URL: https://api.swiss-flightpass.cloud/
Submission: On October 11 via automatic, source certstream-suspicious

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 3.123.109.20, located in Frankfurt am Main, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is api.swiss-flightpass.cloud.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 11th 2019. Valid for: 3 months.
This is the only time api.swiss-flightpass.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 3.123.109.20 16509 (AMAZON-02)
2 2a04:4e42:3::621 54113 (FASTLY)
2 143.204.100.43 16509 (AMAZON-02)
8 104.18.71.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 54.172.126.223 14618 (AMAZON-AES)
23 8
Domain Requested by
6 static.zdassets.com api.swiss-flightpass.cloud
static.zdassets.com
5 api.swiss-flightpass.cloud api.swiss-flightpass.cloud
3 swiss-flightpass.zendesk.com static.zdassets.com
2 ekr.zdassets.com static.zdassets.com
2 www.google-analytics.com www.googletagmanager.com
api.swiss-flightpass.cloud
2 api.tiles.mapbox.com api.swiss-flightpass.cloud
2 cdn.jsdelivr.net api.swiss-flightpass.cloud
1 www.googletagmanager.com api.swiss-flightpass.cloud
23 8

This site contains no links.

Subject Issuer Validity Valid
swiss-flightpass.cloud
Let's Encrypt Authority X3
2019-10-11 -
2020-01-09
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year crt.sh
api.mapbox.com
DigiCert SHA2 Extended Validation Server CA
2019-03-19 -
2020-04-22
a year crt.sh
*.zdassets.com
Sectigo RSA Domain Validation Secure Server CA
2019-06-25 -
2021-05-31
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2019-09-17 -
2019-12-10
3 months crt.sh
*.zendesk.com
Sectigo RSA Organization Validation Secure Server CA
2019-06-18 -
2021-06-17
2 years crt.sh

This page contains 2 frames:

Primary Page: https://api.swiss-flightpass.cloud/
Frame ID: F0D663778CEA7B2ECED32B780D6381EE
Requests: 17 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/runtime.483bd48a747fe40486dc.js
Frame ID: 8834CE9836D1015F2920321D4D131D2D
Requests: 7 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • headers server /Phusion Passenger ([\d.]+)/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

23
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

1411 kB
Transfer

5218 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
api.swiss-flightpass.cloud/
4 KB
2 KB
Document
General
Full URL
https://api.swiss-flightpass.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.109.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-109-20.eu-central-1.compute.amazonaws.com
Software
nginx + Phusion Passenger 5.3.7 / Phusion Passenger 5.3.7 cloud66
Resource Hash
bd85dab375d94fdcd109d20d5288351eb94ced822d3ad699c3cbfe7bf119b33e
Security Headers
Name Value
Strict-Transport-Security max-age=864000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
api.swiss-flightpass.cloud
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200 200 OK
date
Fri, 11 Oct 2019 09:13:52 GMT
content-type
text/html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
vary
Accept-Encoding, Origin
content-encoding
gzip
strict-transport-security
max-age=864000; includeSubDomains
x-xss-protection
1; mode=block
x-request-id
a69f8356-96ae-4050-8f17-5684e766877e
etag
W/"a73ec0443e119c8ab8b6c69da37db9e4"
x-frame-options
DENY
x-runtime
0.005592
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 5.3.7 cloud66
server
nginx + Phusion Passenger 5.3.7
chsans-regular-06c5994d.woff2
api.swiss-flightpass.cloud/packs/media/fonts/
33 KB
33 KB
Font
General
Full URL
https://api.swiss-flightpass.cloud/packs/media/fonts/chsans-regular-06c5994d.woff2
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.109.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-109-20.eu-central-1.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
9ec110e11002147977ce0e2845ec2cd7df16efca2e5cf2c42e32cc40bff1d8bf

Request headers

Sec-Fetch-Mode
cors
Referer
https://api.swiss-flightpass.cloud/
Origin
https://api.swiss-flightpass.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:52 GMT
last-modified
Fri, 11 Oct 2019 09:04:38 GMT
server
nginx
x-powered-by
cloud66
etag
"5da045a6-824c"
content-type
application/octet-stream
status
200
accept-ranges
bytes
content-length
33356
chsans-bold-90039fbc.woff2
api.swiss-flightpass.cloud/packs/media/fonts/
32 KB
32 KB
Font
General
Full URL
https://api.swiss-flightpass.cloud/packs/media/fonts/chsans-bold-90039fbc.woff2
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.109.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-109-20.eu-central-1.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
e5a16aba73cfa7188da97519cf0bc85bc539c41e32a51bf42fbc45e1b082deba

