gfa-sbx.resertravel.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gfa-sbx.resertravel.com/
Submission: On June 06 via api (June 6th 2024, 4:05:42 am UTC) from US — Scanned from NL

Summary HTTP 47 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 16 domains to perform 47 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is gfa-sbx.resertravel.com.
TLS certificate: Issued by GTS CA 1P5 on June 5th 2024. Valid for: 3 months.

This is the only time gfa-sbx.resertravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.230.228.22 54.230.228.22	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	35.81.31.24 35.81.31.24	16509 (AMAZON-02) (AMAZON-02)
1	54.148.115.137 54.148.115.137	16509 (AMAZON-02) (AMAZON-02)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2606:4700:20:... 2606:4700:20::681a:4df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:4... 2600:1901:0:498c::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1f18:f8a... 2600:1f18:f8a:b701:949e:2876:e674:389c	14618 (AMAZON-AES) (AMAZON-AES)
1	147.12.18.106 147.12.18.106	200596 (ADYEN) (ADYEN)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	54.230.228.121 54.230.228.121	16509 (AMAZON-02) (AMAZON-02)
5	54.92.193.158 54.92.193.158	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:f8a... 2600:1f18:f8a:b700:87a1:a044:c788:da96	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.241.51 35.186.241.51	() ()
47	20

14 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

gfa-sbx.resertravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
reservamossaas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-22.muc50.r.cloudfront.net

cdn.conekta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.115.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-115-137.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

one-api-gfa-sbx.resertravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.siftscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:4df (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.reservamos.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o25518.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

api-growthbook.reservamos.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:f8a:b701:949e:2876:e674:389c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

beacon.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.12.18.106 (Netherlands)

ASN200596 (ADYEN, NL)
PTR: 930C126A.adyen.com

checkoutshopper-test.adyen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.228.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-121.muc50.r.cloudfront.net

js.openpay.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.92.193.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-193-158.compute-1.amazonaws.com

img.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:f8a:b700:87a1:a044:c788:da96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

c.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.241.51 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	resertravel.com gfa-sbx.resertravel.com one-api-gfa-sbx.resertravel.com	4 MB
8	riskified.com beacon.riskified.com — Cisco Umbrella Rank: 8301 img.riskified.com — Cisco Umbrella Rank: 6469 c.riskified.com — Cisco Umbrella Rank: 5640	16 KB
5	reservamos.mx widgets.reservamos.mx — Cisco Umbrella Rank: 497817	111 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	6 KB
3	reservamossaas.com reservamossaas.com — Cisco Umbrella Rank: 739264	50 KB
2	openpay.mx js.openpay.mx — Cisco Umbrella Rank: 245599	33 KB
2	gstatic.com fonts.gstatic.com	72 KB
2	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 8839	488 B
1	mixpanel.com api-js.mixpanel.com	388 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	71 KB
1	adyen.com checkoutshopper-test.adyen.com — Cisco Umbrella Rank: 168859
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 5696	19 KB
1	reservamos.tech api-growthbook.reservamos.tech — Cisco Umbrella Rank: 592800	2 KB
1	sentry.io o25518.ingest.sentry.io — Cisco Umbrella Rank: 602193	309 B
1	siftscience.com cdn.siftscience.com — Cisco Umbrella Rank: 11868	21 KB
1	conekta.io cdn.conekta.io — Cisco Umbrella Rank: 217635	104 KB
47	16

	Domain	Requested by
11	gfa-sbx.resertravel.com	gfa-sbx.resertravel.com
5	img.riskified.com
5	widgets.reservamos.mx	gfa-sbx.resertravel.com widgets.reservamos.mx
5	fonts.googleapis.com	gfa-sbx.resertravel.com
3	reservamossaas.com	gfa-sbx.resertravel.com
2	c.riskified.com	gfa-sbx.resertravel.com
2	js.openpay.mx	gfa-sbx.resertravel.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ssl.kaptcha.com	cdn.conekta.io gfa-sbx.resertravel.com
1	api-js.mixpanel.com	gfa-sbx.resertravel.com
1	www.googletagmanager.com	gfa-sbx.resertravel.com
1	checkoutshopper-test.adyen.com	gfa-sbx.resertravel.com
1	beacon.riskified.com	gfa-sbx.resertravel.com
1	cdn.mxpnl.com	gfa-sbx.resertravel.com
1	api-growthbook.reservamos.tech	gfa-sbx.resertravel.com
1	o25518.ingest.sentry.io	gfa-sbx.resertravel.com
1	cdn.siftscience.com	gfa-sbx.resertravel.com
1	one-api-gfa-sbx.resertravel.com	gfa-sbx.resertravel.com
1	cdn.conekta.io	gfa-sbx.resertravel.com
47	19

This site contains links to these domains. Also see Links.

Domain
frontline-gfa-sbx.resertravel.com

Subject Issuer	Validity	Valid
gfa-sbx.resertravel.com GTS CA 1P5	`2024-06-05` - `2024-09-03`	3 months	crt.sh
conekta.io Amazon RSA 2048 M02	`2023-07-10` - `2024-08-07`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
ssl.kaptcha.com Sectigo RSA Organization Validation Secure Server CA	`2023-08-16` - `2024-08-15`	a year	crt.sh
one-api-gfa-sbx.resertravel.com GTS CA 1P5	`2024-06-05` - `2024-09-03`	3 months	crt.sh
*.siftscience.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-05` - `2025-01-19`	a year	crt.sh
reservamos.mx GTS CA 1P5	`2024-04-16` - `2024-07-15`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
reservamos.tech E1	`2024-04-22` - `2024-07-21`	3 months	crt.sh
reservamossaas.com GTS CA 1P5	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
*.riskified.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-01`	a year	crt.sh
*.adyen.com GeoTrust TLS RSA CA G1	`2024-01-11` - `2025-02-08`	a year	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.openpay.mx Amazon RSA 2048 M03	`2023-10-20` - `2024-11-16`	a year	crt.sh
img.riskified.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-06` - `2025-05-15`	a year	crt.sh
*.mixpanel.com GeoTrust TLS RSA CA G1	`2024-02-08` - `2025-03-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://gfa-sbx.resertravel.com/
Frame ID: 2F6C1DFF4005B014C73A7BD31013DAA4
Requests: 47 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=205000&s=rcd8dy3yrl6zktk0n8ehzmg9oax5iosu
Frame ID: 7D3B3A37AD31A6269626826B7AA44290
Requests: 1 HTTP requests in this frame

