www.activatetravelsavings.com Open in urlscan Pro
162.210.97.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.activatetravelsavings.com/
Submission: On January 09 via automatic, source certstream-suspicious (January 9th 2022, 5:12:15 pm UTC) — Scanned from DE

Summary HTTP 42 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 9 domains to perform 42 HTTP transactions. The main IP is 162.210.97.242, located in United States and belongs to STEADFAST, US. The main domain is www.activatetravelsavings.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 26th 2021. Valid for: a year.

This is the only time www.activatetravelsavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	162.210.97.242 162.210.97.242	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
8	3.235.73.94 3.235.73.94	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	18.66.249.251 18.66.249.251	16509 (AMAZON-02) (AMAZON-02)
1	18.66.99.251 18.66.99.251	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.26.253 13.32.26.253	16509 (AMAZON-02) (AMAZON-02)
1	99.86.5.250 99.86.5.250	16509 (AMAZON-02) (AMAZON-02)
42	15

10 162.210.97.242 (United States)

ASN32748 (STEADFAST, US)

www.activatetravelsavings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.235.73.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-235-73-94.compute-1.amazonaws.com

us02web.zoom.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.66.249.251 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-249-251.dus51.r.cloudfront.net

st1.zoom.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.99.251 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-99-251.fra56.r.cloudfront.net

us02st3.zoom.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.26.253 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-26-253.fra56.r.cloudfront.net

us02st1.zoom.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.5.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-5-250.fra6.r.cloudfront.net

ssrweb.zoom.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	zoom.us us02web.zoom.us — Cisco Umbrella Rank: 4043 st1.zoom.us — Cisco Umbrella Rank: 3846 us02st3.zoom.us — Cisco Umbrella Rank: 9465 us02st1.zoom.us — Cisco Umbrella Rank: 9273 ssrweb.zoom.us — Cisco Umbrella Rank: 48526	661 KB
10	activatetravelsavings.com www.activatetravelsavings.com	3 MB
2	gstatic.com www.gstatic.com fonts.gstatic.com	157 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 844	86 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2146	39 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 202	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 541	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 8	967 B
42	9

	Domain	Requested by
11	st1.zoom.us	us02web.zoom.us st1.zoom.us
10	www.activatetravelsavings.com	www.activatetravelsavings.com
8	us02web.zoom.us	www.activatetravelsavings.com us02web.zoom.us
2	use.fontawesome.com	www.activatetravelsavings.com use.fontawesome.com
2	stackpath.bootstrapcdn.com	www.activatetravelsavings.com
1	ssrweb.zoom.us	us02web.zoom.us
1	us02st1.zoom.us	us02web.zoom.us
1	fonts.gstatic.com	fonts.googleapis.com
1	us02st3.zoom.us	us02web.zoom.us
1	cdnjs.cloudflare.com	www.activatetravelsavings.com
1	code.jquery.com	www.activatetravelsavings.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	www.activatetravelsavings.com
1	www.google.com	www.activatetravelsavings.com
42	14

This site contains links to these domains. Also see Links.

Domain
seotrafficleader.com

Subject Issuer	Validity	Valid
activatetravelsavings.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-26` - `2022-03-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.zoom.us DigiCert SHA2 Secure Server CA	`2020-05-24` - `2022-06-01`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.activatetravelsavings.com/
Frame ID: 43335D0404380EB26666944B6EF23DEC
Requests: 21 HTTP requests in this frame

Frame: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
Frame ID: 42B2D327C55EC229DAE0032271E4FC52
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Activate Travel Savings

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

42
Requests

100 %
HTTPS

57 %
IPv6

9
Domains

14
Subdomains

15
IPs

3
Countries

3766 kB
Transfer

5765 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://seotrafficleader.com/
Title: STL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.activatetravelsavings.com/ 47 KB
12 KB 436ms
145ms Document
text/html 162.210.97.242
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activatetravelsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.210.97.242 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: Apache /
Resource Hash: fcba775e585da3a3230e9da7f232a6d3d599a51a4e83570f257e862e4fabf45d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Mon, 03 Aug 2020 16:59:43 GMT
accept-ranges: none
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11936
content-type: text/html
date: Sun, 09 Jan 2022 17:12:05 GMT
server: Apache

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 38ms
15ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b655579f520f29e1d87f6bc6039d68386234b8b0f2cbe3ddca9c88a336fdcd9e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Sun, 09 Jan 2022 17:12:06 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/ 150 KB
24 KB 115ms
69ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css

Requested by

Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activatetravelsavings.com/
Origin: https://www.activatetravelsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-cachedat: 08/03/2021 19:30:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e3dcdbf0014a19881ac479019ca1bcba
cf-ray: 6caf49ddff615a25-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.1/css/ 53 KB
12 KB 3994ms
3636ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer: https://www.activatetravelsavings.com/
Origin: https://www.activatetravelsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:09 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EH3TD366YE2SYHMP
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: odk9WrS4ZgvQDe98vKaxkdMmUICJ78/Y/H4u8rNO+d+DQp4Sky8Hxue9KJrvS/TzY173y9aq96I=
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
server: cloudflare
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEXg10Musm9SNklZ2x3%2F0bak1w47mBCi7AuYCNko8dGjo%2B1V3k4qdGWx%2BHM4mqgZwH6nq7EPWBDfhtSyj%2FJr4ayGIZ1hOOJYduRh8NBdHWfn5ZLSVDLZPUq8qxdtLy4nC9Bd9jxGx82Wl5N%2BpsKP2fHC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6caf49dfec427344-MRS

