urlscan.io logo urlscan.io
SecurityTrails logo

secure.rezserver.com Open in urlscan Pro
151.101.130.150  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Submission: On February 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 2 domains to perform 34 HTTP transactions. The main IP is 151.101.130.150, located in United States and belongs to FASTLY, US. The main domain is secure.rezserver.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on February 5th 2018. Valid for: 2 years.
This is the only time secure.rezserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 151.101.130.150 54113 (FASTLY)
1 13.225.78.94 16509 (AMAZON-02)
4 18.215.35.124 14618 (AMAZON-AES)
3 9 13.225.78.84 16509 (AMAZON-02)
1 54.234.37.95 14618 (AMAZON-AES)
5 100.24.81.90 14618 (AMAZON-AES)
34 7
13    151.101.130.150 (United States)

ASN54113 (FASTLY, US)
secure.rezserver.com
1    13.225.78.94 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-94.fra2.r.cloudfront.net
3483aa961f45.cdn4.forter.com
4    18.215.35.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-35-124.compute-1.amazonaws.com
cdn3.forter.com
9    13.225.78.84 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-84.fra2.r.cloudfront.net
cdn9.forter.com
1    54.234.37.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-37-95.compute-1.amazonaws.com
0ddc5c8770ee44c6adf12c4c4c39b322-3483aa961f45.cdn.forter.com
5    100.24.81.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-81-90.compute-1.amazonaws.com
cdn0.forter.com

This site contains no links.

Subject Issuer Validity Valid
*.rezserver.com
GeoTrust RSA CA 2018		 2018-02-05 -
2020-04-05		 2 years crt.sh
*.cdn4.forter.com
DigiCert SHA2 Secure Server CA		 2018-08-27 -
2020-10-27		 2 years crt.sh
cdn3.forter.com
DigiCert SHA2 Secure Server CA		 2019-03-24 -
2021-06-16		 2 years crt.sh
cdn9.forter.com
Amazon		 2019-06-25 -
2020-07-25		 a year crt.sh
*.cdn.forter.com
DigiCert SHA2 Secure Server CA		 2018-04-11 -
2020-06-19		 2 years crt.sh
cdn0.forter.com
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-05-14		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://secure.rezserver.com/flights/help/review/?refid=2681
Frame ID: 7A5B70FC7D2B3238906439352CD6616C
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

34
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

6
Subdomains

7
IPs

1
Countries

598 kB
Transfer

2098 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://cdn9.forter.com/vchk2 HTTP 301
  • https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24bd0a777
Request Chain 27
  • https://cdn9.forter.com/vchk2 HTTP 301
  • https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24dd7a671
Request Chain 31
  • https://cdn9.forter.com/vchk2 HTTP 301
  • https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24fd6a674

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.rezserver.com/flights/help/review/ 		38 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
35eaeab1f925315e498d0d56bf41cdae637505f7b0881cfff63aab74a87c25c3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
secure.rezserver.com
:scheme
https
:path
/flights/help/review/?refid=2681
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
server
nginx
content-type
text/html; charset=UTF-8
set-cookie
hotel_rooms=1; expires=Mon, 24-Feb-2020 12:40:21 GMT; Max-Age=604800; path=/; domain=secure.rezserver.com SITESERVER=ID=c593f82bf5910937d4885dff01069c6f; expires=Thu, 17-Feb-2050 12:40:21 GMT; Max-Age=946771200; path=/; domain=secure.rezserver.com rezucc=GB; expires=Mon, 17-Feb-2020 14:40:21 GMT; Max-Age=7200; path=/ currency=USD; expires=Mon, 24-Feb-2020 12:40:21 GMT; Max-Age=604800; path=/; domain=secure.rezserver.com varid=202z237z238z239z240z241z246z249z250z; expires=Mon, 24-Feb-2020 12:40:21 GMT; Max-Age=604800; path=/; domain=secure.rezserver.com; HttpOnly _session_id=fcfba07a715cc163c175f93bcedd1706; expires=Mon, 02-Mar-2020 12:40:21 GMT; Max-Age=1209600; path=/; HttpOnly
cache-control
no-cache
x-runtime
0.060341
x-wl-cache
0
content-encoding
gzip
x-frame-options
SAMEORIGIN
accept-ranges
bytes bytes bytes bytes
age
0 0 0 0
via
1.1 varnish 1.1 varnish
x-timer
S1581943222.588216,VS0,VE101
fastly-restarts
1
date
Mon, 17 Feb 2020 12:40:21 GMT
x-served-by
cache-iad2151-IAD, cache-lcy19230-LCY
x-cache
MISS, MISS
x-cache-hits
0, 0
wsheader
ws=fLCY/fIAD/ny-w011 D=0.061
hotel.css
secure.rezserver.com/public/bcfc0cb/css/ 		360 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/public/bcfc0cb/css/hotel.css
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f5241f4a2aec0703c89a906e85f4d5d4fe59bd96e4eb3b8ef7f88168c506fbf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