Frame: https://checkoutshopper-test.adyen.com/checkoutshopper/assets/html/test_YXRKAP7VKNE3TNXMFEKLGOMAIESWJM2E/dfp.1.0.0.html
Frame ID: 9880443B650B0DE5634D893950FB3D76
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Las mejores opciones para tus viajes

Detected technologies

Riskified (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<[^>]*beacon\.riskified\.com

Conekta (Payment processors) Expand

Overall confidence: 100%
Detected patterns

cdn\.conekta\.\w+/js/(?:v([\d.]+)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Page Statistics

47
Requests

100 %
HTTPS

42 %
IPv6

16
Domains

19
Subdomains

20
IPs

3
Countries

4864 kB
Transfer

12858 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://frontline-gfa-sbx.resertravel.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
gfa-sbx.resertravel.com/ 55 KB
27 KB 202ms
164ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa-sbx.resertravel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a11d24b998d25a164286e32aced295901f626d85be784b8c95990f51a0ecc734

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 88f58648db0e8f3d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 06 Jun 2024 04:05:31 GMT
last-modified: Thu, 06 Jun 2024 01:42:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YhFxmnniB7BeXrZIxYF3DrGC9ktcCSYl%2BB2vz%2Fscvh5M29CvR2yQJip2s2oU0J0k39QFqtTmtIMsQGDeTZ%2Blw%2B9W2b0SMVKjo9ffhd4jEH3miXV3zTU5Dby5t9bz08fKc08LRgKuJrmnoA%3D%3D"}],"group":"cf-nel","max_age":604800}
rndr-id: 9a267601-76f4-4fe6
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express
x-render-origin-server: Render

GET
H2 200 conekta.js Show response
cdn.conekta.io/js/latest/ 104 KB
104 KB 98ms
30ms Script
application/javascript 54.230.228.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conekta.io/js/latest/conekta.js
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-22.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9ab115372791fd65190bb554dda1e4272e3ec3c57f89ab3b87a636b7ee199c5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KYn2dYXEuCnaPMl3W5qcoy9QCoMx7yla
date: Thu, 06 Jun 2024 02:15:47 GMT
via: 1.1 c2741d5ee2beeb4c9f22fb24f76708b6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Oct 2021 01:10:56 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
age: 9191
etag: "85c75e701b71cfb0ae2e487c1d71d6c5"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 106070
x-amz-cf-id: l_6NizTWyEsQwcYwupUEoGmJ0ySZNO-Q7Hl8WjuPAuWm73bAQ8q6oQ==

GET
H3 200 framework.461ea31f.js Show response
gfa-sbx.resertravel.com/ 270 KB
83 KB 158ms
157ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa-sbx.resertravel.com/framework.461ea31f.js
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cf922685323d434680a78b9f634be3cd3278434c0f9e012466f7f4e848ec322c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:31 GMT
content-encoding: gzip
x-render-origin-server: Render
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
rndr-id: fde48b1e-5239-403f
x-powered-by: Express
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jun 2024 01:42:07 GMT
server: cloudflare
etag: W/"43691-18feb35dd98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7l1YO0dSpp2L7hwtled%2BQotieogNlmECKrs7oAO30UmClq2FS%2B1ocL2biho9uIHJnKr%2Byr0Fj62hIRjlH%2FmcuEJFR4m%2F5jtatKWCeXua90WfSLR5XDSCgjzn4hrJudVTk%2FeYuAUnuhAbnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88f58649ec638f3d-FRA

GET
H3 200 main.461ea31f.js Show response
gfa-sbx.resertravel.com/ 8 MB
3 MB 200ms
200ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa-sbx.resertravel.com/main.461ea31f.js
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 138be64b1e5768b3e3eee2fef8abd105a6c2920e3eb7414fb004a01e78efd5a0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:32 GMT
content-encoding: gzip
x-render-origin-server: Render
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
rndr-id: 81db4e92-576e-4a8c
x-powered-by: Express
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jun 2024 01:42:07 GMT
server: cloudflare
etag: W/"7e8858-18feb35dd98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJJGxOYonALfZKC4dUSzjWMs2sqPQfpW2wb7goSpi7dl8yaEpMFepfOKsz0LITkl%2BgdL6lwFapY45m8mGydmrWvUpUf%2F9Lo6ISes2wJjXSRsFTydFa2E7PwkSnSe9QYkaF3%2BG67MBMOCzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88f5864a6cc18f3d-FRA

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 74ms
28ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4057a0dd932d74677ea79d1f3cbee9d007f4fd2a16ac42160186fb2243e0585c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jun 2024 04:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 03:15:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jun 2024 04:05:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 76ms
30ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700&display=swap

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a2ce6692ee59f886c869b72ef22c9a438ee3de1c9cb84df74961f78e8969ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jun 2024 04:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 04:05:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jun 2024 04:05:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
827 B 76ms
31ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3273996622afec9de3fde1cdde7686ad7e8a0c67b0073df16e84c8e099d6d898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jun 2024 04:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 03:23:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jun 2024 04:05:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
686 B 79ms
33ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,600,700

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afed715b5742c5b586b26e0ff1b4e58b84ade9ff3cd5b5ba0590a7d67e258dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jun 2024 04:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 04:05:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jun 2024 04:05:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
727 B 74ms
28ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,600,700&display=swap

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7aa0d6652e235dc98cb1f194658c54d7b4c0f19049e0798d850441e0f5150131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jun 2024 04:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 04:01:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jun 2024 04:05:31 GMT

GET
H3 200 main-238ccde6e6fe8915e2d9.c703d49c.css
gfa-sbx.resertravel.com/ 3 MB
1 MB 170ms
170ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa-sbx.resertravel.com/main-238ccde6e6fe8915e2d9.c703d49c.css
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ba6510c1725f3467096846bfff548d438945da7c4475099a28243fc8ddd1bf18