Request headers

Sec-Fetch-Mode
cors
Referer
https://api.swiss-flightpass.cloud/
Origin
https://api.swiss-flightpass.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:52 GMT
last-modified
Fri, 11 Oct 2019 09:04:38 GMT
server
nginx
x-powered-by
cloud66
etag
"5da045a6-8010"
content-type
application/octet-stream
status
200
accept-ranges
bytes
content-length
32784
application-67b12b5c.css
api.swiss-flightpass.cloud/packs/css/
432 KB
92 KB
Stylesheet
General
Full URL
https://api.swiss-flightpass.cloud/packs/css/application-67b12b5c.css
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.109.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-109-20.eu-central-1.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
124220f46e3f237a21be92ac6529b1967cd461d2802873cce0b1a15c0e3427dc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Oct 2019 09:04:38 GMT
server
nginx
x-powered-by
cloud66
etag
W/"5da045a6-6c1e5"
content-type
text/css
status
200
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/
5 KB
1 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
content-length
1299
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
x-served-by
cache-ams21050-AMS, cache-fra19142-FRA
date
Fri, 11 Oct 2019 09:13:52 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
application-7cd05906d529fbc9e599.js
api.swiss-flightpass.cloud/packs/js/
2 MB
563 KB
Script
General
Full URL
https://api.swiss-flightpass.cloud/packs/js/application-7cd05906d529fbc9e599.js
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.109.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-109-20.eu-central-1.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
3d4fa499b7a4fbc2e406032ba22fd3b90aa2355a3312252ffc7180c16dc075b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Oct 2019 09:04:38 GMT
server
nginx
x-powered-by
cloud66
etag
W/"5da045a6-1d4f66"
content-type
application/javascript
status
200
mapbox-gl.css
api.tiles.mapbox.com/mapbox-gl-js/v1.3.1/
32 KB
8 KB
Stylesheet
General
Full URL
https://api.tiles.mapbox.com/mapbox-gl-js/v1.3.1/mapbox-gl.css
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.100.43 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-100-43.fra50.r.cloudfront.net
Software
/ Express
Resource Hash
b767d871a9715e427ef81d98c0670ce4a62b17c16ef6f09c3baf4b235e90e58d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 08:04:44 GMT
Content-Encoding
gzip
Age
3114548
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu Sep 05 2019 07:36:12 GMT+0000 (UTC)
ETag
"93324584606cdac8adf4396bf3c8f9af"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
JxM9M1HsQBppfTHAqXRhMlpstfRGY6g4jtYtIS7DzOSKstWOODCZnw==
mapbox-gl.js
api.tiles.mapbox.com/mapbox-gl-js/v1.1.1/
674 KB
172 KB
Script
General
Full URL
https://api.tiles.mapbox.com/mapbox-gl-js/v1.1.1/mapbox-gl.js
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.100.43 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-100-43.fra50.r.cloudfront.net
Software
/ Express
Resource Hash
4787ebfcbc8162ffe3c1f95b4334dfeadca24aab11a9ebcc8ab8fc0cad8e5f6a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 17 Jul 2019 00:19:02 GMT
Content-Encoding
gzip
Age
7462490
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Tue Jul 16 2019 23:32:18 GMT+0000 (UTC)
ETag
"f0ff1e2bd435374ae886b229a1c1335e"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
FlS7fSwtUlnXsgFdWyZx47VZLtszU1W-qyo3mNt7ONkg96s2oILH2Q==
snippet.js
static.zdassets.com/ekr/
1 KB
1 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=58dffe8a-5a13-416e-a67d-f1fd37271ee1
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.71.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
49f391048a7edf0fb7d9281eeb5ac5c9674483d771f3c40f253cc641f9f02848
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
43
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
024E30F57F20B574
x-amz-id-2
VY8U3FYQZeCTmX31Bcylgcx3d4KFQZLOQ+oTALh0cDShKEt+H9rPNq2gKXEOc7S9NZwy7cV9+V0=
last-modified
Tue, 16 Jul 2019 03:35:49 GMT
server
cloudflare
etag
W/"109a6cef5f04abd7d0e11b7dc96fd141"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
8vJrvDuWVJ60Mw9Fmzf3TOb1ULnbUBMc
cf-ray
523fb87708e7c775-AMS
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/
20 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
content-length
6756
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
x-served-by
cache-ams21044-AMS, cache-fra19142-FRA
date
Fri, 11 Oct 2019 09:13:52 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/
52 KB
20 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52QXTJN
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d65e157d6fd97813f167ebe5092cee51e4918480ba7b5ceee300499a7b5bb66
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19982
x-xss-protection
0
expires
Fri, 11 Oct 2019 09:13:52 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52QXTJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2552
date
Fri, 11 Oct 2019 08:31:20 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 11 Oct 2019 10:31:20 GMT
collect