wsheader
ws=fLCY/fIAD/ny-w013 D=0.000
date
Mon, 17 Feb 2020 12:40:21 GMT
content-encoding
gzip
age
0, 0
x-cache
MISS, MISS
status
200
fastly-restarts
1
x-served-by
cache-iad2122-IAD, cache-lcy19230-LCY
last-modified
Fri, 14 Feb 2020 15:48:12 GMT
server
nginx
x-timer
S1581943222.818380,VS0,VE47
etag
W/"5e46c13c-5a138"
x-frame-options
SAMEORIGIN
content-type
text/css
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes, bytes, bytes
x-cache-hits
0, 0
support-2681.css
secure.rezserver.com/hotels/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/hotels/css/support-2681.css
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb4f7c9997d25f1b7befa19e9f10c35f958e773942efa92c4a8f4083011c42ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

wsheader
ws=fLCY/fIAD/ash1-w414 D=0.049
date
Mon, 17 Feb 2020 12:40:21 GMT
content-encoding
gzip
age
0, 0, 0, 0
x-cache
MISS, MISS
status
200
x-wl-cache
0
fastly-restarts
1
x-served-by
cache-iad2143-IAD, cache-lcy19230-LCY
x-runtime
0.048248
server
nginx
x-timer
S1581943222.821247,VS0,VE91
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes, bytes, bytes, bytes
x-cache-hits
0, 0
rs_template_boilerplate.css
secure.rezserver.com/shared/css/ 		887 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/shared/css/rs_template_boilerplate.css
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9cc6d51c13502cdb2a3d25da46a6613cb967644351bb8d1d00c331a32eb88cfe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

wsheader
ws=fLCY/fIAD/ny-w014 D=0.000
date
Mon, 17 Feb 2020 12:40:21 GMT
via
1.1 varnish, 1.1 varnish
fastly-restarts
1
age
0, 0, 0
x-cache
MISS, MISS
status
200
content-length
887
x-served-by
cache-iad2127-IAD, cache-lcy19230-LCY
last-modified
Fri, 14 Feb 2020 15:43:12 GMT
server
nginx
x-timer
S1581943222.826364,VS0,VE31
etag
"5e46c010-377"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes, bytes, bytes, bytes, bytes
x-cache-hits
0, 0
jquery-3.4.0.min.js
secure.rezserver.com/shared/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/shared/js/jquery-3.4.0.min.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