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:31 GMT
content-encoding: gzip
x-render-origin-server: Render
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
rndr-id: c40557fb-ab99-4354
x-powered-by: Express
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jun 2024 01:42:09 GMT
server: cloudflare
etag: W/"2f9fff-18feb35e568"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9kJWfQPGIkelD4NJh6HGOb%2BOnDb92BpUw%2FveHZYvG9a0hKF8XhnsHAnU0P6phMTAD4l2Jn69cfdj2hq1zpz5QCHMUaRe0B7IF2iW2YodD54BjiDj%2F8gkKe1djxm2WJUOJhH3S0LCCtmBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88f58649fc6f8f3d-FRA

GET
H/1.1 200
OK logo.htm
ssl.kaptcha.com/ Frame 7D3B 0
0 468ms
158ms Document
text/html 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=205000&s=rcd8dy3yrl6zktk0n8ehzmg9oax5iosu
Requested by: Host: cdn.conekta.io
URL: https://cdn.conekta.io/js/latest/conekta.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://gfa-sbx.resertravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Date: Thu, 06 Jun 2024 04:05:32 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Correlation-Id: a0325d44-cdbf-4294-a30a-e78a25ca5d19

GET
H/1.1 200
OK logo.gif
ssl.kaptcha.com/ 35 B
488 B 573ms
180ms Image
image/gif 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.kaptcha.com/logo.gif?m=205000&s=rcd8dy3yrl6zktk0n8ehzmg9oax5iosu
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 06 Jun 2024 04:05:32 GMT
X-Correlation-Id: e0162eb0-e5dd-4b45-bdda-95445b859328
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Length: 35
Expires: 0

GET
H3 200 config Show response
one-api-gfa-sbx.resertravel.com/api/v2/ 14 KB
6 KB 650ms
595ms Fetch
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-api-gfa-sbx.resertravel.com/api/v2/config

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff24c312d42c8e9ec5b34cc55b102f6cc91a58f97b43fcc21968c10df9f3daeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
rndr-id: 19f3ee36-bcc3-427c
x-render-origin-server: Render
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 15651a56-c226-4c48-94e6-a9be99b5bd3d
pragma: no-cache
x-runtime: 0.419921
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ff24c312d42c8e9ec5b34cc55b102f6c"
x-download-options: noopen
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gfa-sbx.resertravel.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inRoEPmLUGqR61xlfnOR4qrCKzzWTG0CSL5d4n6ubtmdtl%2FzYw3RaKAZxpmfwFgKCw9m%2BcF%2FtTiojnWX%2ByTyfAg966bo33d1QhWHyOs2Jx3R7dDuhruzh1SGXS6IQgN65NY8Fn8dIfqCtOWJwsFj3eYG"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: no-store
access-control-allow-credentials: true
access-control-max-age: 7200
cf-ray: 88f586504dbe90dd-FRA
x-frame-options: SAMEORIGIN
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s.js Show response
cdn.siftscience.com/ 62 KB
21 KB 119ms
32ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.siftscience.com/s.js

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

224.67.96.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

10ec464febb7b92ed105d94da994f32989ff1d0795c0013460b5e2a7769934f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 20:12:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 374012
x-guploader-uploadid: ABPtcPpK1jwrWiDJOEAh33yZDrowm6GbtLZ7ZuK8rUHl6Gu56NhyYqKpmGfe6CKZevFf2jlNALo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20557
last-modified: Mon, 18 Mar 2024 08:23:03 GMT
server: UploadServer
etag: "489c51cfaaabb9e46cdcd9805f9cb5e7"
x-goog-generation: 1710750183024543
x-goog-hash: crc32c=asYZeQ==, md5=SJxRz6qrueRs3NmAX5y15w==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 20557
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 01 Jun 2025 20:12:01 GMT

GET
H3 200 favicon.ico
gfa-sbx.resertravel.com/ 55 KB
27 KB 157ms
156ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa-sbx.resertravel.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a11d24b998d25a164286e32aced295901f626d85be784b8c95990f51a0ecc734

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:33 GMT
x-render-origin-server: Render
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2024 01:42:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
rndr-id: bf8a1b24-e390-4e10
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRlWiLRtdTLHqXv0KE5PSp%2FhACeH9cOxxvO%2FLfYXnKtDchPJThXkGdFW3LpX58%2FZvoFOlTE0IjMV1LlALmoIfzc89S5IPMZ4Za1U40iapD22ws%2BReKMf26ZA1qjQGrk3fJPtXZZ25%2B189w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88f586518ba08f3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 search.js Show response
widgets.reservamos.mx/search/5.6.0/ 325 KB
91 KB 748ms
691ms Script
application/javascript 2606:4700:20::681a:4df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.reservamos.mx/search/5.6.0/search.js
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e9b86bee33b049cfe24d16f89c97caff3d4cc0f0087a2415f4232704e850176

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 29 Jan 2024 16:18:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: T87YC6X0970XGC7Z
etag: W/"12b178441c276a0f474735ab2dee8b3b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3Ter8jkfZySPnpfWyID%2FAroo6BM8fkrm1Do1U%2BfPow6ZzC3V2%2BXB%2Fr5z9u%2FHpSTKDLQHHzyCoYUR7TQaPpGD56vGeUB1rlyrtls7toPyEnU3EnatcPgAx4VTuRqb9SDQd8PURylozwQUbaLTJmurkfUZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88f586546b499176-FRA
x-amz-id-2: XX7gMadpBnSrx34mtrsnpjbQ0YgjjfNP3kYQMWR0wItwq27SbT6gfvquhPKLosB+GuIW38zPWUw=

POST
H2 200 / Show response
o25518.ingest.sentry.io/api/4505518336507904/envelope/ 2 B
309 B 67ms
20ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o25518.ingest.sentry.io/api/4505518336507904/envelope/?sentry_key=7cd49be24aad42f689f14883ca288ffd&sentry_version=7&sentry_client=sentry.javascript.react%2F7.93.0

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 06 Jun 2024 04:05:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 sand_WhtX7j8N9cERKizi71PPG47Ms6lt5HyZ8k0prNWs Show response
api-growthbook.reservamos.tech/api/features/ 5 KB
2 KB 774ms
698ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-growthbook.reservamos.tech/api/features/sand_WhtX7j8N9cERKizi71PPG47Ms6lt5HyZ8k0prNWs?project=prj_405gzo1olcq7ggve
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9b78cbf19068e0e5ace258dd4402bddce4c29e5cc642f7a9fb19a7453fb564da