GET
H2 200 custom.css
www.activatetravelsavings.com/assets/css/ 5 KB
2 KB 130ms
129ms Stylesheet
text/css 162.210.97.242
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activatetravelsavings.com/assets/css/custom.css
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.210.97.242 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 53a8f61d49b759b45f3c624c2a3ab4fcc2a8a1faec11bc99da55e56c40bd9a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 06:44:55 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: none
content-length: 1711

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Jan 2022 15:57:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 09 Jan 2022 17:12:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jan 2022 17:12:06 GMT

GET
H2 200 logo_ATS_white.png
www.activatetravelsavings.com/assets/img/ 42 KB
42 KB 261ms
261ms Image
image/png 162.210.97.242
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activatetravelsavings.com/assets/img/logo_ATS_white.png
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.210.97.242 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: Apache /
Resource Hash: f4e96ed3597fbfa7ebbfbc47068cbb537e2c40ac1afa8d8d0821e08b67f85650

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
last-modified: Thu, 07 Mar 2019 07:46:45 GMT
server: Apache
etag: "a603-5837c4ed72c3f"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 42499

GET
H2 200 hotel-paris.jpg
www.activatetravelsavings.com/assets/img/ 89 KB
89 KB 130ms
130ms Image
image/jpeg 162.210.97.242
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activatetravelsavings.com/assets/img/hotel-paris.jpg
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.210.97.242 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 96a065e94cda44431d713a766f0de97bd63f3fd2d7ae740c754ba27f1cceb646

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
last-modified: Thu, 07 Mar 2019 07:46:46 GMT
server: Apache
etag: "162e9-5837c4eecdc01"
vary: User-Agent
content-type: image/jpeg
accept-ranges: bytes
content-length: 90857

GET
H2 200 hotel-sydney.jpg
www.activatetravelsavings.com/assets/img/ 93 KB
94 KB 130ms
130ms Image
image/jpeg 162.210.97.242
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activatetravelsavings.com/assets/img/hotel-sydney.jpg
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.210.97.242 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 97c3837e1801b44f2f91c78b015490ca1ee8f367d891ac8211c8a383892fd1c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
last-modified: Thu, 07 Mar 2019 07:46:48 GMT
server: Apache
etag: "174f0-5837c4f085ac6"
vary: User-Agent
content-type: image/jpeg
accept-ranges: bytes
content-length: 95472

GET
H2 200 hotel-LA.jpg
www.activatetravelsavings.com/assets/img/ 166 KB
167 KB 262ms
261ms Image
image/jpeg 162.210.97.242
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activatetravelsavings.com/assets/img/hotel-LA.jpg
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.210.97.242 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 1d4137bc639effce295d286afc40b9cee3aace62293528e633eaab74547342fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
last-modified: Thu, 07 Mar 2019 07:46:46 GMT
server: Apache
etag: "29924-5837c4ee80d76"
vary: User-Agent
content-type: image/jpeg
accept-ranges: bytes
content-length: 170276

GET
H2 200 hotel-bali.jpg
www.activatetravelsavings.com/assets/img/ 126 KB
127 KB 261ms
261ms Image
image/jpeg 162.210.97.242
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activatetravelsavings.com/assets/img/hotel-bali.jpg
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.210.97.242 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 842fb946718899517ce671450e99e9cf8bb1d2b9a811a957afcced60709785a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
last-modified: Thu, 07 Mar 2019 07:46:44 GMT
server: Apache
etag: "1f8c2-5837c4ecfb635"
vary: User-Agent
content-type: image/jpeg
accept-ranges: bytes
content-length: 129218

GET
H2 200 tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU Show response
us02web.zoom.us/rec/play/ Frame 42B2 7 KB
6 KB 385ms
167ms Document
text/html 3.235.73.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775

Requested by

Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.235.73.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-235-73-94.compute-1.amazonaws.com

Software

Resource Hash

c90abe6cf7b2b393a74ffa22d91cf802e296047a83bd2cb907d26aecb38e83bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src https://.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: 'self'; object-src 'none'; base-uri 'none';script-src 'self' 'strict-dynamic' 'nonce-5sKw0bDpRvOKfgV5U7lkeQ' 'unsafe-inline' blob: https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-type: text/html;charset=utf-8
x-zm-trackingid: v=2.0;clid=us02;rid=WEB_fac1b3462954a1eb40aa72a0834c5ea1
x-robots-tag: noindex, nofollow
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: 'self'; object-src 'none'; base-uri 'none';script-src 'self' 'strict-dynamic' 'nonce-5sKw0bDpRvOKfgV5U7lkeQ' 'unsafe-inline' blob: https:;
content-security-policy-report-only: frame-ancestors 'self'; report-uri /csp/report/%252Frec%252Fplay%252FtcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-zm-zoneid: VA
content-language: de-DE
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ 352 KB
140 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activatetravelsavings.com/
Origin: https://www.activatetravelsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 16:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142561
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 05:02:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 16:27:51 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 65ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://www.activatetravelsavings.com/
Origin: https://www.activatetravelsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1641748326.dop001.ml1.t,1641748326.cds207.ml1.hn,1641748326.cds213.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/ 20 KB
7 KB 84ms
41ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/popper.min.js

Requested by

Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activatetravelsavings.com/
Origin: https://www.activatetravelsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3250249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6634
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-51ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3tO3aHdUAzHNbpFJW%2FC3tdENB%2BO4mBaPQlR3Jea0iszeybQjpguKLKbTv74uDDxIi2%2FrB5CH7WToW1aO6QQQUWfmSuHTItsBeGjlXyxHc4EwEzGN2Qs7G%2F1ks00dvdIXToBrJNMn6ZouXCh18kRzg69"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6caf49de6d9f3745-MXP
expires: Fri, 30 Dec 2022 17:12:06 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/ 54 KB
15 KB 53ms
52ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js

