
close
Content-Length
46
Pragma
no-cache
Last-Modified
Wed, 05 Dec 2018 09:30:16 GMT
Server
Apache
ETag
"2e-57c4307a0cfe0"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, x-csrf-token
Expires
Wed, 11 Jan 1984 05:00:00 GMT
78e958923c4f7a2e3f22e71318ae52bda2e197582edb1365ebb4695bbfc5c314ac7f48ca661656e4dff84bd2a271
cdn9.forter.com/vchk2/v1/ 		0
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn9.forter.com/vchk2/v1/78e958923c4f7a2e3f22e71318ae52bda2e197582edb1365ebb4695bbfc5c314ac7f48ca661656e4dff84bd2a271
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.37 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-37.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
eyJyIjowLjgyNzMyNzgzNzM2Mjg4NzIsInUiOiI2ZjI5MDVmZTI2ZTk0MGQyYmI5YzBjZTBjYjg0MDExMCIsInMiOiI3NzM2MzkwZjk4YmEifQ==
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Dec 2018 06:14:42 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
status
200
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
x-amz-cf-id
AwkyCtWsKOiARYXA3iKXj5qpcU7Dt3WHVKq4Ogwq5UHQ_JM8sFqoYg==
prop.json
6f2905fe26e940d2bb9c0ce0cb840110-7736390f98ba.cdn5.forter.com/ 		46 B
713 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6f2905fe26e940d2bb9c0ce0cb840110-7736390f98ba.cdn5.forter.com/prop.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.204.59.204 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-204-59-204.compute-1.amazonaws.com
Software
Apache /
Resource Hash
941032dc28a420ebf9a1587b4822eb4bd171d85ebc79f594e2755af92993b1df

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 18 Dec 2018 06:14:43 GMT
Connection
Keep-Alive
Content-Length
46
Keep-Alive
timeout=15, max=8092
Pragma
no-cache
Last-Modified
Wed, 08 Aug 2018 08:41:25 GMT
Server
Apache
ETag
"2e-572e879d17683"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, x-csrf-token
Expires
Wed, 11 Jan 1984 05:00:00 GMT
prop.json
cdn0.forter.com/7736390f98ba/6f2905fe26e940d2bb9c0ce0cb840110/ 		20 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/7736390f98ba/6f2905fe26e940d2bb9c0ce0cb840110/prop.json?_=1545113681117
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/shared/js/jquery-3.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.255.128 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-213-255-128.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 06:14:43 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
collector
collector-px4bynv8ar.perimeterx.net/api/v1/ 		270 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-px4bynv8ar.perimeterx.net/api/v1/collector
Requested by
Host: client.perimeterx.net
URL: https://client.perimeterx.net/PX4BynV8ar/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.10.112 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
112.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
a88986ec209d0b84daf3040253794da9abc89f17cda73d89cb47561991cbc209

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Dec 2018 06:14:44 GMT
via
1.1 google
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.rezserver.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
270
prop.json
cdn0.forter.com/7736390f98ba/6f2905fe26e940d2bb9c0ce0cb840110/ 		20 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/7736390f98ba/6f2905fe26e940d2bb9c0ce0cb840110/prop.json?_=1545113681118
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/shared/js/jquery-3.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.255.128 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-213-255-128.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 06:14:44 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
prop.json
cdn0.forter.com/7736390f98ba/6f2905fe26e940d2bb9c0ce0cb840110/ 		20 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/7736390f98ba/6f2905fe26e940d2bb9c0ce0cb840110/prop.json?_=1545113681119
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/shared/js/jquery-3.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.255.128 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-213-255-128.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 06:14:44 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
wpt.json
cdn0.forter.com/7736390f98ba/6f2905fe26e940d2bb9c0ce0cb840110/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/7736390f98ba/6f2905fe26e940d2bb9c0ce0cb840110/wpt.json
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/shared/js/jquery-3.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.255.128 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-213-255-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://secure.rezserver.com
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 18 Dec 2018 06:14:44 GMT
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
0
Vary
Access-Control-Request-Headers
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
wpt.json
cdn0.forter.com/7736390f98ba/6f2905fe26e940d2bb9c0ce0cb840110/ 		20 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/7736390f98ba/6f2905fe26e940d2bb9c0ce0cb840110/wpt.json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.255.128 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-213-255-128.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 06:14:44 GMT
ETag
W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
20
Expires
-1
collector
collector-px4bynv8ar.perimeterx.net/api/v1/ 		270 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-px4bynv8ar.perimeterx.net/api/v1/collector
Requested by
Host: client.perimeterx.net
URL: https://client.perimeterx.net/PX4BynV8ar/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.10.112 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
112.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
a69cf3e84813799109e2d744345ea5bcfe9894e3ade5baf3545363920ae61363

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Dec 2018 06:14:45 GMT
via
1.1 google
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.rezserver.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
270