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1323-3cP4XzhXejHsox5OS64T5nDRZdw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JZJY8ryVOKhD5o58Iec%2FZTvJXLh8%2FM2MJLMJA65%2FWPOFoGWhyQD7DnY2dl8IBokVFOQOMv7PW9A8wYE1Y6bCVkPVIi1keFDfb5NTg%2FjqZonv8Or4as%2Bw4%2FAZLB2nSPJi0222lH1ryPkwQaZZsFJo6xUpZeMiBrwyDO7eNAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
cf-ray: 88f586548d6f9136-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 elow8QyBvpeSpweF Show response
reservamossaas.com/FmFlPOTbJRI31ER9/ 135 KB
48 KB 489ms
447ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://reservamossaas.com/FmFlPOTbJRI31ER9/elow8QyBvpeSpweF?apiKey=J1yRduC9jdtW51KGHyFi&version=3&loaderVersion=3.9.2

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59d09512fe9175c259d65438d224e1e3644328dc5b2a8cb25e9260f5c9581c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:33 GMT
content-encoding: gzip
via: 1.1 74cd4e6bd806cc7209ac94e0173f5ac8.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"kxUFKAzMVxhdySqRUrPYBqsFcps"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7nGbHX2hfn%2BQ3z6r%2BCtY8abXF8jN%2B2GO%2FxSn77AerGNmVGHrrhcZxByy%2BOPrqXqslVRGUHFQ4WXlvXWab8nFvQ2wRNRFNle9JaRB8%2BhlMkUTzzSdj60wnhTQbYOYOjEhNqTHuC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 88f5865448198fca-FRA
timing-allow-origin: *
x-amz-cf-id: INQdf0QifA2RfQd1TaJ5odjzLImuw144iXvmnhLt2zslTWs4DUGjZQ==

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 55 KB
19 KB 49ms
13ms Script
text/javascript 2600:1901:0:498c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c81896eb5b02fa8350f6753d96ff154143e2c48d357c32f035d703b8716aea8d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 03:56:48 GMT
content-encoding: gzip
age: 526
x-guploader-uploadid: ABPtcPpituF1YHzDW27cEJx2VAEo6XxFDT3nxo37KXGmw3A0QCQHotYNZVGHlI9HMaIuu047VbylZGQDEQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18819
last-modified: Wed, 29 May 2024 01:49:19 GMT
server: UploadServer
etag: "d53b55223e2f05d176a53e2cd950b378"
vary: Accept-Encoding
x-goog-generation: 1716947359732123
x-goog-hash: crc32c=H3ruDA==, md5=1TtVIj4vBdF2pT4s2VCzeA==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18819
accept-ranges: bytes
expires: Thu, 06 Jun 2024 04:06:48 GMT

GET
H2 200 / Show response
beacon.riskified.com/ 48 KB
15 KB 442ms
194ms Script
application/javascript 2600:1f18:f8a:b701:949e:2876:e674:389c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.riskified.com/?shop=reservamos-primera.mx&sid=e80289af-b64c-4501-a4db-8b872a2b0bb9

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b701:949e:2876:e674:389c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

fbe507af8818e3479931ae264dcd483a3b08c5678a4fb342b1748f12de125f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
access-control-request-method: *
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-sourcemap: sm/cmVzZXJ2YW1vcy1wcmltZXJhLm14/ZTgwMjg5YWYtYjY0Yy00NTAxLWE0ZGItOGI4NzJhMmIwYmI5
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
trace-id: c702e09204f031889ae9aa20e909a470
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256

GET
H2 200 dfp.1.0.0.html
checkoutshopper-test.adyen.com/checkoutshopper/assets/html/test_YXRKAP7VKNE3TNXMFEKLGOMAIESWJM2E/ Frame 9880 0
0 69ms
23ms Document
text/html 147.12.18.106
ADYEN

General

Check archive.org

Show headers Download Go to

Full URL: https://checkoutshopper-test.adyen.com/checkoutshopper/assets/html/test_YXRKAP7VKNE3TNXMFEKLGOMAIESWJM2E/dfp.1.0.0.html
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.12.18.106 , Netherlands, ASN200596 (ADYEN, NL),
Reverse DNS: 930C126A.adyen.com
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://gfa-sbx.resertravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
cache-control: max-age=600
content-encoding: gzip
content-type: text/html;charset=UTF8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 04:05:33 GMT
nel: {"report_to":"network-reports","max_age":86400,"include_subdomains":false,"success_fraction":0.0,"failure_fraction":1.0}
report-to: {"group":"network-reports","max_age":86400,"endpoints":[{"url":"https://nel.cdn.adyen.com/upload-reports"}],"include_subdomains":false}
traceparent: 00-64729d5093b7912981445a6cd4ec19bf-153e7924f609bc4d-01

GET
H3 200 node_modules_adyen_adyen-web_dist_es_es-ES_js.461ea31f.js Show response
gfa-sbx.resertravel.com/ 11 KB
4 KB 156ms
155ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa-sbx.resertravel.com/node_modules_adyen_adyen-web_dist_es_es-ES_js.461ea31f.js
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3ddf0142bb9e025c5a59ce8ca76a7d3e60661346a44abda2ecd536964404fa7f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
content-encoding: gzip
x-render-origin-server: Render
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
rndr-id: e7692303-8f0b-4fcd
x-powered-by: Express
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jun 2024 01:42:07 GMT
server: cloudflare
etag: W/"2d9b-18feb35dd98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWB8D9RYyDdRqDzTBZAMdoynb1M7Al91DUBzuww7M2qJuAxpFxMbixCRgtqIa9rqZzF2Xcl2L6M6uMRZaqNnbFigf%2BkmdQB0jnU7HX0JVv%2BcXbzM3yJcPgpMMbQWbFZjVjCno%2F6X5w6wGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88f5865789648f3d-FRA

GET
DATA 200
OK truncated
/ 27 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 346b590b9a7e2441c685052719cbda83e1b1cd64253a68fec0b0b8ce912f1718

