urlscan.io logo urlscan.io
SecurityTrails logo

rtm.visa.com Open in urlscan Pro
104.18.11.214  Public Scan

Go To Rescan Add Verdict Report
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_2...
Submission: On May 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 30 HTTP transactions. The main IP is 104.18.11.214, located in United States and belongs to CLOUDFLARENET, US. The main domain is rtm.visa.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 4th 2020. Valid for: 7 months.
This is the only time rtm.visa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

22    104.18.11.214 (United States)

ASN13335 (CLOUDFLARENET, US)
rtm.visa.com
2    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    104.18.30.133 (United States)

ASN13335 (CLOUDFLARENET, US)
imgctl.visa.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
22 rtm.visa.com rtm.visa.com
2 www.google-analytics.com www.googletagmanager.com
rtm.visa.com
2 imgctl.visa.com rtm.visa.com
2 www.google.com 1 redirects rtm.visa.com
1 www.google.de rtm.visa.com
1 stats.g.doubleclick.net 1 redirects
1 www.gstatic.com www.google.com
1 www.googletagmanager.com rtm.visa.com
30 8

This site contains links to these domains. Also see Links.

Domain
www.hyatt.com
Subject Issuer Validity Valid
rtm.visa.com
CloudFlare Inc ECC CA-2		 2020-03-04 -
2020-10-09		 7 months crt.sh
www.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
imgctl.visa.com
CloudFlare Inc ECC CA-2		 2019-12-10 -
2020-10-09		 10 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Frame ID: 4F03C024C2CCE4A5E859A4B8A47600F9
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /angular.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /lodash.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

30
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

1049 kB
Transfer

2006 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-63470806-14&cid=813801772.1590483030&jid=2026950656&gjid=860397425&_gid=89826694.1590483030&_u=YGBAgEAB~&z=2072363103 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63470806-14&cid=813801772.1590483030&jid=2026950656&_v=j82&z=2072363103 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63470806-14&cid=813801772.1590483030&jid=2026950656&_v=j82&z=2072363103&slf_rd=1&random=842997338