www.google-analytics.com/r/
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=540810164&t=pageview&_s=1&dl=https%3A%2F%2Fapi.swiss-flightpass.cloud%2F&ul=en-us&de=UTF-8&dt=Reveneo%20-%20Staging&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=521012266&gjid=199777386&cid=1581168339.1570785232&tid=UA-64036059-21&_gid=606770949.1570785232&_r=1&gtm=2wga2152QXTJN&z=2135415375
Requested by
Host: api.swiss-flightpass.cloud
URL: https://api.swiss-flightpass.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 09:13:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/webp
asset_composer.5e12e43b022a913c3713.js
static.zdassets.com/ekr/
23 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/ekr/asset_composer.5e12e43b022a913c3713.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=58dffe8a-5a13-416e-a67d-f1fd37271ee1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.71.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a15eca81c1a68174038b45b4dbf795db8e9d3cee6a7d6ca20ebb13bc3201910
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1305842
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
B1F8F77235BA6642
x-amz-id-2
4IWdmyud0F3V6d4IyG8boBNA4KYouczySup/zHO/tP7wPm40dT1JqjIIL5n871kb6Ew06rhDdCo=
last-modified
Tue, 16 Jul 2019 03:35:49 GMT
server
cloudflare
etag
W/"e0faaf978ea12de901c220715ae504fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-version-id
HUBuxZJjcFYs2VVzJD_9jvHEFFdXa0qB
cf-ray
523fb8782c3ac775-AMS
58dffe8a-5a13-416e-a67d-f1fd37271ee1
ekr.zdassets.com/compose/
239 B
709 B
XHR
General
Full URL
https://ekr.zdassets.com/compose/58dffe8a-5a13-416e-a67d-f1fd37271ee1
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.5e12e43b022a913c3713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.71.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e26f2171c305466c1b6d83b6bf855ff547746f0594c487fe9811ebf68303f8f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:53 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
status
200, 200 OK
strict-transport-security
max-age=0
x-request-id
f0456db2-1264-44e2-b401-61eb14495e4b
x-runtime
0.009013
server
cloudflare
etag
W/"9e26f2171c305466c1b6d83b6bf855ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=600, s-maxage=60
cf-ray
523fb8789b5b9bfd-AMS
1b1b442913c96cfef6c758a6ea9214ee81361a70
ekr.zdassets.com/compose_product/web_widget/
339 B
422 B
XHR
General
Full URL
https://ekr.zdassets.com/compose_product/web_widget/1b1b442913c96cfef6c758a6ea9214ee81361a70?features[]=ticket_submission&use_json=true
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.5e12e43b022a913c3713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.71.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e34ce66db670dfcb9a1c8391b5ae9a69135f1adf1f42d030a4bbef789d4e57fe
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
cors
Referer
https://api.swiss-flightpass.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:54 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
status
200, 200 OK
strict-transport-security
max-age=0
x-request-id
c155ca0b-f697-4529-8cec-9ab61c6c49e3
x-runtime
0.004323
server
cloudflare
etag
W/"e34ce66db670dfcb9a1c8391b5ae9a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=31536000
cf-ray
523fb87d28339bfd-AMS
runtime.483bd48a747fe40486dc.js
static.zdassets.com/web_widget/latest/ Frame 8834
2 KB
1 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/runtime.483bd48a747fe40486dc.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.5e12e43b022a913c3713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.71.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
66e48c027e53775bde32b39e59f04be1afe38001208679569ca2b7772678700f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:54 GMT
content-encoding
br
cf-cache-status
HIT
age
204795
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
94D23CFCF09E612B
x-amz-id-2
LxByFF9XsEaW4whBFH5/BOrrUwTKpSwDk4bPlDP2MMBu1qrU9nCJT5n1hsOm8CjQQHJe6F8OJGc=
last-modified
Wed, 09 Oct 2019 00:07:11 GMT
server
cloudflare
etag
W/"e439d120346a5897426826f97bc3f38f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Gz2xBohNGF1sIDcKlv7ojrcvNa10Kr58
cf-ray
523fb8817d0cc775-AMS
expires
Thu, 08 Oct 2020 00:07:10 GMT
common_vendor.0ef4dce3e47ae0dc91d4.js
static.zdassets.com/web_widget/latest/ Frame 8834
235 KB
71 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/common_vendor.0ef4dce3e47ae0dc91d4.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.5e12e43b022a913c3713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.71.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
746e12ab1760bf7795ba0d11bb00be7f0dea2e9d15dee22d0e1774cc91afceda
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:54 GMT
content-encoding
br
cf-cache-status
HIT
age
109416
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
A116E3EC235DC20A
x-amz-id-2
YiCuEYg766u083Lbc2kL27amK6OmvS06Ao+PMtP9fmFdIqDVvz9XoWtdMcIyvHBvwA1CXQ5iUCc=
last-modified
Thu, 10 Oct 2019 00:02:56 GMT
server
cloudflare
etag