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 topbar-logo.png
gfa-sbx.resertravel.com/logos/gfa/ 22 KB
23 KB 161ms
161ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa-sbx.resertravel.com/logos/gfa/topbar-logo.png
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main-238ccde6e6fe8915e2d9.c703d49c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2da1895c34c40b64855f8cb2d718df4277bc76416f4896832cd9ecc4a271a37c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/main-238ccde6e6fe8915e2d9.c703d49c.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
x-render-origin-server: Render
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
rndr-id: 0d971185-b03b-4935
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 22690
last-modified: Thu, 06 Jun 2024 01:42:07 GMT
server: cloudflare
etag: W/"58a2-18feb35dd98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tNpMHYwpZVY%2FhZfNVevDrhGbmJSxAUtw2NDje5248IujhU%2FS%2B4BD%2FgpASLOcKSYnqMKOl2tmbarOtnyJloKGbmqpbLwAo4aqMpn65axXF%2BEmqNM2ZYfHJ%2BoUgD7gEMDPfH56EP2GDXIdJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88f58657d9b08f3d-FRA

GET
H3 200 5fcb12573e100e3cd7b8.woff2
gfa-sbx.resertravel.com/ 21 KB
22 KB 162ms
162ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa-sbx.resertravel.com/5fcb12573e100e3cd7b8.woff2
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main-238ccde6e6fe8915e2d9.c703d49c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 022bb796013d2cba94234b94e3ac366ccec4802d33bb8901020d5988d823c86f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/main-238ccde6e6fe8915e2d9.c703d49c.css
Origin: https://gfa-sbx.resertravel.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
x-render-origin-server: Render
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
rndr-id: 1046c77b-7a9f-4e4a
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 21968
last-modified: Thu, 06 Jun 2024 01:42:07 GMT
server: cloudflare
etag: W/"55d0-18feb35dd98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ofDO6EXZ4BQJG864JlcOObn3GDSkX8faakOnHPOmfW8BfxKWy6aW2GEaZBjVf8nzIRvYeX0mx4jdfOiU53MMVYIYznM50%2F2Qo5SffCrBOXPq%2FKGgQr8H%2Bho7IgPp8WRlplAI%2FEy0Vq%2FLQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88f586585a268f3d-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 141ms
31ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gfa-sbx.resertravel.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:39:21 GMT
x-content-type-options: nosniff
age: 134773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:39:21 GMT

GET
H3 200 9884e72dd3e333417827.woff
gfa-sbx.resertravel.com/ 22 KB
23 KB 144ms
144ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa-sbx.resertravel.com/9884e72dd3e333417827.woff
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main-238ccde6e6fe8915e2d9.c703d49c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 517d26ad28ed8a0f684338c3837c59a9105cdcf87872b5b50f5fac220324ef39

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/main-238ccde6e6fe8915e2d9.c703d49c.css
Origin: https://gfa-sbx.resertravel.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
x-render-origin-server: Render
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
rndr-id: 311f35e9-a79d-48bd
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 22752
last-modified: Thu, 06 Jun 2024 01:42:07 GMT
server: cloudflare
etag: W/"58e0-18feb35dd98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yixfv5jv8k9J5pppnyNwtQTQKf7U7sn%2Bb9p9qKjmQXrdJdYW7bHJhph73tq5nXreqNiK7%2FdvO6YdUJWbdyY1LwXvXlGlhMXnW6MKNajKQ8RMyPmyk5zXg0hs%2FZ9JiaCwHWssrwctrpkxMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88f586585a288f3d-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
71 KB 82ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M953GV5&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7825bd27888e4ccf6f673017f32377cbdd8323a551eb64f5325809281a63f21a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71827
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jun 2024 04:05:34 GMT

GET
H2 200 search.css
widgets.reservamos.mx/search/5.6.0/ 72 KB
12 KB 486ms
486ms Stylesheet
text/css 2606:4700:20::681a:4df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.reservamos.mx/search/5.6.0/search.css
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ea9db913fe20adf645cf8bc9ecb12f1c64e8d9136d0bafae1b5c9a4babadba1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 29 Jan 2024 16:18:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: CMG692MGF14KMFCG
etag: W/"5545122ac923bbdfa52d002a5ae6e6f5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8dpA5MraH9qvUgjQm53GD7fTPocmvMC8F2ikEaUuWEjhY4FSe6qCub1%2F1Yxn5bO3bKaRLSy%2BzFKH1W3Jc6WdHFbc%2Blcs2aybEAgaCbAloMWcxyPO%2Fdbt6Xt%2F3zZb9uacb8eTfs68AVhwpXKNmvu7JRfvwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 88f586581de89176-FRA
x-amz-id-2: MC2itU5bdVIO56aCtfnbIzTkgcePNUmu2cj1iQxYazWnpX9ww1BMjKEt3wlN5O+7ktpxXQLlW88=

GET
H2 200 openpay.v1.min.js Show response
js.openpay.mx/ 14 KB
14 KB 128ms
30ms Script
application/javascript 54.230.228.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.openpay.mx/openpay.v1.min.js
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-121.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6a920877108036520d358c54537dea89792908affc0c27d51ef636bd3208916

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 06:20:35 GMT
via: 1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
last-modified: Tue, 03 Sep 2019 00:26:59 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
age: 78300
etag: "0b88a6eb3b4de6f1fd1c0f820860d686"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 14326
x-amz-cf-id: Lvua24bJ7zR6IKB8GEOrd0qbbunROHggxqwLgkF4hPgLWo0YaLTRZQ==

GET
H3 200 N Show response
reservamossaas.com/FmFlPOTbJRI31ER9/tz8m3yGYrflpRef9/9RAhc1G/K4Ba/ 96 B
671 B 360ms
333ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://reservamossaas.com/FmFlPOTbJRI31ER9/tz8m3yGYrflpRef9/9RAhc1G/K4Ba/N?q=J1yRduC9jdtW51KGHyFi

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afc1ef246f8ea7eba190c7f205978ab9edabd069efc90fa41a632398d8dea46f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer
server: cloudflare
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n24o55oasLN6MRxmGS5rzkCRqwcTt0097Y702Vr%2FOe3mIoE9TRBGnDkrhap5iSIbhN7XZ3v4fBjDPK8W2BcFkbTujO5nra1K88ibJiHJLGK6qVCb5LKnMsChqzi8qycp69JZ6x0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
vary: Accept-Encoding
cf-ray: 88f5865848e99280-FRA
timing-allow-origin: *
x-robots-tag: noindex