wsheader
ws=fLCY/fIAD/ny-w013 D=0.000
date
Mon, 17 Feb 2020 12:40:21 GMT
content-encoding
gzip
age
0, 0, 0
x-cache
MISS, MISS
status
200
fastly-restarts
1
x-served-by
cache-iad2141-IAD, cache-lcy19230-LCY
last-modified
Fri, 14 Feb 2020 15:43:12 GMT
server
nginx
x-timer
S1581943222.824015,VS0,VE44
etag
W/"5e46c010-15857"
x-frame-options
SAMEORIGIN
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes, bytes, bytes, bytes
x-cache-hits
0, 0
jquery-migrate-3.1.0.min.js
secure.rezserver.com/shared/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/shared/js/jquery-migrate-3.1.0.min.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c9c25e5db965f66edd1ca79a3db5c19191fc06e3fdf5298f9bff2ae4ef926c17
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

wsheader
ws=fLCY/fIAD/ny-w013 D=0.000
date
Mon, 17 Feb 2020 12:40:21 GMT
content-encoding
gzip
age
0, 0, 0
x-cache
MISS, MISS
status
200
fastly-restarts
1
x-served-by
cache-iad2129-IAD, cache-lcy19230-LCY
last-modified
Fri, 14 Feb 2020 15:43:12 GMT
server
nginx
x-timer
S1581943222.828245,VS0,VE36
etag
W/"5e46c010-231e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes, bytes, bytes, bytes
x-cache-hits
0, 0
hotel.min.js
secure.rezserver.com/public/bcfc0cb/app/ 		1 MB
310 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/public/bcfc0cb/app/hotel.min.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b4858359f992918937d93251b830fc8c24aa3e9ae08afcb15a5a2c0b13ffab9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

wsheader
ws=fLCY/fIAD/ny-w014 D=0.000
date
Mon, 17 Feb 2020 12:40:21 GMT
content-encoding
gzip
age
0, 0
x-cache
MISS, MISS
status
200
fastly-restarts
1
x-served-by
cache-iad2124-IAD, cache-lcy19230-LCY
last-modified
Fri, 14 Feb 2020 15:48:11 GMT
server
nginx
x-timer
S1581943222.823377,VS0,VE42
etag
W/"5e46c13b-1146fa"
x-frame-options
SAMEORIGIN
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes, bytes, bytes
x-cache-hits
0, 0
help.min.js
secure.rezserver.com/public/bcfc0cb/ 		121 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/public/bcfc0cb/help.min.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
04a11f69c5a9304c61af502890dfe55bf2a9f4507d6c391127e592268b97aac0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

wsheader
ws=fLCY/fIAD/ny-w012 D=0.000
date
Mon, 17 Feb 2020 12:40:21 GMT
content-encoding
gzip
age
0, 0, 0, 0
x-cache
MISS, MISS
status
200
fastly-restarts
1
x-served-by
cache-iad2127-IAD, cache-lcy19230-LCY
last-modified
Fri, 14 Feb 2020 15:48:34 GMT
server
nginx
x-timer
S1581943222.825572,VS0,VE39
etag
W/"5e46c152-1e389"
x-frame-options
SAMEORIGIN
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes, bytes, bytes, bytes
x-cache-hits
0, 0
client.js
secure.rezserver.com/sdk/v1/2681/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/sdk/v1/2681/client.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6cf02410a31ebf95cf4f224e2c079bc17c69f2d81db8e19c7dd5b9d79eea245b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

wsheader
ws=fLCY/fIAD/ash1-w413 D=0.050
date
Mon, 17 Feb 2020 12:40:21 GMT
content-encoding
gzip
age
0
x-cache
MISS, MISS
status
200
x-wl-cache
0
fastly-restarts
1
x-served-by
cache-iad2130-IAD, cache-lcy19230-LCY
x-runtime
0.049356
server
nginx
x-timer
S1581943222.829346,VS0,VE91
x-frame-options
SAMEORIGIN
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300, private
accept-ranges
bytes, bytes, bytes
x-cache-hits
0, 0
978f71dd-6560-42b9-8fc8-32049a401626
https://secure.rezserver.com/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://secure.rezserver.com/978f71dd-6560-42b9-8fc8-32049a401626
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/public/bcfc0cb/app/hotel.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddd6527eb169002978a26fa9cbf9e15efa74675883bec38c23aa28955f502e82