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request HYATTPLHH2019
rtm.visa.com/Registration/ 		53 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5d9a5498308b2b85c78cbf9c86409ee4b57bdca311051a85f978489619e55c8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://visa.uncle-ad.com/home/gogowifi
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:method
GET
:authority
rtm.visa.com
:scheme
https
:path
/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 26 May 2020 08:50:29 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=df7423ff495c4dbfbd00595f60891f6e61590483027; expires=Thu, 25-Jun-20 08:50:27 GMT; path=/; domain=.rtm.visa.com; HttpOnly; SameSite=Lax; Secure LANG=en-US; expires=Wed, 26-May-2021 08:50:28 GMT; path=/; secure; HttpOnly lbs=!6MYlOjZN860KGvbXqJHIh0WWvqXdHLfNnSQFgAtuQtOIJAZ6bt+g4I7d/zCj8HVNvEeqf5DuUmhLt7OpEM30P7K4sCx56dvwvj9z4axxRg==; path=/; Httponly; Secure __cfruid=f5dc1409d27c7bfd1c29498f5fd3a538bdbfdf6f-1590483029; path=/; domain=.rtm.visa.com; HttpOnly; Secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19051
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-download-options
noopen
content-security-policy
frame-ancestors https://visa.uncle-ad.com/home/gogowifi
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
59963fa97d6ef15a-ARN
content-encoding
br
cf-request-id
02f1c61de60000f15a46b69200000001
normalize.css
rtm.visa.com/Registration/Content/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Content/css/normalize.css
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2b4693cfde5699fc38567a461e8d197bd39db03bf9ad67e5cb5090b82ce1b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19068
vary
Accept-Encoding
cf-request-id
02f1c6255f0000f15a46be4200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb56ad1f15a-ARN
expires
-1
main.css
rtm.visa.com/Registration/Content/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Content/css/main.css
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcbab29174519371e736b5b02299f53b21170eed0cbaad39dd822a312d1c75a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19066
vary
Accept-Encoding
cf-request-id
02f1c6255f0000f15a46be5200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb56ad4f15a-ARN
expires
-1
mobile.css
rtm.visa.com/Registration/Content/css/ 		3 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Content/css/mobile.css
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164b39cf258f77fe8fc4be0131ec48b0345fd545745941411f752c66c693e693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19064
vary
Accept-Encoding
cf-request-id
02f1c6255f0000f15a46be6200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb56ad8f15a-ARN
expires
-1
custom.css
rtm.visa.com/Registration/Content/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Content/css/custom.css
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8024bd6c9eb705344e81e525973315751ac8be0bb8e189ce28f1cf7f2896a41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19065
vary
Accept-Encoding
cf-request-id
02f1c6255f0000f15a46be7200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb56addf15a-ARN
expires
-1
jquery-1.10.2.js
rtm.visa.com/Registration/Scripts/ 		268 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/jquery-1.10.2.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04139845ce14169e9b9cfad22c4a879dce68914b3875e71112b28bafbf96bf56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19070
vary
Accept-Encoding
cf-request-id
02f1c6255f0000f15a46be8200000001
pragma
no-cache
last-modified
Mon, 23 Jan 2017 17:54:24 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"0851bba175d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb56ae0f15a-ARN
expires
-1
jquery-3.1.1.js
rtm.visa.com/Registration/Scripts/ 		271 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/jquery-3.1.1.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9048fea17ebe181d7510d6ec8d4763231cb5b54634f7eac26f39c7876d38aa28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19067
vary
Accept-Encoding
cf-request-id
02f1c625610000f15a46be9200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb56ae2f15a-ARN
expires
-1
angular.min.js
rtm.visa.com/Registration/Scripts/vendor/ 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f360b725bf7c7760538ab07edb0ff04bd63ab25a1f337557e176c7a4959402a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19069
vary
Accept-Encoding
cf-request-id
02f1c625610000f15a46bea200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb56ae3f15a-ARN
expires
-1
api.js
www.google.com/recaptcha/ 		674 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=test
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9e2e8b608a8334719e62192a3305cafebb1ffd19062b205e66b83c13da65ee38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
445
x-xss-protection
1; mode=block
expires
Tue, 26 May 2020 08:50:29 GMT
0RkqvMTQlUmfbL9yUVD0QA
imgctl.visa.com/ImageCatalog/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgctl.visa.com/ImageCatalog/0RkqvMTQlUmfbL9yUVD0QA
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
41968f5eef25174b0499d5fc82c72911e9d19b94dba61b36171c4745f4cd8e86
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:30 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
content-length
6647
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/Png
