urlscan.io logo urlscan.io
SecurityTrails logo

www.savibook.com Open in urlscan Pro
2600:9000:2156:9200:8:1c7a:7bc0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://savibook.com/comfort-hotel-suites/Coralville/ZM8
Effective URL: https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
Submission: On November 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2600:9000:2156:9200:8:1c7a:7bc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.savibook.com.
TLS certificate: Issued by Amazon on March 26th 2021. Valid for: a year.
This is the only time www.savibook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.218.233.50 16509 (AMAZON-02)
1 6 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.89.136.213 16509 (AMAZON-02)
1 143.204.98.82 16509 (AMAZON-02)
1 143.204.98.31 16509 (AMAZON-02)
1 143.204.98.45 16509 (AMAZON-02)
1 143.204.98.69 16509 (AMAZON-02)
1 99.80.125.216 16509 (AMAZON-02)
2 34.232.88.226 14618 (AMAZON-AES)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
18 11
1    52.218.233.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-website-us-west-2.amazonaws.com
savibook.com
6    2600:9000:2156:9200:8:1c7a:7bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.savibook.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    52.89.136.213 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-136-213.us-west-2.compute.amazonaws.com
api-core.swaypay.net
1    143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
static.hotjar.com
1    143.204.98.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-31.fra50.r.cloudfront.net
cdn.heapanalytics.com
1    143.204.98.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net
script.hotjar.com
1    143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net
vars.hotjar.com
1    99.80.125.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-125-216.eu-west-1.compute.amazonaws.com
in.hotjar.com
2    34.232.88.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-88-226.compute-1.amazonaws.com
heapanalytics.com
1    2600:9000:2156:2e00:1f:89c4:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.swaypay.io
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
6 www.savibook.com 1 redirects www.savibook.com
2 heapanalytics.com
2 api-core.swaypay.net www.savibook.com
2 fonts.googleapis.com www.savibook.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.swaypay.io
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 cdn.heapanalytics.com www.savibook.com
1 static.hotjar.com www.savibook.com
1 savibook.com 1 redirects
18 12

This site contains no links.

Subject Issuer Validity Valid
*.savibook.com
Amazon		 2021-03-26 -
2022-04-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.swaypay.net
Amazon		 2021-05-21 -
2022-06-19		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
heapanalytics.com
Amazon		 2020-12-24 -
2022-01-22		 a year crt.sh
*.swaypay.io
Amazon		 2021-01-02 -
2022-01-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
Frame ID: E605E59412179CFF857085DF02F60285
Requests: 16 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: F7F4265B0E7FAEE582457E6B63D03285
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Comfort Suites I-80 Coralville

Page URL History Show full URLs

  1. http://savibook.com/comfort-hotel-suites/Coralville/ZM8 HTTP 301
    http://www.savibook.com/comfort-hotel-suites/Coralville/ZM8 HTTP 301
    https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8 Page URL

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

7
Domains

12
Subdomains

11
IPs

3
Countries

1079 kB
Transfer

1309 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://savibook.com/comfort-hotel-suites/Coralville/ZM8 HTTP 301
    http://www.savibook.com/comfort-hotel-suites/Coralville/ZM8 HTTP 301
    https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ZM8
www.savibook.com/comfort-hotel-suites/Coralville/
Redirect Chain
  • http://savibook.com/comfort-hotel-suites/Coralville/ZM8
  • http://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
  • https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9200:8:1c7a:7bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b78d6a970bbee964349c89f000e10b4ca5b168a516386e095b000f8d19ae014

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
2414
date
Mon, 22 Nov 2021 00:44:23 GMT
last-modified
Fri, 05 Nov 2021 06:29:14 GMT
etag
"7215d6f9e28d0d556b19839004c739d9"
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-server-side-encryption
AES256
cache-control
no-store, must-revalidate, no-cache
expires
Thu, 05 Nov 2020 06:29:13 GMT
accept-ranges
bytes
server
AmazonS3
x-cache
Error from cloudfront
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9ilzAtIuWs_HWv9-odCR1LXRxELnfH85h8uEECCorvnlnxHLN_AaFA==