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Content-Length
1735
Content-Type
text/css
ce7f5fb2-1fe5-4ddb-8a7d-cb4dfe19d61b
https://secure.rezserver.com/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://secure.rezserver.com/ce7f5fb2-1fe5-4ddb-8a7d-cb4dfe19d61b
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/public/bcfc0cb/app/hotel.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
178311c11a931f57720dd2965a6844fae0a8364ec563dab5c9487395582cae73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Content-Length
2380
Content-Type
text/css
d7d96543-d801-4d19-a478-ad188c470263
https://secure.rezserver.com/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://secure.rezserver.com/d7d96543-d801-4d19-a478-ad188c470263
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/public/bcfc0cb/app/hotel.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
099421a5ad98edc71dc408041fe77f7ac65fe1280eb3b1344a278806e10e31c8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Content-Length
1792
Content-Type
text/css
0925e09d-8d6a-4643-bd2a-ccd73f2144c1
https://secure.rezserver.com/ 		3 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://secure.rezserver.com/0925e09d-8d6a-4643-bd2a-ccd73f2144c1
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/public/bcfc0cb/app/hotel.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38ef7d86ddf8c9d00dc3b3f32f1fd44d09706812c92673ab05d56a8f49a8ed8e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Content-Length
3460
Content-Type
text/css
truncated
/ 		118 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8f2e27fe9c6227944f2f5eccf178e23f5f861f3489685962f07829ec029174f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
rs.woff
secure.rezserver.com/shared/icons/ 		26 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/shared/icons/rs.woff
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9adff70951b2244754b097601e3bb51995b3eb4068af6fc23cbdc987169aede0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.rezserver.com/public/bcfc0cb/css/hotel.css
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

wsheader
ws=fLCY/fIAD/ny-w014 D=0.000
date
Mon, 17 Feb 2020 12:40:22 GMT
content-encoding
gzip
age
0, 0, 0
x-cache
MISS, MISS
status
200
fastly-restarts
1
x-served-by
cache-iad2142-IAD, cache-lcy19230-LCY
last-modified
Fri, 14 Feb 2020 15:43:12 GMT
server
nginx
x-timer
S1581943222.172697,VS0,VE50
etag
W/"5e46c010-6804"
x-frame-options
SAMEORIGIN
content-type
font/woff
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes, bytes, bytes, bytes
x-cache-hits
0, 0
script.js
3483aa961f45.cdn4.forter.com/sn/3483aa961f45/ 		150 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3483aa961f45.cdn4.forter.com/sn/3483aa961f45/script.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-94.fra2.r.cloudfront.net
Software
/
Resource Hash
15a71f44826b81428c9257be9a813a072d382d185224012d1648160a33251d83
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Dec 2019 01:31:13 GMT
content-encoding
gzip
age
5518733
x-cache
Hit from cloudfront
status
200
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 01:31:13 GMT
x-sourcemap
https://cdn4.forter.com/map/suid/3483aa961f45/97073578013
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=300
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
P7H6Zs_MJcB4JMTLUxjtfpM8z8uPXclTXM_NtZKrDj6gpBQ8NQHijw==
expires
Mon, 09 Dec 2019 01:36:13 GMT
init.js
secure.rezserver.com/4BynV8ar/ 		161 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/4BynV8ar/init.js
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/flights/help/review/?refid=2681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
61185b661fa08a7cb4d377ba35f00eb4178245a49488590b8d312d35457060cf