W/"610e4f40d630b3ff63f0c06dd8ad343f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
sua1RUtO4WhjBKacx1_ZIi2aYSyNa32f
cf-ray
523fb8817d0ec775-AMS
expires
Fri, 09 Oct 2020 00:02:55 GMT
web_widget.e64b38f954d888db38fd.js
static.zdassets.com/web_widget/latest/ Frame 8834
2 MB
377 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web_widget.e64b38f954d888db38fd.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.5e12e43b022a913c3713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.71.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d197e37163fcba377f5016fb3a60042380f88e2f3bd9e5273f52ca3cc96a349a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:54 GMT
content-encoding
br
cf-cache-status
HIT
age
31
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
4968D68D8F929AAA
x-amz-id-2
o4blter5Ia976WH0do6aBc8Rm40V6iU1nmUJQa5zKHSpxZ7xt+qDOq6TWaN7XcQ/UOe7shoHKuE=
last-modified
Thu, 10 Oct 2019 03:48:46 GMT
server
cloudflare
etag
W/"8a60db0423827b97c2a084806879bbaf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
ewCYtdEaHYrvQn594eApeuczXEHHCFyC
cf-ray
523fb8817d10c775-AMS
expires
Fri, 09 Oct 2020 03:48:45 GMT
config
swiss-flightpass.zendesk.com/embeddable/ Frame 8834
377 B
875 B
XHR
General
Full URL
https://swiss-flightpass.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/common_vendor.0ef4dce3e47ae0dc91d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.172.126.223 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-172-126-223.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fab3dc725bd5de19990fb49202a1e301070f30535a183bfb606aa61148e40ab8
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 09:13:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
X-Zendesk-Origin-Server
embeddable-app-server-66db697b9d-952bt
Connection
keep-alive
Vary
Origin
X-Request-Id
2d10cb46019bc54e3e471b15221b6298
X-Runtime
0.001586
Server
nginx
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
embeddable_blip
swiss-flightpass.zendesk.com/ Frame 8834
0
259 B
XHR
General
Full URL
https://swiss-flightpass.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29udGFjdEZvcm0iOnsiYXR0YWNobWVudHMiOmZhbHNlfSwiekluZGV4Ijo0NX19LCJidWlkIjoiOWUzZTYwZDhiOTBlYzI5ZWM5NmRiMTY3ZTJjZDgwMGIiLCJzdWlkIjoiMmI3MTliM2QxZDhiMmU5OTQ3MzE0MGQyNGYwMTYwZmMiLCJ2ZXJzaW9uIjoiMWIxYjQ0MjkxIiwidGltZXN0YW1wIjoiMjAxOS0xMC0xMVQwOToxMzo1NS4xMDdaIiwidXJsIjoiaHR0cHM6Ly9hcGkuc3dpc3MtZmxpZ2h0cGFzcy5jbG91ZC8ifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/common_vendor.0ef4dce3e47ae0dc91d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.172.126.223 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-172-126-223.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://api.swiss-flightpass.cloud
Date
Fri, 11 Oct 2019 09:13:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream, text/html; charset=utf-8
en-gb.d634a3a0c5551c18464b.js
static.zdassets.com/web_widget/latest/locales/ Frame 8834
22 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-gb.d634a3a0c5551c18464b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.e64b38f954d888db38fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.71.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13248a27e8bd72a4be51a3bb463232ba68fbcd177aa2fb92990c2a49dcf8f587
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:13:55 GMT
content-encoding
br
cf-cache-status
HIT
age
376680
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
F5270C1D2C51447C
x-amz-id-2
BaXcDiSI43Ha5NvKiX9htFddEXBHWJPMSw64XcWJ3Wmvp+F5vPc2BylX1VdJ1Y8tPy1+5tOlfJE=
last-modified
Fri, 04 Oct 2019 06:20:52 GMT
server
cloudflare
etag
W/"d634a3a0c5551c18464b15928a624ebf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
ckSZXE..6k1IGTIGbHPv8s6CQniEwXOH
cf-ray
523fb8877df3c775-AMS
expires
Sat, 03 Oct 2020 06:20:51 GMT
embeddable_blip
swiss-flightpass.zendesk.com/ Frame 8834
0
259 B
XHR
General
Full URL
https://swiss-flightpass.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vYXBpLnN3aXNzLWZsaWdodHBhc3MuY2xvdWQvIiwidGltZSI6ODIwLCJsb2FkVGltZSI6MzIuNDI0OTk5NDAwOTczMzIsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJSZXZlbmVvIC0gU3RhZ2luZyIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjA1MDRhYWU1MGY3NDFmYTk2YTUyY2U5MzM3NDgxYWRhIiwic3VpZCI6IjczODZlZDkwZDJmMDYxZWM0ZDg3NjcwMjdiNjkwYmM3IiwidmVyc2lvbiI6IjFiMWI0NDI5MSIsInRpbWVzdGFtcCI6IjIwMTktMTAtMTFUMDk6MTM6NTUuMjMzWiIsInVybCI6Imh0dHBzOi8vYXBpLnN3aXNzLWZsaWdodHBhc3MuY2xvdWQvIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/common_vendor.0ef4dce3e47ae0dc91d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.172.126.223 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-172-126-223.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://api.swiss-flightpass.cloud
Date
Fri, 11 Oct 2019 09:13:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream, text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate object| regeneratorRuntime object| mapboxgl object| zESettings function| zE function| zEmbed object| cookieconsent object| zEWebpackACJsonp boolean| zEACLoaded function| $zopim