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.rezserver.com
URL
blob:https://secure.rezserver.com/4f32dbb8-9b6f-4684-ad4d-0640668ee6bc
Domain
secure.rezserver.com
URL
blob:https://secure.rezserver.com/cafda432-f7a9-4f1e-ba13-3d4cb355fcdf
Domain
secure.rezserver.com
URL
blob:https://secure.rezserver.com/650260e8-8bd9-4f3f-b271-fbc5043bd036
Domain
secure.rezserver.com
URL
blob:https://secure.rezserver.com/f367e8e3-6ec9-4199-b74f-5f5dc84f614b

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| __RS_DATA__ object| __core-js_shared__ function| renderComponent object| rs object| ref object| rs_link function| hex_md5 function| b64_md5 function| any_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| any_hmac_md5 function| md5_vm_test function| rstr_md5 function| rstr_hmac_md5 function| rstr2hex function| rstr2b64 function| rstr2any function| str2rstr_utf8 function| str2rstr_utf16le function| str2rstr_utf16be function| rstr2binl function| binl2rstr function| binl_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol number| hexcase string| b64pad object| rs_global object| dust string| _pxAppId number| ftr__startScriptLoad string| str object| PX4BynV8ar object| PX function| h3xx function| M3xx function| R3xx function| ftr__ object| bufferManager object| ftr__ext object| ftr__scriptLoadOptions object| ftr__buffer object| ftr__JSON3 function| ftr__statusChecker

8 Cookies

Domain/Path Name / Value
.rezserver.com/ Name: ftr_ncd
Value: 6
.rezserver.com/ Name: _pxvid
Value: 34edfdc0-028c-11e9-96ef-43e85774c659
.secure.rezserver.com/ Name: hotel_rooms
Value: 1
secure.rezserver.com/ Name: RS-CLIENT
Value: {"ip":"185.34.41.50","ua":"Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36","refid":"2681","token":"6f2905fe26e940d2bb9c0ce0cb840110_1545113681488___6","uuid":"abefea4e8c43e123db90ee0545ba407f"}
.rezserver.com/ Name: forterToken
Value: 6f2905fe26e940d2bb9c0ce0cb840110_1545113681488__UDF43_6
.rezserver.com/ Name: _px2
Value: eyJ1IjoiMzRlMWVmZDAtMDI4Yy0xMWU5LWExMzEtNDE3ZDNjZTFhZjlhIiwidiI6IjM0ZWRmZGMwLTAyOGMtMTFlOS05NmVmLTQzZTg1Nzc0YzY1OSIsInQiOjE1NDUxMTM5ODE4MzIsImgiOiIxM2Y3YzU1OGI1NTg2YjZiOWUxZjUyNGE2Njc2ODMxMjQ4ZTM5NmIxOTE5NGI4MTA4MTQyODk1OGMwNTkxNDFiIn0=
.secure.rezserver.com/ Name: SITESERVER
Value: ID=abefea4e8c43e123db90ee0545ba407f
secure.rezserver.com/ Name: _session_id
Value: e2ac5cbffb6b9e4ca1497109765c1d2c

1 Console Messages

Source Level URL
Text
console-api log URL: https://secure.rezserver.com/shared/js/jquery-migrate-3.0.0.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6f2905fe26e940d2bb9c0ce0cb840110-7736390f98ba.cdn.forter.com
6f2905fe26e940d2bb9c0ce0cb840110-7736390f98ba.cdn5.forter.com
7736390f98ba.cdn4.forter.com
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
client.perimeterx.net
collector-px4bynv8ar.perimeterx.net
secure.rezserver.com
secure.rezserver.com
143.204.101.37
151.101.2.110
151.101.2.150
18.213.255.128
34.199.89.77
34.204.59.204
35.190.10.112
52.204.151.32
52.5.0.90
54.230.95.66
0693a216c7ee62a0962dbdb47c7183f635fc439555d876d97513fcac1b1fd86b
115d059483768af577ae40e5596c3959cb540fb1a1dfc4f586783ef03f3a78fa
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc
325b0b2153e7cebb65db7b4741d360f38d8c3482287917f6df6f62d7fc3cdb6d
4c6461a6bb748800cf25212836294094a36f42bd04be2f2892696546cd0c18bf
50e5abc9698c084764b51e49eb56ab0f3a7fb93a37f2da74ebf777010c1dad6f
7c9341a03876d32f5becc0c3264a305f0cc2a8709935f0c70e8f4d348e9f6767
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85d0d8f855628939fc47d52ecdd7375633f8aaaa8be3f13af742a0a86235a863
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
941032dc28a420ebf9a1587b4822eb4bd171d85ebc79f594e2755af92993b1df
a69cf3e84813799109e2d744345ea5bcfe9894e3ade5baf3545363920ae61363
a88986ec209d0b84daf3040253794da9abc89f17cda73d89cb47561991cbc209
b1f4cedd4844e0b00720ad68627ffe0c91bf19c10d2baeea7ee98cb222b70a94
b34e185ffb0fea6991bd289aaca63756ede3da3c83ec7590513732d589a6df08
c154c5bc9b377bda1b3e0a49762afcebc327f8ef97137fac188b159619d73dd6
c8f2e27fe9c6227944f2f5eccf178e23f5f861f3489685962f07829ec029174f
d7712f52fc7c73e672e381557529818a219eb3cc702f4be4cf31456a5a60133f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855