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

wsheader
ws=fLCY
date
Mon, 17 Feb 2020 12:40:22 GMT
content-encoding
gzip
age
234
x-cache
HIT
status
200
content-length
66201
x-served-by
cache-lcy19230-LCY
access-control-allow-origin
*
etag
W/"28350-kFMKTaidIAD9R4+tTMgXuLUFqgY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=600
accept-ranges
bytes
x-cache-hits
1
events
cdn3.forter.com/ 		0
243 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host:
URL: (program):2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.35.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-35-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 12:40:22 GMT
access-control-allow-origin
https://secure.rezserver.com
vary
Origin
status
200
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
expires
-1
events
cdn3.forter.com/ 		0
243 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host:
URL: (program):2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.35.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-35-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 12:40:22 GMT
access-control-allow-origin
https://secure.rezserver.com
vary
Origin
status
200
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
expires
-1
events
cdn3.forter.com/ 		0
243 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host:
URL: (program):2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.35.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-35-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 12:40:22 GMT
access-control-allow-origin
https://secure.rezserver.com
vary
Origin
status
200
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
expires
-1
7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24bd0a777
cdn9.forter.com/vchk2/v1/
Redirect Chain
  • https://cdn9.forter.com/vchk2
  • https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24bd0a777
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24bd0a777
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-84.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 12:40:22 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
location
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24bd0a777
x-cache
Miss from cloudfront
status
301
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
access-control-allow-origin
*
x-amz-cf-id
aUV8mysXnUwAhuX5cOi-ITH_vK1jwLSSiO7fG73a2OXq7SomMej0Ow==

Redirect headers

date
Mon, 17 Feb 2020 12:40:22 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
status
301
location
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24bd0a777
x-cache
Miss from cloudfront
access-control-allow-origin
*
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
x-amz-cf-id
aUV8mysXnUwAhuX5cOi-ITH_vK1jwLSSiO7fG73a2OXq7SomMej0Ow==
prop.json
0ddc5c8770ee44c6adf12c4c4c39b322-3483aa961f45.cdn.forter.com/ 		2 B
628 B 		Other
General
Check archive.org
Download Go to
Full URL
https://0ddc5c8770ee44c6adf12c4c4c39b322-3483aa961f45.cdn.forter.com/prop.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.37.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-37-95.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 17 Feb 2020 12:40:22 GMT
Connection
close
Content-Length
2
Pragma
no-cache
Last-Modified
Thu, 16 Jan 2020 08:22:41 GMT
Server
Apache
ETag
"2-59c3d875ebc65"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, x-csrf-token
Expires
Wed, 11 Jan 1984 05:00:00 GMT
collector
secure.rezserver.com/4BynV8ar/xhr/api/v2/ 		622 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/4BynV8ar/xhr/api/v2/collector
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/4BynV8ar/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee7db4920ba6acef2806947c0e18457828ab7d1228b6a23128c90b7a6b58388d

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

wsheader
ws=fLCY/
date
Mon, 17 Feb 2020 12:40:22 GMT
via
1.1 google, 1.1 varnish
x-served-by
cache-lcy19230-LCY
status
200
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.rezserver.com
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
timing-allow-origin
*
content-length
622
x-cache-hits
0
7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24bd0a777
cdn9.forter.com/vchk2/v1/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24bd0a777
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-84.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept
eyJyIjowLjA2NjQwMTgzMjM3NDg2OTg1LCJ1IjoiMGRkYzVjODc3MGVlNDRjNmFkZjEyYzRjNGMzOWIzMjIiLCJzIjoiMzQ4M2FhOTYxZjQ1In0=
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 12:40:22 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
status
200
timing-allow-origin
*
access-control-allow-origin
*
x-amz-cf-id
yNukkXmNhUAExjkf-8xNWZrIaO-iWZca05_xZmOwi1blNayAr2G40A==
collector
secure.rezserver.com/4BynV8ar/xhr/api/v2/ 		409 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.rezserver.com/4BynV8ar/xhr/api/v2/collector
Requested by
Host: secure.rezserver.com
URL: https://secure.rezserver.com/4BynV8ar/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.150 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
038ff3a874da84ebab59e7c280d88002c022d817376d5a386c4e86842f78447d