GET
H3 200 ba10c40421dff2fb2b5b.woff
gfa-sbx.resertravel.com/ 23 KB
23 KB 158ms
158ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa-sbx.resertravel.com/ba10c40421dff2fb2b5b.woff
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main-238ccde6e6fe8915e2d9.c703d49c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c385a3a6af4e7b0b7967b90a34a008ffd9befb2a3ac4be22fc579650b706141d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/main-238ccde6e6fe8915e2d9.c703d49c.css
Origin: https://gfa-sbx.resertravel.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
x-render-origin-server: Render
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
rndr-id: 035ede64-30bb-4907
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 23468
last-modified: Thu, 06 Jun 2024 01:42:07 GMT
server: cloudflare
etag: W/"5bac-18feb35dd98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yB3Yl07LwwiPQeCGBMtEn4QDqTqq6%2FIHhb8yQyqLQ1xG8jH7%2Bh2PuyR9vBpvlJTfJOecnf65yhM4FtiutD%2FPY4bZ7XEg8WMMWlhzl%2ByMMOBtPRWQTWVWnZNxVu8Ta1tzZ%2BAJkm9LQ4Qimg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88f58658ca8c8f3d-FRA

GET
H3 200 gfa.png
gfa-sbx.resertravel.com/favicons/ 3 KB
3 KB 150ms
150ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa-sbx.resertravel.com/favicons/gfa.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5919dd3ded14f30fa42823d5bff47c1dfbb86c47c42aba989d8d47e0f4730960

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:34 GMT
x-render-origin-server: Render
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
rndr-id: f9683060-468d-4ef2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 3020
last-modified: Thu, 06 Jun 2024 01:42:07 GMT
server: cloudflare
etag: W/"bcc-18feb35dd98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJjhlAgKRUSmrRa0Gn9EZ%2BdcSv%2FNLQEUxN%2BZrG0noHaWSmabOfkpmIM8qcbSbTSffjh8085LXAhvao0zQhqPGGUFcFtEqjhaFWNa1%2FVMvGKflbM28RhuCgAVYF9xe2ZLNDdQYOlQNZmoqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88f586584a208f3d-FRA

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e62b860274a825388fb7d214ce30e20ab08d153aebab0d6fd0cbc487c37eebfd

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 5.chunk.3398f6f861c10c0a07a4.js Show response
widgets.reservamos.mx/search/5.6.0/ 10 KB
4 KB 408ms
408ms Script
application/javascript 2606:4700:20::681a:4df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.reservamos.mx/search/5.6.0/5.chunk.3398f6f861c10c0a07a4.js
Requested by: Host: widgets.reservamos.mx
URL: https://widgets.reservamos.mx/search/5.6.0/search.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fb76fb6573e649fac51226bfba64b00003f8283e46979a5ca6a73b51d467fd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 29 Jan 2024 16:18:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: CMGBPHS3BSM40QPW
etag: W/"78e8d0362ea423c39f19b20f9ff3d85d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6KNu17N1BSCA%2BVWQvRb2jWzJ2eyOg7EXm6MN1KnUSajhFvZQIW71dnhJdRyd64O5sG9JEw2CiYJ8HTeXx2R%2BTn%2BEPcDmZRwBFsEcQIGbmS85dMLml1UMfq2cCS8xiDoxk51ppB7mb%2BxJXS%2FU7v%2BtOEIrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88f5865bda1d9176-FRA
x-amz-id-2: EBVUcdBxvfw9biGlTQmkGwND7aellgjlu9E/64rpfzwGzzAOHXy1xneK3xuZq/vKgomwxEqZP08=

GET
H2 200 4.chunk.3398f6f861c10c0a07a4.js Show response
widgets.reservamos.mx/search/5.6.0/ 10 KB
3 KB 358ms
358ms Script
application/javascript 2606:4700:20::681a:4df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.reservamos.mx/search/5.6.0/4.chunk.3398f6f861c10c0a07a4.js
Requested by: Host: widgets.reservamos.mx
URL: https://widgets.reservamos.mx/search/5.6.0/search.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4f6a65e7f4a6a25bf7cb7602ac77eae8fe94d470fb8bb0acc604f86e465e33c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 29 Jan 2024 16:18:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: YEK709KQPEQCPV33
etag: W/"e674a60650b80dfea79d3eeb53d3659c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mbeHfu9HhOs8AeopPCX3SNHOsA%2B46LXszBDwxS5Z8%2BguxD8yXgz0F4Q4114CphqrtoFlpzQkTC8Ok3reFKbUJNI7gcPXlYZ91WVq9JtYh8kpaGdX4mICBVhQPIZR70Z874eFRUDqgH724SaBYtvRQOThpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88f5865ceb0e9176-FRA
x-amz-id-2: sBpvB0OT9FfBn6poutJVrN1oCbXoFKfdweIfNx8c9D4aY5hbwnNWX6z0APKYDQji8NVr+Vso3zg=

GET
H2 200 openpay-data.v1.min.js Show response
js.openpay.mx/ 18 KB
19 KB 32ms
31ms Script
application/javascript 54.230.228.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.openpay.mx/openpay-data.v1.min.js
Requested by: Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-121.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be4e2dfc3dae2596f4e4722df587e5fc6de3e13bea61f52081234aebe624bf29

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:47 GMT
via: 1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
last-modified: Tue, 03 Sep 2019 00:26:59 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
age: 85608
etag: "0c4e09aa7a2a7efe43ad4451c3965f0b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 18683
x-amz-cf-id: DCSPWIcOwm9FGA6OC55oJBmbNt5zwXx4rUA6j88k0F682FXJ4KYCJQ==