cache-control
private
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';
cf-request-id
02f1c627620000f162680f7200000001
accept-ranges
bytes
cf-ray
59963fb89c39f162-ARN
visa-logo.png
rtm.visa.com/Registration/Content/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtm.visa.com/Registration/Content/img/visa-logo.png
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6cc1e6d1d6ccf8b880eec55c7d34f382a80e17a18abb3b476c6d01f230f13a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19081
vary
Accept-Encoding
content-length
9911
cf-request-id
02f1c627070000f15a46814200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
59963fb80a25f15a-ARN
expires
-1
ui-bootstrap-custom-tpls-1.3.3.min.js
rtm.visa.com/Registration/Scripts/vendor/ 		66 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/vendor/ui-bootstrap-custom-tpls-1.3.3.min.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40e9010734fbddf6df16d30c9c0d03b197b608457d9f395875cf36f5396603f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19079
vary
Accept-Encoding
cf-request-id
02f1c626c00000f15a46bfc200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb798c1f15a-ARN
expires
-1
lodash.min.js
rtm.visa.com/Registration/Scripts/vendor/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/vendor/lodash.min.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
266ba8607ce749ac796f52c2767c647b8c0b4472652bc6e3c2b6679407aac4c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19084
vary
Accept-Encoding
cf-request-id
02f1c626c90000f15a46bfe200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7a8fdf15a-ARN
expires
-1
angular-custom-select.min.js
rtm.visa.com/Registration/Scripts/vendor/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/vendor/angular-custom-select.min.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6216d8bb93435f85596e99fdd24de8bf36ec264466b850956827b2df557db5ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19074
vary
Accept-Encoding
cf-request-id
02f1c626e90000f15a46802200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7d99cf15a-ARN
expires
-1
angular-validation-match.min.js
rtm.visa.com/Registration/Scripts/vendor/ 		855 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/vendor/angular-validation-match.min.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb29262593044f5cfcb21b06964d3ed3a878338c7bc4e63e53b1a71217efc2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19080
vary
Accept-Encoding
cf-request-id
02f1c626e90000f15a46803200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7d9a2f15a-ARN
expires
-1
angular-route.min.js
rtm.visa.com/Registration/Scripts/vendor/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/vendor/angular-route.min.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0c227428926ccf123fa023b5b1f7203c6e999b79169c47d00d387864c43132
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19083
vary
Accept-Encoding
cf-request-id
02f1c626e90000f15a46804200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7d9aaf15a-ARN
expires
-1
angular-cookies.min.js
rtm.visa.com/Registration/Scripts/vendor/ 		1 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/vendor/angular-cookies.min.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39dd4dbae1b2c99da7ede6a946af1c8accea1f789150a1ac0be56a40def7aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19076
vary
Accept-Encoding
cf-request-id
02f1c626eb0000f15a46805200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7d9aff15a-ARN
expires
-1
luhn.js
rtm.visa.com/Registration/Scripts/vendor/ 		925 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/vendor/luhn.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e9544828494ecca0224a7c54680b31c13108aeece216942690bd607356d697c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19071
vary
Accept-Encoding
cf-request-id
02f1c626eb0000f15a46806200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7d9b3f15a-ARN
expires
-1
app.js
rtm.visa.com/Registration/Scripts/ 		285 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/app.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c546de1aa67db0bd8979868efbbb6199eb66b1d4bbc3f6bbc85a8ce04cfe890c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19075
vary
Accept-Encoding
cf-request-id
02f1c626eb0000f15a46807200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7d9b6f15a-ARN
expires
-1
config.js
rtm.visa.com/Registration/Scripts/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/config.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40327dc9984616d8c9185c5e00e042b6ac92c2fc7946acaac8bb38201d531266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19078
vary
Accept-Encoding
cf-request-id
02f1c626eb0000f15a46808200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7d9b9f15a-ARN
expires
-1
directives.js
rtm.visa.com/Registration/Scripts/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/directives.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6721f009555a8883127c67d1ccca3435703efcc473a206853917ab7dd974f58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19077
vary
Accept-Encoding
cf-request-id
02f1c626eb0000f15a46809200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7d9bef15a-ARN
expires
-1
NgLayoutController.js