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

wsheader
ws=fLCY/
date
Mon, 17 Feb 2020 12:40:23 GMT
via
1.1 google, 1.1 varnish
x-served-by
cache-lcy19230-LCY
status
200
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.rezserver.com
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
timing-allow-origin
*
content-length
409
x-cache-hits
0
prop.json
cdn0.forter.com/3483aa961f45/0ddc5c8770ee44c6adf12c4c4c39b322/ 		20 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/3483aa961f45/0ddc5c8770ee44c6adf12c4c4c39b322/prop.json?_=1581943223366
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
100.24.81.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-81-90.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 12:40:23 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
prop.json
cdn0.forter.com/3483aa961f45/0ddc5c8770ee44c6adf12c4c4c39b322/ 		20 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/3483aa961f45/0ddc5c8770ee44c6adf12c4c4c39b322/prop.json?_=1581943223802
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
100.24.81.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-81-90.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 12:40:23 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
prop.json
cdn0.forter.com/3483aa961f45/0ddc5c8770ee44c6adf12c4c4c39b322/ 		20 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/3483aa961f45/0ddc5c8770ee44c6adf12c4c4c39b322/prop.json?_=1581943224033
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
100.24.81.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-81-90.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 12:40:24 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24dd7a671
cdn9.forter.com/vchk2/v1/
Redirect Chain
  • https://cdn9.forter.com/vchk2
  • https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24dd7a671
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24dd7a671
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-84.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 12:40:24 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
location
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24dd7a671
x-cache
Miss from cloudfront
status
301
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
access-control-allow-origin
*
x-amz-cf-id
TTlAvQwhUiscy4JmQMgMV18t1-6VvoRNPHjQSCM1-ahOEVGaR0kbzA==

Redirect headers

date
Mon, 17 Feb 2020 12:40:24 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
status
301
location
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24dd7a671
x-cache
Miss from cloudfront
access-control-allow-origin
*
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
x-amz-cf-id
TTlAvQwhUiscy4JmQMgMV18t1-6VvoRNPHjQSCM1-ahOEVGaR0kbzA==
wpt.json
cdn0.forter.com/3483aa961f45/0ddc5c8770ee44c6adf12c4c4c39b322/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/3483aa961f45/0ddc5c8770ee44c6adf12c4c4c39b322/wpt.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
100.24.81.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-81-90.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://secure.rezserver.com
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Feb 2020 12:40:24 GMT
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
0
Vary
Access-Control-Request-Headers
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24dd7a671
cdn9.forter.com/vchk2/v1/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24dd7a671
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-84.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept
eyJyIjowLjI1NDI1MjY4NzIwODI5MzMsInUiOiIwZGRjNWM4NzcwZWU0NGM2YWRmMTJjNGM0YzM5YjMyMiIsInMiOiIzNDgzYWE5NjFmNDUifQ==
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 12:40:24 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
status
200
timing-allow-origin
*
access-control-allow-origin
*
x-amz-cf-id
H613qwqk_Ky9htYsVXz1DxjDdmAJRorxMTsYXGiEUkpWuFwVyg2JjQ==
wpt.json
cdn0.forter.com/3483aa961f45/0ddc5c8770ee44c6adf12c4c4c39b322/ 		20 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/3483aa961f45/0ddc5c8770ee44c6adf12c4c4c39b322/wpt.json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
100.24.81.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-81-90.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 12:40:24 GMT
ETag
W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://secure.rezserver.com
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
20
Expires
-1
7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24fd6a674
cdn9.forter.com/vchk2/v1/
Redirect Chain
  • https://cdn9.forter.com/vchk2
  • https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24fd6a674
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24fd6a674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-84.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 12:40:26 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
location
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24fd6a674
x-cache
Miss from cloudfront
status
301
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
access-control-allow-origin
*
x-amz-cf-id
8qTMxOKrLJXy4mjy4TsxZJ8D0Z1MIwwf9R23uh_58m6XVIZ2kqZcrg==