Redirect headers

Server
CloudFront
Date
Mon, 22 Nov 2021 00:44:21 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
X-Cache
Redirect from cloudfront
Via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
LDPEGxDud7yMKOy68loI-gapqEAbLPgibSnUx291Gnx7_JxF3kjBCg==
2.c6c5b1c4.chunk.css
www.savibook.com/static/css/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.savibook.com/static/css/2.c6c5b1c4.chunk.css
Requested by
Host: www.savibook.com
URL: https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9200:8:1c7a:7bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c3a8facc791463ee3157d78f13a101f684df4064c810c2a0f4e7dca35f7cf0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 22 Nov 2021 00:13:16 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified
Fri, 05 Nov 2021 06:29:13 GMT
server
AmazonS3
age
1867
etag
"6b755d832d71b7bb3f2a5f078478d01b"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-storage-class
REDUCED_REDUNDANCY
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
21456
x-amz-cf-id
pbvKjqY7t8KT4QA5WZtJWldzNKmVrVl5xfcqZRQG2a1c9WhFBb39dw==
main.7f0ae384.chunk.css
www.savibook.com/static/css/ 		105 KB
106 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.savibook.com/static/css/main.7f0ae384.chunk.css
Requested by
Host: www.savibook.com
URL: https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9200:8:1c7a:7bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
230556387ebf1f1e0d26ae02e30de4ea625d112cfbe28821d06e9e192c228cc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 22 Nov 2021 00:44:24 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified
Fri, 05 Nov 2021 06:29:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"220e1d7aa739b4f51e120b6417e58d64"
x-cache
RefreshHit from cloudfront
content-type
text/css
x-amz-storage-class
REDUCED_REDUNDANCY
cache-control
max-age=3600
accept-ranges
bytes
content-length
107536
x-amz-cf-id
z08PVh5mIBABQktO5-FyAsVXYMHczZWPWSTDztd4JpEdhBvXlYe0hw==
css
fonts.googleapis.com/ 		3 KB
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:600,700&display=swap
Requested by
Host: www.savibook.com
URL: https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e0a9c183ff9959136a859d1606721b8606290d9560e853af7aa6990a45f5c27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Nov 2021 00:44:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Nov 2021 00:44:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Nov 2021 00:44:22 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald&display=swap
Requested by
Host: www.savibook.com
URL: https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b8b814cefc8fe9d1ea891eba850f93f66a1332b8f754b30334dff1018a5fcefb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 23:08:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Nov 2021 00:44:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Nov 2021 00:44:22 GMT
2.f51e7612.chunk.js
www.savibook.com/static/js/ 		695 KB
697 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.savibook.com/static/js/2.f51e7612.chunk.js
Requested by
Host: www.savibook.com
URL: https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9200:8:1c7a:7bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
389f72f5bd1e111d5fa5bd61abaa4a4ee17e3be1e5a9096d29978f5c440021d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 22 Nov 2021 00:44:24 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified
Fri, 05 Nov 2021 06:29:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"b3da796e57c239e0b1ace79b1adbfbf1"
x-cache
RefreshHit from cloudfront
content-type
application/x-javascript
x-amz-storage-class
REDUCED_REDUNDANCY
cache-control
max-age=3600
accept-ranges
bytes
content-length
711990
x-amz-cf-id
6rCN0BuWDYgChmEGW0fjsSHMItpfqzqJNGLerDdPPPICNEnaKgAYhA==
main.481f0896.chunk.js
www.savibook.com/static/js/ 		117 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.savibook.com/static/js/main.481f0896.chunk.js
Requested by
Host: www.savibook.com
URL: https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9200:8:1c7a:7bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79367eb066a867977135a23e70978eb34d17bf1060edb83b75688a74571e4e1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 22 Nov 2021 00:44:24 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified
Fri, 05 Nov 2021 06:29:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"2cf3f13f3f579a00e4c371d05a1f5c68"
x-cache
RefreshHit from cloudfront
content-type
application/x-javascript
x-amz-storage-class
REDUCED_REDUNDANCY
cache-control
max-age=3600
accept-ranges
bytes
content-length
120098
x-amz-cf-id
PFGfihVJfXLZaQzAYL3FIWmisoEQtExQuiF0Q5ydb8bwlTa-9OUbrQ==
inviteaccept
api-core.swaypay.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-core.swaypay.net/api/inviteaccept
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.136.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-136-213.us-west-2.compute.amazonaws.com
Software
nginx/1.21.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
cache-control,content-type
Origin
https://www.savibook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 22 Nov 2021 00:44:24 GMT
server
nginx/1.21.1
access-control-allow-headers
cache-control,content-type
access-control-allow-methods
POST
access-control-allow-origin
*
hotjar-1297177.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1297177.js?sv=6
Requested by
Host: www.savibook.com
URL: https://www.savibook.com/static/js/2.f51e7612.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
/
Resource Hash
05a290dd0730054ef1811ea6a27d976821dd243c1bee2c3bee04f557cfeb3f50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 00:44:23 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/4e841aa0194de4cbca686003d4b90dca
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
content-length
1905
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-id
tbZDpeHczjLgo91ez0aEgcdfq2IdBhIq8O7gdB-zudyQ6u1L8Fqupw==
inviteaccept
api-core.swaypay.net/api/ 		8 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-core.swaypay.net/api/inviteaccept
Requested by
Host: www.savibook.com
URL: https://www.savibook.com/static/js/main.481f0896.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.136.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-136-213.us-west-2.compute.amazonaws.com
Software
nginx/1.21.1 /
Resource Hash
85851576a239134bcedbead604b0118a676cc96c5cf6b610d7defe0bd53f7312