rtm.visa.com/Registration/Scripts/controllers/ 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/controllers/NgLayoutController.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda50e5b08a560cfdae7a11ccd3d6c01a6669fcf321148c18ab694e6173b3a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19073
vary
Accept-Encoding
cf-request-id
02f1c626eb0000f15a4680a200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7d9c0f15a-ARN
expires
-1
card-number-mask.js
rtm.visa.com/Registration/Scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/card-number-mask.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b562af5d778ed9fa6c68dfa793c74f5b579a20692aa2266bad36c2c51c9bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19072
vary
Accept-Encoding
cf-request-id
02f1c626eb0000f15a4680b200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb7d9c4f15a-ARN
expires
-1
phone-number-mask.js
rtm.visa.com/Registration/Scripts/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtm.visa.com/Registration/Scripts/phone-number-mask.js
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870f4918354f541bb72e899ca3f7160a007d51e43e44a4485fd71c85a607ff6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-opnet-transaction-trace
a2_53896fbe-ced3-49ab-ab95-d9c13a5e1504-6456-19082
vary
Accept-Encoding
cf-request-id
02f1c627070000f15a46813200000001
pragma
no-cache
last-modified
Wed, 25 Sep 2019 08:11:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"027dee17873d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
59963fb80a23f15a-ARN
expires
-1
gtm.js
www.googletagmanager.com/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K7MDJ3
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8533659631292fab862a4285d1c2149b370aee5ff2da5f2ff11cf4fd485a7aa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:29 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28988
x-xss-protection
0
last-modified
Tue, 26 May 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 May 2020 08:50:29 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/BT5UwN2jyUJCo7TdbwTYi_58/ 		310 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/BT5UwN2jyUJCo7TdbwTYi_58/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=test
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
277939603aa72db39886e49b3cb46a73c88b5e84e53797349969b3154dc3e107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 21:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 May 2020 18:40:32 GMT
server
sffe
age
559621
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124488
x-xss-protection
0
expires
Wed, 19 May 2021 21:23:28 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7MDJ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
6850
date
Tue, 26 May 2020 06:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Tue, 26 May 2020 08:56:19 GMT
collect
www.google-analytics.com/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1934345868&t=pageview&_s=1&dl=https%3A%2F%2Frtm.visa.com%2FRegistration%2FHYATTPLHH2019%3FWOHNUMBER%3D511843420I%26src%3Dwohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I&ul=en-us&de=UTF-8&dt=Unable%20to%20enroll&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=2026950656&gjid=860397425&cid=813801772.1590483030&tid=UA-63470806-14&_gid=89826694.1590483030&gtm=2wg5e1K7MDJ3&z=1597916835
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 May 2020 04:18:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16319
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-63470806-14&cid=813801772.1590483030&jid=2026950656&gjid=860397425&_gid=89826694.1590483030&_u=YGBAgEAB~&z=2072363103
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63470806-14&cid=813801772.1590483030&jid=2026950656&_v=j82&z=2072363103
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63470806-14&cid=813801772.1590483030&jid=2026950656&_v=j82&z=2072363103&slf_rd=1&random=842997338
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63470806-14&cid=813801772.1590483030&jid=2026950656&_v=j82&z=2072363103&slf_rd=1&random=842997338
Requested by
Host: rtm.visa.com
URL: https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rtm.visa.com/Registration/HYATTPLHH2019?WOHNUMBER=511843420I&src=wohhycard_email_promo-HCCHPHH19-SOLO_NA_EN_20191001_maincta_M0145101754748333EN_G-511843420I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 May 2020 08:50:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 May 2020 08:50:29 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63470806-14&cid=813801772.1590483030&jid=2026950656&_v=j82&z=2072363103&slf_rd=1&random=842997338
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fGhLYSDeN0unTZkv95thgg
imgctl.visa.com/ImageCatalog/ 		586 KB
587 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgctl.visa.com/ImageCatalog/fGhLYSDeN0unTZkv95thgg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0662e09207d833cc342fe730323fc25ed17e8d5c5557d06d40d5190d1ac7eb57
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rtm.visa.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 08:50:30 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
content-length
599748
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/Png
cache-control
private
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';
cf-request-id
02f1c62ad10000f1626814b200000001
accept-ranges
bytes
cf-ray
59963fbe19b0f162-ARN