3 Cookies

Domain/Path Name / Value
.swiss-flightpass.cloud/ Name: _gat_UA-64036059-21
Value: 1
.swiss-flightpass.cloud/ Name: _gid
Value: GA1.2.606770949.1570785232
.swiss-flightpass.cloud/ Name: _ga
Value: GA1.2.1581168339.1570785232

1 Console Messages

Source Level URL
Text
console-api info URL: https://static.zdassets.com/web_widget/latest/common_vendor.0ef4dce3e47ae0dc91d4.js(Line 1)
Message:
Our embeddable contains third-party, open source software and/or libraries. To view them and their license terms, go to http://goto.zendesk.com/embeddable-legal-notices

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=864000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.swiss-flightpass.cloud
api.tiles.mapbox.com
cdn.jsdelivr.net
ekr.zdassets.com
static.zdassets.com
swiss-flightpass.zendesk.com
www.google-analytics.com
www.googletagmanager.com
104.18.71.113
143.204.100.43
2a00:1450:4001:81a::2008
2a00:1450:4001:825::200e
2a04:4e42:3::621
3.123.109.20
54.172.126.223
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0d65e157d6fd97813f167ebe5092cee51e4918480ba7b5ceee300499a7b5bb66
124220f46e3f237a21be92ac6529b1967cd461d2802873cce0b1a15c0e3427dc
13248a27e8bd72a4be51a3bb463232ba68fbcd177aa2fb92990c2a49dcf8f587
3a15eca81c1a68174038b45b4dbf795db8e9d3cee6a7d6ca20ebb13bc3201910
3d4fa499b7a4fbc2e406032ba22fd3b90aa2355a3312252ffc7180c16dc075b4
4787ebfcbc8162ffe3c1f95b4334dfeadca24aab11a9ebcc8ab8fc0cad8e5f6a
49f391048a7edf0fb7d9281eeb5ac5c9674483d771f3c40f253cc641f9f02848
66e48c027e53775bde32b39e59f04be1afe38001208679569ca2b7772678700f
746e12ab1760bf7795ba0d11bb00be7f0dea2e9d15dee22d0e1774cc91afceda
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9e26f2171c305466c1b6d83b6bf855ff547746f0594c487fe9811ebf68303f8f
9ec110e11002147977ce0e2845ec2cd7df16efca2e5cf2c42e32cc40bff1d8bf
b767d871a9715e427ef81d98c0670ce4a62b17c16ef6f09c3baf4b235e90e58d
bd85dab375d94fdcd109d20d5288351eb94ced822d3ad699c3cbfe7bf119b33e
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d197e37163fcba377f5016fb3a60042380f88e2f3bd9e5273f52ca3cc96a349a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e34ce66db670dfcb9a1c8391b5ae9a69135f1adf1f42d030a4bbef789d4e57fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e5a16aba73cfa7188da97519cf0bc85bc539c41e32a51bf42fbc45e1b082deba
fab3dc725bd5de19990fb49202a1e301070f30535a183bfb606aa61148e40ab8