Requested by

Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activatetravelsavings.com/
Origin: https://www.activatetravelsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-07-24 16:49:46
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d56edcfce713689a0639fdb11af18fb3
cf-ray: 6caf49de280d5a25-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.js Show response
www.activatetravelsavings.com/assets/js/ 4 KB
1 KB 310ms
310ms Script
application/javascript 162.210.97.242
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activatetravelsavings.com/assets/js/main.js
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.210.97.242 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 1ab46b03bb57c40d6e31af15f2d06e45671f53d284ed3b21ae3c71c0262687fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: gzip
last-modified: Mon, 03 Aug 2020 17:57:50 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: none
content-length: 1110

POST
H2 200 %252Frec%252Fplay%252FtcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU
us02web.zoom.us/csp/report/ 0
1 KB 305ms
107ms Other
text/plain 3.235.73.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us02web.zoom.us/csp/report/%252Frec%252Fplay%252FtcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU

Requested by

Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.235.73.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-235-73-94.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src https://.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: 'self'; object-src 'none'; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.activatetravelsavings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
referrer-policy: strict-origin-when-cross-origin
x-zm-trackingid: v=2.0;clid=us02;rid=WEB_8f59b5dbe490746c2af988fc8fe3ceac
x-frame-options: SAMEORIGIN
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-xss-protection: 1; mode=block
x-zm-zoneid: VA
content-security-policy: upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: 'self'; object-src 'none'; base-uri 'none';
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
x-content-type-options: nosniff

GET
H2 200 zm_bundle.js Show response
us02web.zoom.us/assets/ Frame 42B2 21 KB
8 KB 112ms
111ms Script
application/javascript 3.235.73.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://us02web.zoom.us/assets/zm_bundle.js?cache
Requested by: Host: us02web.zoom.us
URL: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.235.73.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-73-94.compute-1.amazonaws.com
Software: /
Resource Hash: 92ebd82145c82bd55fa011965413d168e2e8ac0fbb2c0163db47e5d040cd3f44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: gzip
cache-control: public, max-age=3600, immutable
content-type: application/javascript; charset=UTF-8

GET
H2 200 zm_bundle.js Show response
us02web.zoom.us/assets/ Frame 42B2 956 B
968 B 112ms
112ms Script
application/javascript 3.235.73.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://us02web.zoom.us/assets/zm_bundle.js?async
Requested by: Host: us02web.zoom.us
URL: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.235.73.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-73-94.compute-1.amazonaws.com
Software: /
Resource Hash: e8f8e114676c2efdd2ec04f61857d2443185fc8f05571bf6789843d86e5829bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 17:12:06 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-encoding: gzip
content-type: application/javascript; charset=UTF-8

GET
H2 200 chunk-vendors.785b724e.css
st1.zoom.us/fe-static/recording-player/css/ Frame 42B2 138 KB
25 KB 50ms
15ms Stylesheet
text/css 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/css/chunk-vendors.785b724e.css
Requested by: Host: us02web.zoom.us
URL: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f832f83b34571fe0e14c72b074e86362cf6b615077794d7210fcb1665d278c1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 05:42:35 GMT
content-encoding: gzip
etag: W/"a855f0d2c4cf97af95b8b0337779a578"
last-modified: Mon, 11 Oct 2021 03:26:00 GMT
server: AmazonS3
age: 47070
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: JwXvd-UZhPZ4UxuFxmVCsIN3IBDd2ZTG56mcIN58UnRpG7l5DiztAA==

GET
H2 200 app.5078d796.css
st1.zoom.us/fe-static/recording-player/css/ Frame 42B2 27 KB
6 KB 77ms
42ms Stylesheet
text/css 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/css/app.5078d796.css
Requested by: Host: us02web.zoom.us
URL: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 457b6e41171d2e2b75c1a5fb332adac3c1d69a8a9bda64b4e61e272a866d7065

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 05:35:21 GMT
content-encoding: gzip
etag: W/"df28a9d12056a579490093ded4f9202b"
last-modified: Mon, 13 Dec 2021 06:23:34 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:df28a9d12056a579490093ded4f9202b
age: 41893
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: -pECUuhWpenpfAogYE51Zu_PZ5-oXkwUErHZ41w0O2j6kLuwXuOdzg==

GET
H2 200 csrf_js Show response
us02web.zoom.us/ Frame 42B2 15 KB
6 KB 102ms
102ms Script
text/javascript 3.235.73.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us02web.zoom.us/csrf_js?t_x_zm_rid=1

Requested by

Host: us02web.zoom.us
URL: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.235.73.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-235-73-94.compute-1.amazonaws.com

Software

Resource Hash

b99880b096fb40a58312a799951553278e27eb9c1726dd2ca4013dbd9dad57e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src https://.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: 'self'; object-src 'none'; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-zm-trackingid: v=2.0;clid=us02;rid=WEB_6409eb113a75e98ec7e10bb682711164
x-frame-options: SAMEORIGIN
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-xss-protection: 1; mode=block
cache-control: private, max-age=28800
content-security-policy: upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: 'self'; object-src 'none'; base-uri 'none';
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
x-content-type-options: nosniff

GET
H2 200 vue.min.js Show response
us02st3.zoom.us/static/5.2.4185/js/lib/vue/ Frame 42B2 408 KB
108 KB 47ms
13ms Script
application/javascript 18.66.99.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us02st3.zoom.us/static/5.2.4185/js/lib/vue/vue.min.js
Requested by: Host: us02web.zoom.us
URL: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.99.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-99-251.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a67394b5849e496a457bc375c14f7441043cee097ae620482f404f9de6116828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 09 Jan 2022 05:01:59 GMT
content-encoding: gzip
last-modified: Sun, 09 Jan 2022 04:34:40 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:2f6abdde2a87c851328d7d1bd5affdf8
age: 43808
etag: W/"2f6abdde2a87c851328d7d1bd5affdf8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: h7Hitfp2yuB2rtgLLYtYZsy3Lp-yhb7cJLt0ZaI2oM4M9vgA_7prng==