Request headers

Cache-Control
no-cache
Referer
https://www.savibook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 22 Nov 2021 00:44:24 GMT
server
nginx/1.21.1
content-length
7682
content-type
application/json; charset=utf-8
heap-1099577120.js
cdn.heapanalytics.com/js/ 		104 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1099577120.js
Requested by
Host: www.savibook.com
URL: https://www.savibook.com/comfort-hotel-suites/Coralville/ZM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-31.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
90cf1293501ce9ce2e5e6d12100fd38127184ea7b35e6ad18319a68d3381dfdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 00:44:23 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"19eee-bnkaUnDvBmscmoUPmrwRAg"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=120
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
rAXA292VGIefRbPtEB3Za2HaypDoW_178tZfgIUGyUl7a-PqMc7lRQ==
modules.1810afb089b838b62ed8.js
script.hotjar.com/ 		226 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1810afb089b838b62ed8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1297177.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-45.fra50.r.cloudfront.net
Software
/
Resource Hash
2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 13:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
386357
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
60615
access-control-allow-origin
*
last-modified
Wed, 17 Nov 2021 13:25:01 GMT
etag
"1f23634605f98b007e0df34e60106bb8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
xxKL5vdZhGW-MWRO9zmrnbdV0HsIVK-Ii3ENP9G_c0BJzHblmfoN_g==
box-ad575b5823df97fc9725e14a57070642.html
vars.hotjar.com/ Frame F7F4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1297177.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-69.fra50.r.cloudfront.net
Software
/
Resource Hash
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/

Response headers

content-type
text/html
content-length
1050
date
Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified
Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
J8r7gKqvmlnK8eefUwT_wcOcFuDHUxhvkiW0dEKnne0O0acYqLEzGw==
age
480497
visit-data
in.hotjar.com/api/v2/client/sites/1297177/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1297177/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.1810afb089b838b62ed8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.125.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-125-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer
https://www.savibook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 22 Nov 2021 00:44:23 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1099577120&u=5176786655126783&v=4031780887932178&s=7103028427749864&b=web&tv=4.0&z=0&h=%2Fcomfort-hotel-suites%2FCoralville%2FZM8&d=www.savibook.com&ts=1637541863724&st=1637541863725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.88.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-88-226.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 00:44:23 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
identify_v3
heapanalytics.com/api/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/identify_v3?a=1099577120&u=5176786655126783&v=4031780887932178&s=7103028427749864&i=WWFoSHA0bXBTVUZvVWc0cExzcklsZkRLSEZpM29sM0k3NkdrRWZXWnNLWUc5cWNKbjVkSGhoNjk0WktSLzNDTQ&b=web&tv=4.0&z=0&st=1637541864421
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.88.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-88-226.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 00:44:24 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
comfort-hotel-suites.png
cdn.swaypay.io/logos/brands/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.swaypay.io/logos/brands/comfort-hotel-suites.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2e00:1f:89c4:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b70c864b81c22a4f7d593523014c71598cbc1762771313749630d5ae70af989