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| angular object| dataLayer object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| gaplugins object| gaGlobal object| gaData function| _ function| isValidIdentifier object| app object| supportedLanguageCodes

7 Cookies

Domain/Path Name / Value
.visa.com/ Name: _dc_gtm_UA-63470806-14
Value: 1
.visa.com/ Name: _gid
Value: GA1.2.89826694.1590483030
.visa.com/ Name: _ga
Value: GA1.2.813801772.1590483030
.rtm.visa.com/ Name: __cfruid
Value: f5dc1409d27c7bfd1c29498f5fd3a538bdbfdf6f-1590483029
.rtm.visa.com/ Name: __cfduid
Value: df7423ff495c4dbfbd00595f60891f6e61590483027
rtm.visa.com/ Name: lbs
Value: !6MYlOjZN860KGvbXqJHIh0WWvqXdHLfNnSQFgAtuQtOIJAZ6bt+g4I7d/zCj8HVNvEeqf5DuUmhLt7OpEM30P7K4sCx56dvwvj9z4axxRg==
rtm.visa.com/ Name: LANG
Value: en-US

1 Console Messages

Source Level URL
Text
console-api error URL: https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js(Line 117)
Message:
TypeError: Cannot read property 'DefaultLanguage' of undefined at Object.<anonymous> (https://rtm.visa.com/Registration/Scripts/controllers/NgLayoutController.js:6:72) at Object.invoke (https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js:41:376) at R.instance (https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js:89:399) at m (https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js:65:65) at g (https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js:58:481) at https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js:58:119 at https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js:20:501 at m.$eval (https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js:145:107) at m.$apply (https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js:145:340) at https://rtm.visa.com/Registration/Scripts/vendor/angular.min.js:20:457

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://visa.uncle-ad.com/home/gogowifi
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

imgctl.visa.com
rtm.visa.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.18.11.214
104.18.30.133
2a00:1450:4001:800::2008
2a00:1450:4001:806::2004
2a00:1450:4001:809::2003
2a00:1450:4001:816::2003
2a00:1450:4001:81b::200e
2a00:1450:400c:c00::9a
04139845ce14169e9b9cfad22c4a879dce68914b3875e71112b28bafbf96bf56
0662e09207d833cc342fe730323fc25ed17e8d5c5557d06d40d5190d1ac7eb57
164b39cf258f77fe8fc4be0131ec48b0345fd545745941411f752c66c693e693
1dcbab29174519371e736b5b02299f53b21170eed0cbaad39dd822a312d1c75a
1e9544828494ecca0224a7c54680b31c13108aeece216942690bd607356d697c
266ba8607ce749ac796f52c2767c647b8c0b4472652bc6e3c2b6679407aac4c9
277939603aa72db39886e49b3cb46a73c88b5e84e53797349969b3154dc3e107
2a0c227428926ccf123fa023b5b1f7203c6e999b79169c47d00d387864c43132
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
39dd4dbae1b2c99da7ede6a946af1c8accea1f789150a1ac0be56a40def7aa5e
40327dc9984616d8c9185c5e00e042b6ac92c2fc7946acaac8bb38201d531266
41968f5eef25174b0499d5fc82c72911e9d19b94dba61b36171c4745f4cd8e86
6216d8bb93435f85596e99fdd24de8bf36ec264466b850956827b2df557db5ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8533659631292fab862a4285d1c2149b370aee5ff2da5f2ff11cf4fd485a7aa2
85b562af5d778ed9fa6c68dfa793c74f5b579a20692aa2266bad36c2c51c9bda
870f4918354f541bb72e899ca3f7160a007d51e43e44a4485fd71c85a607ff6a
8bb29262593044f5cfcb21b06964d3ed3a878338c7bc4e63e53b1a71217efc2b
9048fea17ebe181d7510d6ec8d4763231cb5b54634f7eac26f39c7876d38aa28
9e2e8b608a8334719e62192a3305cafebb1ffd19062b205e66b83c13da65ee38
c546de1aa67db0bd8979868efbbb6199eb66b1d4bbc3f6bbc85a8ce04cfe890c
c5d9a5498308b2b85c78cbf9c86409ee4b57bdca311051a85f978489619e55c8
cda50e5b08a560cfdae7a11ccd3d6c01a6669fcf321148c18ab694e6173b3a66
de6cc1e6d1d6ccf8b880eec55c7d34f382a80e17a18abb3b476c6d01f230f13a
e2b4693cfde5699fc38567a461e8d197bd39db03bf9ad67e5cb5090b82ce1b56
e6721f009555a8883127c67d1ccca3435703efcc473a206853917ab7dd974f58
e8024bd6c9eb705344e81e525973315751ac8be0bb8e189ce28f1cf7f2896a41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f360b725bf7c7760538ab07edb0ff04bd63ab25a1f337557e176c7a4959402a7
f40e9010734fbddf6df16d30c9c0d03b197b608457d9f395875cf36f5396603f