GET
H2 200 chunk-vendors.f7c64835.js Show response
st1.zoom.us/fe-static/recording-player/js/ Frame 42B2 344 KB
107 KB 58ms
24ms Script
text/javascript 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/js/chunk-vendors.f7c64835.js
Requested by: Host: us02web.zoom.us
URL: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 185d1ec9787394f60dcf5825486ccae3d05e3ac084c01daa8588fa254bde428f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 05:38:36 GMT
content-encoding: gzip
etag: W/"05cbce0fb32d40113f2a4340e382c54c"
last-modified: Mon, 11 Oct 2021 03:26:00 GMT
server: AmazonS3
age: 42234
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: h3GajLxWGOhg1KgySzc66oureKFvuzd8WI496Q6wktGvFvrdY6ELiQ==

GET
H2 200 app.a628624a.js Show response
st1.zoom.us/fe-static/recording-player/js/ Frame 42B2 61 KB
19 KB 75ms
41ms Script
application/javascript 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/js/app.a628624a.js
Requested by: Host: us02web.zoom.us
URL: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5df3cdadeb73cdab7be7d6a570842ce4b80d52290ae1f641ae7c9a6269a12493

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 02:53:19 GMT
content-encoding: gzip
etag: W/"7f5df854cd0dbe1a5df6a3e918053639"
last-modified: Fri, 17 Dec 2021 03:44:56 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:7f5df854cd0dbe1a5df6a3e918053639
age: 51762
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: en3kjfviHGFtlZOCT_TxxjotVK_BfIksT23DsvgdYXbNVlCTXaFQpg==

POST
H2 200 csrf_js Show response
us02web.zoom.us/ Frame 42B2 54 B
1 KB 100ms
100ms XHR
text/plain 3.235.73.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us02web.zoom.us/csrf_js?t_x_zm_rid=1

Requested by

Host: us02web.zoom.us
URL: https://us02web.zoom.us/assets/zm_bundle.js?cache

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.235.73.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-235-73-94.compute-1.amazonaws.com

Software

Resource Hash

f389f5370e5d4763c41e07ef1fe72d9e852f1ad774e0dce25009c18072649fbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src https://.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: 'self'; object-src 'none'; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
FETCH-CSRF-TOKEN: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-zm-trackingid: v=2.0;clid=us02;rid=WEB_524fc72d00111e053f42c136368a7c39
x-frame-options: SAMEORIGIN
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: 'self'; object-src 'none'; base-uri 'none';
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain;charset=UTF-8
x-content-type-options: nosniff

GET
H2 200 i18n-en-US.7b35500b.js Show response
st1.zoom.us/fe-static/recording-player/js/ Frame 42B2 6 KB
3 KB 13ms
12ms Script
application/javascript 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/js/i18n-en-US.7b35500b.js
Requested by: Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/recording-player/js/app.a628624a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa99ba0adae8f56091a8168a252a34bbd1481a3cdff7535881a1a3acc5498159

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 07:16:43 GMT
content-encoding: gzip
etag: W/"9020f56ac0d445911fd3eadc325a01c1"
last-modified: Mon, 08 Nov 2021 03:15:48 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:9020f56ac0d445911fd3eadc325a01c1
age: 36008
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ykngSMV8Mws9K6ac764xssfhnScaoElOdBjNr9h-RvVLZsGR6Rs39w==

GET
H2 200 en-json.baf1d5c5.js Show response
st1.zoom.us/fe-static/recording-player/js/ Frame 42B2 4 KB
2 KB 12ms
12ms Script
text/javascript 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/js/en-json.baf1d5c5.js
Requested by: Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/recording-player/js/app.a628624a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b66d5b0d7f3d61cec13c172364d7ac2bfcb676ff4a6488f92b5db2db9205e8a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 23:27:03 GMT
content-encoding: gzip
etag: W/"beb6e1ae382fc11c7023c4cdae5b1193"
last-modified: Tue, 06 Jul 2021 21:07:47 GMT
server: AmazonS3
age: 63904
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: a0KBdXKknK4pjb_Df9sD3loRr-tWscTRz8dXvu9u3m83eOcmFb5A3g==

GET
H2 200 bg-fullpage.jpg
www.activatetravelsavings.com/assets/img/ 2 MB
2 MB 131ms
131ms Image
image/jpeg 162.210.97.242
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activatetravelsavings.com/assets/img/bg-fullpage.jpg
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/assets/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.210.97.242 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 2af9d911990117b68010c901edbf4776b9a6c449ee46a8315415d5e7a8ea8449

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/assets/css/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
last-modified: Thu, 07 Mar 2019 07:46:50 GMT
server: Apache
etag: "231379-5837c4f1d733d"
vary: User-Agent
content-type: image/jpeg
accept-ranges: bytes
content-length: 2298745

GET
H2 200 discount-banner.png
www.activatetravelsavings.com/assets/img/ 381 B
430 B 158ms
157ms Image
image/png 162.210.97.242
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activatetravelsavings.com/assets/img/discount-banner.png
Requested by: Host: www.activatetravelsavings.com
URL: https://www.activatetravelsavings.com/assets/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.210.97.242 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 8186eac1300b69244a16591393d0bd01789ff4223fe9aed527f4a96bcf093a9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.activatetravelsavings.com/assets/css/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
last-modified: Thu, 07 Mar 2019 07:46:46 GMT
server: Apache
etag: "17d-5837c4ee2fe32"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 381