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.savibook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 22 Nov 2021 00:44:26 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Tue, 02 Nov 2021 14:50:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"5710751075927e74304fdd38b923308d"
x-cache
Miss from cloudfront
x-amz-version-id
xGmm9GYx3hNJT27UoU4Ej9saL1fbSAzz
x-amz-storage-class
REDUCED_REDUNDANCY
cache-control
max-age=3600
accept-ranges
bytes
content-type
image/png
content-length
3861
x-amz-cf-id
0ov3eGuZodae-uUhLu4Os1oVGWeblLzBiZsWgAt02yjEbQTdiTgu3g==
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.savibook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 18:04:41 GMT
x-content-type-options
nosniff
age
369583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16016
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 18:04:41 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| webpackJsonpwww-savibook2 object| __core-js_shared__ function| hj object| _hjSettings string| _scriptPath object| heap object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

7 Cookies

Domain/Path Name / Value
.savibook.com/ Name: _hjSessionUser_1297177
Value: eyJpZCI6ImY3ZDQwODJhLTRjYmQtNTA3NC1iMTU2LTE4MGZjOTgxMGQwYiIsImNyZWF0ZWQiOjE2Mzc1NDE4NjM2MzEsImV4aXN0aW5nIjpmYWxzZX0=
.savibook.com/ Name: _hjFirstSeen
Value: 1
.savibook.com/ Name: _hjSession_1297177
Value: eyJpZCI6IjhjMjllNDcwLWM4NGMtNDRhNy1hZjMwLTI1ZWIzY2JkYWY1ZiIsImNyZWF0ZWQiOjE2Mzc1NDE4NjM2ODh9
www.savibook.com/ Name: _hjIncludedInPageviewSample
Value: 1
.savibook.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.savibook.com/ Name: _hp2_ses_props.1099577120
Value: %7B%22ts%22%3A1637541863724%2C%22d%22%3A%22www.savibook.com%22%2C%22h%22%3A%22%2Fcomfort-hotel-suites%2FCoralville%2FZM8%22%7D
.savibook.com/ Name: _hp2_id.1099577120
Value: %7B%22userId%22%3A%225176786655126783%22%2C%22pageviewId%22%3A%224031780887932178%22%2C%22sessionId%22%3A%227103028427749864%22%2C%22identity%22%3A%22WWFoSHA0bXBTVUZvVWc0cExzcklsZkRLSEZpM29sM0k3NkdrRWZXWnNLWUc5cWNKbjVkSGhoNjk0WktSLzNDTQ%22%2C%22trackerVersion%22%3A%224.0%22%2C%22identityField%22%3Anull%2C%22isIdentified%22%3A1%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-core.swaypay.net
cdn.heapanalytics.com
cdn.swaypay.io
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
in.hotjar.com
savibook.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.savibook.com
143.204.98.31
143.204.98.45
143.204.98.69
143.204.98.82
2600:9000:2156:2e00:1f:89c4:88c0:93a1
2600:9000:2156:9200:8:1c7a:7bc0:93a1
2a00:1450:4001:809::200a
2a00:1450:4001:82b::2003
34.232.88.226
52.218.233.50
52.89.136.213
99.80.125.216
05a290dd0730054ef1811ea6a27d976821dd243c1bee2c3bee04f557cfeb3f50
0b78d6a970bbee964349c89f000e10b4ca5b168a516386e095b000f8d19ae014
2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7
230556387ebf1f1e0d26ae02e30de4ea625d112cfbe28821d06e9e192c228cc1
2b70c864b81c22a4f7d593523014c71598cbc1762771313749630d5ae70af989
389f72f5bd1e111d5fa5bd61abaa4a4ee17e3be1e5a9096d29978f5c440021d7
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
4e0a9c183ff9959136a859d1606721b8606290d9560e853af7aa6990a45f5c27
5c3a8facc791463ee3157d78f13a101f684df4064c810c2a0f4e7dca35f7cf0a
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
79367eb066a867977135a23e70978eb34d17bf1060edb83b75688a74571e4e1a
85851576a239134bcedbead604b0118a676cc96c5cf6b610d7defe0bd53f7312
90cf1293501ce9ce2e5e6d12100fd38127184ea7b35e6ad18319a68d3381dfdc
b8b814cefc8fe9d1ea891eba850f93f66a1332b8f754b30334dff1018a5fcefb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383