Redirect headers

date
Mon, 17 Feb 2020 12:40:26 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
status
301
location
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24fd6a674
x-cache
Miss from cloudfront
access-control-allow-origin
*
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
x-amz-cf-id
8qTMxOKrLJXy4mjy4TsxZJ8D0Z1MIwwf9R23uh_58m6XVIZ2kqZcrg==
7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24fd6a674
cdn9.forter.com/vchk2/v1/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn9.forter.com/vchk2/v1/7eeb0ec83919247c3a24e74f18aa55b9a1e7c80a2cdb4236bcb56256edc7c016ac7f48c6621e53e4dbf24fd6a674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-84.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept
eyJyIjowLjU5Mzc0NDE3NTYyNzM4NjIsInUiOiIwZGRjNWM4NzcwZWU0NGM2YWRmMTJjNGM0YzM5YjMyMiIsInMiOiIzNDgzYWE5NjFmNDUifQ==
Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 12:40:26 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
status
200
timing-allow-origin
*
access-control-allow-origin
*
x-amz-cf-id
x7EZupn6sGj0Kxqk2JIbDL1V1jJJMYgM7swcJHPPZ-ICYWoyzrQIHQ==
events
cdn3.forter.com/ 		0
243 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host:
URL: (program):2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.35.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-35-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://secure.rezserver.com/flights/help/review/?refid=2681
Origin
https://secure.rezserver.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 12:40:30 GMT
access-control-allow-origin
https://secure.rezserver.com
vary
Origin
status
200
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
expires
-1

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| rs_pxScriptLoader object| __RS_DATA__ object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| hotkeys function| renderComponent function| unmountComponent object| rs object| ref object| rs_link function| hex_md5 function| b64_md5 function| any_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| any_hmac_md5 function| md5_vm_test function| rstr_md5 function| rstr_hmac_md5 function| rstr2hex function| rstr2b64 function| rstr2any function| str2rstr_utf8 function| str2rstr_utf16le function| str2rstr_utf16be function| rstr2binl function| binl2rstr function| binl_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol number| hexcase string| b64pad object| rs_global object| dust number| ftr__startScriptLoad function| U2uu function| e2uu function| z2uu function| f2uu function| ftr__ object| bufferManager object| ftr__ext object| ftr__scriptLoadOptions object| ftr__buffer string| _pxAppId string| _pxParam1 string| _pxParam2 object| ftr__JSON3 object| PX4BynV8ar object| PX undefined| _4BynV8arhandler