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
17 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.activatetravelsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:37:09 GMT
x-content-type-options: nosniff
age: 210897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 06:37:09 GMT

GET
H2 200 zm_bundle.js Show response
us02web.zoom.us/assets/ Frame 42B2 239 KB
134 KB 146ms
146ms Script
application/javascript 3.235.73.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://us02web.zoom.us/assets/zm_bundle.js?seed=AIBSyD9-AQAATyHwUuTjcg5lsilincMgIfNYjZ5YsL-ycOgY_DlhbgFPAe9-&uQHR71Sqnk--z=q
Requested by: Host: us02web.zoom.us
URL: https://us02web.zoom.us/assets/zm_bundle.js?async
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.235.73.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-73-94.compute-1.amazonaws.com
Software: /
Resource Hash: 2d92e25b0f94f5e548c66964d39752c9796a687407f138c5bce0aadbf091132d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
content-encoding: gzip
cache-control: public, max-age=3600, immutable
content-type: application/javascript; charset=UTF-8

GET
H2 200 video.js.1966df50.js Show response
st1.zoom.us/fe-static/recording-player/js/ Frame 42B2 578 KB
162 KB 13ms
13ms Script
text/javascript 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/js/video.js.1966df50.js
Requested by: Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/recording-player/js/app.a628624a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f439ad5b81187e7db1f8740434ea7a11d2976496ba9d03281a9e9897a6717d54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 02:19:08 GMT
content-encoding: gzip
etag: W/"74dfe38a0620605b978a4cdb08c67ab0"
last-modified: Tue, 06 Jul 2021 21:07:48 GMT
server: AmazonS3
age: 53988
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: DQQceTfo8JN8Ew65u_rWPF3ASMwK8eWszxy0_Rv0AwtoVEf6IMpy7Q==

GET
H2 200 audio-player~video-player.b78e5c08.css
st1.zoom.us/fe-static/recording-player/css/ Frame 42B2 19 KB
4 KB 27ms
27ms Stylesheet
text/css 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/css/audio-player~video-player.b78e5c08.css
Requested by: Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/recording-player/js/app.a628624a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3593bb3da8a24fd97f34df9387a2883137927d7cb69102a5b19520e4842f99a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 05:18:50 GMT
content-encoding: gzip
etag: W/"9ca38f5381ee19e7f410661776c3e03d"
last-modified: Mon, 06 Dec 2021 03:49:57 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:9ca38f5381ee19e7f410661776c3e03d
age: 44195
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: zd2XCJ7nORYUllfUSZoEUgWOcxeMqRMbXycGdnAiIr7Je8T9oR3AWQ==

GET
H2 200 audio-player~video-player.29ff4b39.js Show response
st1.zoom.us/fe-static/recording-player/js/ Frame 42B2 129 KB
32 KB 25ms
25ms Script
application/javascript 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/js/audio-player~video-player.29ff4b39.js
Requested by: Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/recording-player/js/app.a628624a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8de0fd740fbb10a07d7d35d11da2762323e84a8ae1c2a7fae22c14135c78b90d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 10:00:57 GMT
content-encoding: gzip
etag: W/"ce35eb4ea47c6463ee742f8400cf4ac4"
last-modified: Fri, 17 Dec 2021 03:44:56 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:ce35eb4ea47c6463ee742f8400cf4ac4
age: 41754
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: QW4IfOhtZ67Ch3cr0KPMa7KkUbSnxwyhNIGxwgsIlEVo8OcEa2okFA==

GET
H2 200 video-player.a15bd60e.css
st1.zoom.us/fe-static/recording-player/css/ Frame 42B2 17 KB
4 KB 30ms
30ms Stylesheet
text/css 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/css/video-player.a15bd60e.css
Requested by: Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/recording-player/js/app.a628624a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3261bf45cd67dc728023de7afb87b76b9df7f78b98afd4f21a6adc9a4012c46f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 02:33:00 GMT
content-encoding: gzip
etag: W/"42134d632140de2e584ef07485118138"
last-modified: Mon, 08 Nov 2021 03:15:48 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:42134d632140de2e584ef07485118138
age: 53246
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: xGzJtp5gsR35YpRd2KHBf13hDDSTbUJ1fMpiJRbVLFQ5lQnIBEic_w==

GET
H2 200 video-player.4820b16d.js Show response
st1.zoom.us/fe-static/recording-player/js/ Frame 42B2 122 KB
29 KB 28ms
28ms Script
application/javascript 18.66.249.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.zoom.us/fe-static/recording-player/js/video-player.4820b16d.js
Requested by: Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/recording-player/js/app.a628624a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.249.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-249-251.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2b7c59b18b2a3ae49bfbdfd2503ec0bbc519833b7ec7682b3fb5132cc1aea52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 23:47:32 GMT
content-encoding: gzip
etag: W/"d549008c8ae78677136109607c878326"
last-modified: Mon, 08 Nov 2021 03:15:49 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:d549008c8ae78677136109607c878326
age: 62740
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 7lshwuPjQl-vHoin-CA386BKB3eo3TDgIWQfeLWwLQHPZTJPNUlLNw==