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
161 B 339ms
104ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17176467349190.5841613580727303&c=odc2ocbq4l1fz1x9h78q6lx2qimtx&p=dmx4hd&a=e80289af-b64c-4501-a4db-8b872a2b0bb9&o=reservamos-primera.mx&rt=1717646734278
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:35 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 4b16355ee97bcb7f174120532d518b75.png
widgets.reservamos.mx/search/5.6.0/ 691 B
1 KB 356ms
356ms Image
image/png 2606:4700:20::681a:4df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.reservamos.mx/search/5.6.0/4b16355ee97bcb7f174120532d518b75.png
Requested by: Host: widgets.reservamos.mx
URL: https://widgets.reservamos.mx/search/5.6.0/search.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 944aec3193cec74f2e3f2fbd8e3e4d51f3c31d262f94407e0306a733dbad124b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://widgets.reservamos.mx/search/5.6.0/search.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:35 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YEKBG08M2YS9WTAA
x-amz-server-side-encryption: AES256
content-length: 691
x-amz-id-2: tsM8LUcjXPWzn4BCs9TtOyRtavCTAtEcSr+FL5Qr/epo1Lv3yvZwaOf807CuuDEevsgQ4LUCQ9A=
last-modified: Mon, 29 Jan 2024 16:18:06 GMT
server: cloudflare
etag: "95610e9471d5a59ccd6e80a504a3bb63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vvek6UjxrWBySrL7ayVktP%2FurkyUZIfO%2BPOwke9wFPMWStTPIyLVQcU0Va0VzL47YqVcACYIFU9HuGEZxiDy%2BaxAdF%2BD9gSVHlB%2BCHJcAajaG%2BYr1v%2BM%2FBGoyh%2F2oerPE0VjECkjKWUJE8iEgOjDJUYlKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88f5865ebc809176-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 24 KB
25 KB 35ms
34ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gfa-sbx.resertravel.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:22:17 GMT
x-content-type-options: nosniff
age: 135798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24984
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:22:17 GMT

POST
H3 200 tz8m3yGYrflpRef9 Show response
reservamossaas.com/FmFlPOTbJRI31ER9/ 393 B
1 KB 394ms
393ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://reservamossaas.com/FmFlPOTbJRI31ER9/tz8m3yGYrflpRef9?ci=js/3.9.6&q=J1yRduC9jdtW51KGHyFi&ii=fingerprintjs-pro-cloudflare/1.5.0/procdn&ii=fingerprintjs-pro-spa/1.3.1

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc16657699dfb6d838402f606fdc2a9bc7d3c42035618cd6ab884975f346ce5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jun 2024 04:05:35 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer
server: cloudflare
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://gfa-sbx.resertravel.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBBHAZ23DEWUT%2FjwKaGeCCutisasG4FgXm1rKrTwFnClxWyn0KXJm5bbyck8Ajtc6DeUGtUbVlBuECgjcGMvVTn5k%2Fv5vNUV76URl%2F2SPO1nIBq5aUJwOWfLMUb6WEvYIO2YAsk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
cf-ray: 88f5865f1dfd8fca-FRA
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 373 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 941774ae3814f55ac8f1f599a6481e6941af9784dfcfb6cb39f49fb7391f504d

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
160 B 105ms
105ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17176467352790.5964748930229624&c=odc2ocbq4l1fz1x9h78q6lx2qimtx&p=dmx4hd&a=e80289af-b64c-4501-a4db-8b872a2b0bb9&o=reservamos-primera.mx&rt=1717646734278
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:35 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
160 B 103ms
103ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17176467354090.3084657299300626&c=odc2ocbq4l1fz1x9h78q6lx2qimtx&p=dmx4hd&a=e80289af-b64c-4501-a4db-8b872a2b0bb9&o=reservamos-primera.mx&rt=1717646734278
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:35 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
160 B 108ms
108ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17176467355270.3530590670387914&c=odc2ocbq4l1fz1x9h78q6lx2qimtx&p=dmx4hd&a=e80289af-b64c-4501-a4db-8b872a2b0bb9&o=reservamos-primera.mx&rt=1717646734278
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:35 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
160 B 107ms
106ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17176467356610.2104848535339119&c=odc2ocbq4l1fz1x9h78q6lx2qimtx&p=dmx4hd&a=e80289af-b64c-4501-a4db-8b872a2b0bb9&o=reservamos-primera.mx&rt=1717646734278
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:35 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

POST
H2 201 client_infos Show response
c.riskified.com/v2/ 0
339 B 101ms
101ms XHR
text/plain 2600:1f18:f8a:b700:87a1:a044:c788:da96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b700:87a1:a044:c788:da96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Referer: https://gfa-sbx.resertravel.com/
Access-Control-Allow-Headers: Content-Type
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:05:36 GMT
access-control-request-method: *
strict-transport-security: max-age=15768000; includeSubDomains; preload
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
trace-id: 39312716db6394000d54d2c59e45b066
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
content-length: 0

OPTIONS
H2 200 client_infos
c.riskified.com/v2/ Frame 0
0 308ms
99ms Preflight
text/plain 2600:1f18:f8a:b700:87a1:a044:c788:da96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b700:87a1:a044:c788:da96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://gfa-sbx.resertravel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
access-control-request-method: *
content-length: 2
content-type: text/plain; charset=UTF-8
date: Thu, 06 Jun 2024 04:05:36 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
timing-allow-origin: *
trace-id: 802073780361854c0d263622229362ab

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
388 B 127ms
53ms XHR
application/json 35.186.241.51

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1717646739225

Requested by

Host: gfa-sbx.resertravel.com
URL: https://gfa-sbx.resertravel.com/main.461ea31f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://gfa-sbx.resertravel.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Thu, 06 Jun 2024 04:05:39 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://gfa-sbx.resertravel.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ssl.kaptcha.com/	1970-01-20 23:17:02	Name: k Value: 31b579aa7384427992413b8db7d91050
.resertravel.com/	1970-01-21 06:43:26	Name: lastRskxRun Value: 1717646734868
.resertravel.com/	1970-01-21 06:43:26	Name: rskxRunCookie Value: 0
.resertravel.com/	1970-01-21 06:43:26	Name: rCookie Value: odc2ocbq4l1fz1x9h78q6lx2qimtx
.reservamossaas.com/	1970-01-21 05:53:02	Name: _iidt Value: IhQ/FQeRjC+R5gXG89F6HobrDo02strGClvNHYTsivnyR2VSHcgIzfYD8QWE8/a3meG+q921/63DNw==
.resertravel.com/	1970-01-21 05:53:02	Name: _vid_t Value: qKWauDqjIrzQDt5ivgeYy97xkRZb4hDz1+g1Y8QMVzFUGllLggdac3zi/+a9cRvqnJ0QevrsBiD7fA==
.resertravel.com/	1970-01-21 05:53:02	Name: mp_62f3d8100c8a58750483c2809b8f8292_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18febb93386a2d-02273f7cd69758-26001c51-1d4c00-18febb93386a2d%22%2C%22%24device_id%22%3A%20%2218febb93386a2d-02273f7cd69758-26001c51-1d4c00-18febb93386a2d%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%22%24os%22%3A%20%22Windows%22%2C%22%24browser%22%3A%20%22Chrome%22%2C%22%24browser_version%22%3A%20125%2C%22User%20Type%22%3A%20%22Anonymous%22%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22product%22%3A%20%22web%22%2C%22Device%20Fingerprint%22%3A%20%221873862465%22%2C%22User%20Fingerprint%22%3A%20%22f0UVFvRGiY6XTRazGoDG%22%7D