13 Cookies

Domain/Path Name / Value
.rezserver.com/ Name: _pxvid
Value: a9c82b04-5182-11ea-9989-0242ac12000a
.rezserver.com/ Name: _pxde
Value: f02a6f8346578eaa8f7eee5ab4cb7f079786519515e8e3926f4924c4614d86d2:eyJ0aW1lc3RhbXAiOjE1ODE5NDMyMjI0NDgsImZfa2IiOjB9
.rezserver.com/ Name: ftr_ncd
Value: 6
secure.rezserver.com/ Name: _pxff_idp_c
Value: 1
.rezserver.com/ Name: _px2
Value: eyJ1IjoiYTljMmRkYTAtNTE4Mi0xMWVhLWIxMjQtNGIzZmFjZTFlYjdmIiwidiI6ImE5YzgyYjA0LTUxODItMTFlYS05OTg5LTAyNDJhYzEyMDAwYSIsInQiOjE1ODE5NDM1MjI0NDcsImgiOiI5NjFjNjE4OTBmM2EzZDE0MjQ2NmUyOTgwMDI5YzY1OWQ4MGVjYjk3MmVmN2Q3OWI5ODk4NzFiNDg4NmMyOWU0In0=
.rezserver.com/ Name: forterToken
Value: 0ddc5c8770ee44c6adf12c4c4c39b322_1581943222151__UDF43_9ck
.secure.rezserver.com/ Name: varid
Value: 202z237z238z239z240z241z246z249z250z
secure.rezserver.com/ Name: rezucc
Value: GB
secure.rezserver.com/ Name: _session_id
Value: fcfba07a715cc163c175f93bcedd1706
.secure.rezserver.com/ Name: SITESERVER
Value: ID=c593f82bf5910937d4885dff01069c6f
.secure.rezserver.com/ Name: currency
Value: USD
secure.rezserver.com/ Name: RS-CLIENT
Value: eyJpcCI6IjE4NS4zOC4xNTAuOTgiLCJ1YSI6Ik1vemlsbGElMkY1LjAlMjAoTWFjaW50b3NoJTNCJTIwSW50ZWwlMjBNYWMlMjBPUyUyMFglMjAxMF8xNF81KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjc0LjAuMzcyOS4xNjklMjBTYWZhcmklMkY1MzcuMzYiLCJyZWZpZCI6IjI2ODEiLCJ0b2tlbiI6IjBkZGM1Yzg3NzBlZTQ0YzZhZGYxMmM0YzRjMzliMzIyXzE1ODE5NDMyMjIxNTFfX1VERjQzXzljayIsInV1aWQiOiJjNTkzZjgyYmY1OTEwOTM3ZDQ4ODVkZmYwMTA2OWM2ZiJ9
.secure.rezserver.com/ Name: hotel_rooms
Value: 1

1 Console Messages

Source Level URL
Text
console-api log URL: https://secure.rezserver.com/shared/js/jquery-migrate-3.1.0.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.1.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ddc5c8770ee44c6adf12c4c4c39b322-3483aa961f45.cdn.forter.com
3483aa961f45.cdn4.forter.com
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
secure.rezserver.com
100.24.81.90
13.225.78.84
13.225.78.94
151.101.130.150
18.215.35.124
54.234.37.95
038ff3a874da84ebab59e7c280d88002c022d817376d5a386c4e86842f78447d
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
04a11f69c5a9304c61af502890dfe55bf2a9f4507d6c391127e592268b97aac0
099421a5ad98edc71dc408041fe77f7ac65fe1280eb3b1344a278806e10e31c8
0b4858359f992918937d93251b830fc8c24aa3e9ae08afcb15a5a2c0b13ffab9
15a71f44826b81428c9257be9a813a072d382d185224012d1648160a33251d83
178311c11a931f57720dd2965a6844fae0a8364ec563dab5c9487395582cae73
1f5241f4a2aec0703c89a906e85f4d5d4fe59bd96e4eb3b8ef7f88168c506fbf
35eaeab1f925315e498d0d56bf41cdae637505f7b0881cfff63aab74a87c25c3
38ef7d86ddf8c9d00dc3b3f32f1fd44d09706812c92673ab05d56a8f49a8ed8e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
61185b661fa08a7cb4d377ba35f00eb4178245a49488590b8d312d35457060cf
6cf02410a31ebf95cf4f224e2c079bc17c69f2d81db8e19c7dd5b9d79eea245b
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9adff70951b2244754b097601e3bb51995b3eb4068af6fc23cbdc987169aede0
9cc6d51c13502cdb2a3d25da46a6613cb967644351bb8d1d00c331a32eb88cfe
c8f2e27fe9c6227944f2f5eccf178e23f5f861f3489685962f07829ec029174f
c9c25e5db965f66edd1ca79a3db5c19191fc06e3fdf5298f9bff2ae4ef926c17
ddd6527eb169002978a26fa9cbf9e15efa74675883bec38c23aa28955f502e82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4f7c9997d25f1b7befa19e9f10c35f958e773942efa92c4a8f4083011c42ae
ee7db4920ba6acef2806947c0e18457828ab7d1228b6a23128c90b7a6b58388d