GET
H2 200 ZoomLogo.png
us02st1.zoom.us/static/5.2.4185/image/new/ Frame 42B2 2 KB
3 KB 70ms
8ms Image
image/png 13.32.26.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us02st1.zoom.us/static/5.2.4185/image/new/ZoomLogo.png
Requested by: Host: us02web.zoom.us
URL: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.26.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-26-253.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1289059a37f8c8bd3223113398a599190d29fc235e14316c815a30ca698823ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 09 Jan 2022 05:01:59 GMT
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified: Sun, 09 Jan 2022 04:32:33 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:112b8a41cca8c030b70d4e25bbc6fadb
age: 43808
etag: "112b8a41cca8c030b70d4e25bbc6fadb"
x-cache: Hit from cloudfront
content-type: image/png
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 2484
x-amz-cf-id: ozZBjJORt-DUoKOc8A5fosMJ7zyyLWy6yopHm94JjKx0wxjXT2TM-Q==

GET
H/1.1 403
Forbbiden GMT20200430-200843_rob-baker-_1366x768.mp4
ssrweb.zoom.us/cmr/replay/2020/04/30/83293542788/1D0DF5D0-E6BC-4E83-A7D5-D78CD5D31139/ Frame 42B2 0
391 B 79ms
19ms Media
text/html 99.86.5.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssrweb.zoom.us/cmr/replay/2020/04/30/83293542788/1D0DF5D0-E6BC-4E83-A7D5-D78CD5D31139/GMT20200430-200843_rob-baker-_1366x768.mp4?response-content-type=video%2Fmp4&response-cache-control=max-age%3D0%2Cs-maxage%3D86400&data=4a67f819bf21ce8b846933521570995690c2f2dff33e0ca8f113f3fa6c160c5b&s001=yes&cid=us02&fid=mQrQdQLch5eB_7-Tmy8zqL5ybG-XPkVZ-A8hM3HCGAH7mNDdIAizaOWNedE7GUMS4L5bvVChTLPSmLuX.j22ZERyqXLklt0uu&s002=drZLc4ZwmcAhJid4F2kjk_1f9B6mrkHM4Pps32U5mc8-EANEdeW-B-h7-w.ocra76JqSbnLwdp1&Policy=eyJTdGF0ZW1lbnQiOiBbeyJSZXNvdXJjZSI6Imh0dHBzOi8vc3Nyd2ViLnpvb20udXMvY21yL3JlcGxheS8yMDIwLzA0LzMwLzgzMjkzNTQyNzg4LzFEMERGNUQwLUU2QkMtNEU4My1BN0Q1LUQ3OENENUQzMTEzOS9HTVQyMDIwMDQzMC0yMDA4NDNfcm9iLWJha2VyLV8xMzY2eDc2OC5tcDQ~cmVzcG9uc2UtY29udGVudC10eXBlPXZpZGVvJTJGbXA0JnJlc3BvbnNlLWNhY2hlLWNvbnRyb2w9bWF4LWFnZSUzRDAlMkNzLW1heGFnZSUzRDg2NDAwJmRhdGE9NGE2N2Y4MTliZjIxY2U4Yjg0NjkzMzUyMTU3MDk5NTY5MGMyZjJkZmYzM2UwY2E4ZjExM2YzZmE2YzE2MGM1YiZzMDAxPXllcyZjaWQ9dXMwMiZmaWQ9bVFyUWRRTGNoNWVCXzctVG15OHpxTDV5YkctWFBrVlotQThoTTNIQ0dBSDdtTkRkSUFpemFPV05lZEU3R1VNUzRMNWJ2VkNoVExQU21MdVguajIyWkVSeXFYTGtsdDB1dSZzMDAyPWRyWkxjNFp3bWNBaEppZDRGMmtqa18xZjlCNm1ya0hNNFBwczMyVTVtYzgtRUFORWRlVy1CLWg3LXcub2NyYTc2SnFTYm5Md2RwMSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTY0MTc1MTkyNn19fV19&Signature=GU9liomVfuS2s9aW-5yk8XcIUaek7lqcb4s3T9XaQgFt~UAmLeoTmg2JB24H7WBu0zqQ02K0UI6ZKGtnOt0344NaXHOy53KKVN9gs6Der2MvpFMehmkO1rMvmtjMnXWuYI5DfV1F6zpTnPiPa6mXiiXvQ499TlXNupzZ46UJWGXOON0up-t7FLa~6iWtk8PbH-ehZtCdzOUNvh0w3kKXMeyRnVayX8iGpmKldx7SXwqH~M3XpLYXcyK6rYTdFB9PW3fN54js0UXM9HpmVudwoa1yyPKq7~k2ZDZPhYxPYNQ5soFWMgVOnik~rhShhci4AVVaEWMWUQ~BDWzqnyHwvQ__&Key-Pair-Id=APKAJFHNSLHYCGFYQGIA
Requested by: Host: us02web.zoom.us
URL: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-250.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us02web.zoom.us/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 09 Jan 2022 17:12:06 GMT
Via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA6-C1
X-Cache: LambdaGeneratedResponse from cloudfront
Content-Type: text/html
Connection: keep-alive
Content-Encoding: UTF-8
Content-Length: 0
X-Amz-Cf-Id: kd2uqPk8R8WaGLoUJUEdZvBieS46ureZKwfDq9Pjm46botHKkXgbmg==

GET
H2 200 vtt Show response
us02web.zoom.us/rec/play/ Frame 42B2 68 B
2 KB 262ms
261ms XHR
text/plain 3.235.73.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us02web.zoom.us/rec/play/vtt?fid=mQrQdQLch5eB_7-Tmy8zqL5ybG-XPkVZ-A8hM3HCGAH7mNDdIAizaOWNedE7GUMS4L5bvVChTLPSmLuX.j22ZERyqXLklt0uu&action=play

Requested by

Host: us02web.zoom.us
URL: https://us02web.zoom.us/assets/zm_bundle.js?cache

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.235.73.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-235-73-94.compute-1.amazonaws.com