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://gfa-sbx.resertravel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfa-sbx.resertravel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfa-sbx.resertravel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfa-sbx.resertravel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfa-sbx.resertravel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfa-sbx.resertravel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfa-sbx.resertravel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfa-sbx.resertravel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-growthbook.reservamos.tech
api-js.mixpanel.com
beacon.riskified.com
c.riskified.com
cdn.conekta.io
cdn.mxpnl.com
cdn.siftscience.com
checkoutshopper-test.adyen.com
fonts.googleapis.com
fonts.gstatic.com
gfa-sbx.resertravel.com
img.riskified.com
js.openpay.mx
o25518.ingest.sentry.io
one-api-gfa-sbx.resertravel.com
reservamossaas.com
ssl.kaptcha.com
widgets.reservamos.mx
www.googletagmanager.com
147.12.18.106
188.114.96.3
188.114.97.3
2600:1901:0:498c::
2600:1f18:f8a:b700:87a1:a044:c788:da96
2600:1f18:f8a:b701:949e:2876:e674:389c
2606:4700:20::681a:4df
2a00:1450:4001:810::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2008
2a06:98c1:3121::3
34.120.195.249
34.96.67.224
35.186.241.51
35.81.31.24
54.148.115.137
54.230.228.121
54.230.228.22
54.92.193.158
022bb796013d2cba94234b94e3ac366ccec4802d33bb8901020d5988d823c86f
0ea9db913fe20adf645cf8bc9ecb12f1c64e8d9136d0bafae1b5c9a4babadba1
10ec464febb7b92ed105d94da994f32989ff1d0795c0013460b5e2a7769934f2
138be64b1e5768b3e3eee2fef8abd105a6c2920e3eb7414fb004a01e78efd5a0
1e9b86bee33b049cfe24d16f89c97caff3d4cc0f0087a2415f4232704e850176
2da1895c34c40b64855f8cb2d718df4277bc76416f4896832cd9ecc4a271a37c
3273996622afec9de3fde1cdde7686ad7e8a0c67b0073df16e84c8e099d6d898
346b590b9a7e2441c685052719cbda83e1b1cd64253a68fec0b0b8ce912f1718
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ddf0142bb9e025c5a59ce8ca76a7d3e60661346a44abda2ecd536964404fa7f
4057a0dd932d74677ea79d1f3cbee9d007f4fd2a16ac42160186fb2243e0585c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
517d26ad28ed8a0f684338c3837c59a9105cdcf87872b5b50f5fac220324ef39
5919dd3ded14f30fa42823d5bff47c1dfbb86c47c42aba989d8d47e0f4730960
59d09512fe9175c259d65438d224e1e3644328dc5b2a8cb25e9260f5c9581c2f
5a2ce6692ee59f886c869b72ef22c9a438ee3de1c9cb84df74961f78e8969ef1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7825bd27888e4ccf6f673017f32377cbdd8323a551eb64f5325809281a63f21a
7aa0d6652e235dc98cb1f194658c54d7b4c0f19049e0798d850441e0f5150131
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
941774ae3814f55ac8f1f599a6481e6941af9784dfcfb6cb39f49fb7391f504d
944aec3193cec74f2e3f2fbd8e3e4d51f3c31d262f94407e0306a733dbad124b
9b78cbf19068e0e5ace258dd4402bddce4c29e5cc642f7a9fb19a7453fb564da
a11d24b998d25a164286e32aced295901f626d85be784b8c95990f51a0ecc734
afc1ef246f8ea7eba190c7f205978ab9edabd069efc90fa41a632398d8dea46f
afed715b5742c5b586b26e0ff1b4e58b84ade9ff3cd5b5ba0590a7d67e258dd1
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
ba6510c1725f3467096846bfff548d438945da7c4475099a28243fc8ddd1bf18
be4e2dfc3dae2596f4e4722df587e5fc6de3e13bea61f52081234aebe624bf29
c385a3a6af4e7b0b7967b90a34a008ffd9befb2a3ac4be22fc579650b706141d
c6a920877108036520d358c54537dea89792908affc0c27d51ef636bd3208916
c81896eb5b02fa8350f6753d96ff154143e2c48d357c32f035d703b8716aea8d
cf922685323d434680a78b9f634be3cd3278434c0f9e012466f7f4e848ec322c
d2fb76fb6573e649fac51226bfba64b00003f8283e46979a5ca6a73b51d467fd
d4f6a65e7f4a6a25bf7cb7602ac77eae8fe94d470fb8bb0acc604f86e465e33c
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62b860274a825388fb7d214ce30e20ab08d153aebab0d6fd0cbc487c37eebfd
e9ab115372791fd65190bb554dda1e4272e3ec3c57f89ab3b87a636b7ee199c5
fbe507af8818e3479931ae264dcd483a3b08c5678a4fb342b1748f12de125f12
fc16657699dfb6d838402f606fdc2a9bc7d3c42035618cd6ab884975f346ce5d
ff24c312d42c8e9ec5b34cc55b102f6cc91a58f97b43fcc21968c10df9f3daeb

gfa-sbx.resertravel.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

42 %IPv6

16 Domains

19 Subdomains

20 IPs

3 Countries

4864 kBTransfer

12858 kBSize

7 Cookies

1 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gfa-sbx.resertravel.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

42 %
IPv6

16
Domains

19
Subdomains

20
IPs

3
Countries

4864 kB
Transfer

12858 kB
Size

7
Cookies

47 HTTP transactions
3 data transactions