Software

Resource Hash

944c5d8a198fb93ca862b9a2b148ecf80523e4ef5396cd600a4f8bb3810e62fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src https://.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: 'self'; object-src 'none'; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us02web.zoom.us/rec/play/tcJ8Ib2pq203TICU4QSDBactW9TvL6KsgyIW8_QIn023BXgFMQGlYecUZLa784RWhr3UyY4EZzoWG3jU?startTime=1588277323000&_x_zm_rtaid=V41KQYefTc2KOGU-zeAUVw.1588378508773.bf66273d3be1ba67af73af2ef85b5ef1&_x_zm_rhtaid=775
X-Requested-With: XMLHttpRequest, OWASP CSRFGuard Project
Accept-Language: de-DE,de;q=0.9
ZOOM-CSRFTOKEN: A271-PL6U-T39R-QFNI-HQJJ-F32P-0K14-X0CK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:06 GMT
referrer-policy: strict-origin-when-cross-origin
x-zm-trackingid: v=2.0;clid=us02;rid=WEB_eca98a3e678366adc4d7a4ade6800183
content-security-policy: upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: 'self'; object-src 'none'; base-uri 'none';
content-security-policy-report-only: frame-ancestors 'self'; report-uri /csp/report/%252Frec%252Fplay%252Fvtt
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
x-zm-zoneid: VA
content-disposition: attachment;filename=GMT20200430-200843_rob-baker-.vtt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: txt;charset=UTF-8
content-length: 68
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ Frame 42B2 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us02web.zoom.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.1/webfonts/ 73 KB
73 KB 447ms
447ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Origin: https://www.activatetravelsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 17:12:10 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GHFR5SKXVFYNXR26
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74320
x-amz-id-2: 8TuF1qb5rezZQzA21kCSuuN/HXAASqtcREpJhSKPFWCkA/y/jCxHBrb6aReWFKIBIEQutmlD+Go=
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
server: cloudflare
etag: "3638e62ea50e6f5859b6a15276c25c87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDl8k43OmqY9NEUfS7Ltk8%2BjPQokoQs6otyLKCfTA4xvgO2%2Fn0zRpR%2BMgSgQFkx0%2FASB40pi%2BvzH2uuP2RubXnWT1mQXw7JpZd%2BeuaFvDfcjDSoIifMSin3WoPd%2BAdf2wb2a8osXsNVoR%2FgDe1RRRhth"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6caf49f6d9327344-MRS

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zoom.us/	1970-01-20 17:33:40	Name: _zm_mtk_guid Value: 68caa2a59b664d11be601606ec895265
.zoom.us/	1969-12-31 23:59:59	Name: _zm_page_auth Value: us02_c_srcuyfArRNK8qPs16kdVEA
.zoom.us/	1969-12-31 23:59:59	Name: _zm_ssid Value: us02_c_-kADo7K2RL289af9OfjkRA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: [Report Only] Refused to frame 'https://us02web.zoom.us/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network	error	URL: https://ssrweb.zoom.us/cmr/replay/2020/04/30/83293542788/1D0DF5D0-E6BC-4E83-A7D5-D78CD5D31139/GMT20200430-200843_rob-baker-_1366x768.mp4?response-content-type=video%2Fmp4&response-cache-control=max-age%3D0%2Cs-maxage%3D86400&data=4a67f819bf21ce8b846933521570995690c2f2dff33e0ca8f113f3fa6c160c5b&s001=yes&cid=us02&fid=mQrQdQLch5eB_7-Tmy8zqL5ybG-XPkVZ-A8hM3HCGAH7mNDdIAizaOWNedE7GUMS4L5bvVChTLPSmLuX.j22ZERyqXLklt0uu&s002=drZLc4ZwmcAhJid4F2kjk_1f9B6mrkHM4Pps32U5mc8-EANEdeW-B-h7-w.ocra76JqSbnLwdp1&Policy=eyJTdGF0ZW1lbnQiOiBbeyJSZXNvdXJjZSI6Imh0dHBzOi8vc3Nyd2ViLnpvb20udXMvY21yL3JlcGxheS8yMDIwLzA0LzMwLzgzMjkzNTQyNzg4LzFEMERGNUQwLUU2QkMtNEU4My1BN0Q1LUQ3OENENUQzMTEzOS9HTVQyMDIwMDQzMC0yMDA4NDNfcm9iLWJha2VyLV8xMzY2eDc2OC5tcDQ~cmVzcG9uc2UtY29udGVudC10eXBlPXZpZGVvJTJGbXA0JnJlc3BvbnNlLWNhY2hlLWNvbnRyb2w9bWF4LWFnZSUzRDAlMkNzLW1heGFnZSUzRDg2NDAwJmRhdGE9NGE2N2Y4MTliZjIxY2U4Yjg0NjkzMzUyMTU3MDk5NTY5MGMyZjJkZmYzM2UwY2E4ZjExM2YzZmE2YzE2MGM1YiZzMDAxPXllcyZjaWQ9dXMwMiZmaWQ9bVFyUWRRTGNoNWVCXzctVG15OHpxTDV5YkctWFBrVlotQThoTTNIQ0dBSDdtTkRkSUFpemFPV05lZEU3R1VNUzRMNWJ2VkNoVExQU21MdVguajIyWkVSeXFYTGtsdDB1dSZzMDAyPWRyWkxjNFp3bWNBaEppZDRGMmtqa18xZjlCNm1ya0hNNFBwczMyVTVtYzgtRUFORWRlVy1CLWg3LXcub2NyYTc2SnFTYm5Md2RwMSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTY0MTc1MTkyNn19fV19&Signature=GU9liomVfuS2s9aW-5yk8XcIUaek7lqcb4s3T9XaQgFt~UAmLeoTmg2JB24H7WBu0zqQ02K0UI6ZKGtnOt0344NaXHOy53KKVN9gs6Der2MvpFMehmkO1rMvmtjMnXWuYI5DfV1F6zpTnPiPa6mXiiXvQ499TlXNupzZ46UJWGXOON0up-t7FLa~6iWtk8PbH-ehZtCdzOUNvh0w3kKXMeyRnVayX8iGpmKldx7SXwqH~M3XpLYXcyK6rYTdFB9PW3fN54js0UXM9HpmVudwoa1yyPKq7~k2ZDZPhYxPYNQ5soFWMgVOnik~rhShhci4AVVaEWMWUQ~BDWzqnyHwvQ__&Key-Pair-Id=APKAJFHNSLHYCGFYQGIA Message: Failed to load resource: the server responded with a status of 403 (Forbbiden)
javascript	warning	URL: https://us02web.zoom.us/assets/zm_bundle.js?seed=AIBSyD9-AQAATyHwUuTjcg5lsilincMgIfNYjZ5YsL-ycOgY_DlhbgFPAe9-&uQHR71Sqnk--z=q Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
ssrweb.zoom.us
st1.zoom.us
stackpath.bootstrapcdn.com
us02st1.zoom.us
us02st3.zoom.us
us02web.zoom.us
use.fontawesome.com
www.activatetravelsavings.com
www.google.com
www.gstatic.com
13.32.26.253
162.210.97.242
18.66.249.251
18.66.99.251
2001:4de0:ac18::1:a:2a
2606:4700:3031::ac43:d645
2606:4700::6810:135e
2606:4700::6812:acf
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:830::2004
3.235.73.94
99.86.5.250
1289059a37f8c8bd3223113398a599190d29fc235e14316c815a30ca698823ce
1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
185d1ec9787394f60dcf5825486ccae3d05e3ac084c01daa8588fa254bde428f
1ab46b03bb57c40d6e31af15f2d06e45671f53d284ed3b21ae3c71c0262687fc
1d4137bc639effce295d286afc40b9cee3aace62293528e633eaab74547342fb
2af9d911990117b68010c901edbf4776b9a6c449ee46a8315415d5e7a8ea8449
2d92e25b0f94f5e548c66964d39752c9796a687407f138c5bce0aadbf091132d
3261bf45cd67dc728023de7afb87b76b9df7f78b98afd4f21a6adc9a4012c46f
457b6e41171d2e2b75c1a5fb332adac3c1d69a8a9bda64b4e61e272a866d7065
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
53a8f61d49b759b45f3c624c2a3ab4fcc2a8a1faec11bc99da55e56c40bd9a67
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
5df3cdadeb73cdab7be7d6a570842ce4b80d52290ae1f641ae7c9a6269a12493
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
8186eac1300b69244a16591393d0bd01789ff4223fe9aed527f4a96bcf093a9c
842fb946718899517ce671450e99e9cf8bb1d2b9a811a957afcced60709785a9
8de0fd740fbb10a07d7d35d11da2762323e84a8ae1c2a7fae22c14135c78b90d
92ebd82145c82bd55fa011965413d168e2e8ac0fbb2c0163db47e5d040cd3f44
944c5d8a198fb93ca862b9a2b148ecf80523e4ef5396cd600a4f8bb3810e62fe
96a065e94cda44431d713a766f0de97bd63f3fd2d7ae740c754ba27f1cceb646
97c3837e1801b44f2f91c78b015490ca1ee8f367d891ac8211c8a383892fd1c4
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
a2b7c59b18b2a3ae49bfbdfd2503ec0bbc519833b7ec7682b3fb5132cc1aea52
a67394b5849e496a457bc375c14f7441043cee097ae620482f404f9de6116828
b655579f520f29e1d87f6bc6039d68386234b8b0f2cbe3ddca9c88a336fdcd9e
b66d5b0d7f3d61cec13c172364d7ac2bfcb676ff4a6488f92b5db2db9205e8a2
b99880b096fb40a58312a799951553278e27eb9c1726dd2ca4013dbd9dad57e9
c90abe6cf7b2b393a74ffa22d91cf802e296047a83bd2cb907d26aecb38e83bd
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
d3593bb3da8a24fd97f34df9387a2883137927d7cb69102a5b19520e4842f99a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f8e114676c2efdd2ec04f61857d2443185fc8f05571bf6789843d86e5829bb
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
f389f5370e5d4763c41e07ef1fe72d9e852f1ad774e0dce25009c18072649fbd
f439ad5b81187e7db1f8740434ea7a11d2976496ba9d03281a9e9897a6717d54
f4e96ed3597fbfa7ebbfbc47068cbb537e2c40ac1afa8d8d0821e08b67f85650
f832f83b34571fe0e14c72b074e86362cf6b615077794d7210fcb1665d278c1e
fa99ba0adae8f56091a8168a252a34bbd1481a3cdff7535881a1a3acc5498159
fcba775e585da3a3230e9da7f232a6d3d599a51a4e83570f257e862e4fabf45d

www.activatetravelsavings.com Open in urlscan Pro 162.210.97.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

57 %IPv6

9 Domains

14 Subdomains

15 IPs

3 Countries

3766 kBTransfer

5765 kBSize

3 Cookies

1 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.activatetravelsavings.com Open in urlscan Pro
162.210.97.242 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

57 %
IPv6

9
Domains

14
Subdomains

15
IPs

3
Countries

3766 kB
Transfer

5765 kB
Size

3
Cookies

42 HTTP transactions
1 data transactions