urlscan.io logo urlscan.io
SecurityTrails logo

kayak.hitrewards-qa.com Open in urlscan Pro
2606:4700::6812:9004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://opentable.hitrewards-qa.com/
Effective URL: https://kayak.hitrewards-qa.com/diningrewards/
Submission: On June 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 9 domains to perform 25 HTTP transactions. The main IP is 2606:4700::6812:9004, located in United States and belongs to CLOUDFLARENET, US. The main domain is kayak.hitrewards-qa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 19th 2024. Valid for: 10 months.
This is the only time kayak.hitrewards-qa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.162.67.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-67-29.compute-1.amazonaws.com
opentable.hitrewards-qa.com
5    2606:4700::6812:9004 (United States)

ASN13335 (CLOUDFLARENET, US)
kayak.hitrewards-qa.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:225b:b600:16:792e:2d40:21 (United States)

ASN16509 (AMAZON-02, US)
d11m0dp9ta9w39.cloudfront.net
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    104.18.79.74 (None, )

ASN13335 (CLOUDFLARENET, US)
translations.rocketmiles.com
1    2600:9000:237d:9600:10:cdb:b80:21 (United States)

ASN16509 (AMAZON-02, US)
d4466r3vlr9ym.cloudfront.net
2    44.194.207.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-207-99.compute-1.amazonaws.com
com-rocketmiles-qa1.collector.snplow.net
1    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
1    142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
region1.google-analytics.com — Cisco Umbrella Rank: 2406
21 KB
6 hitrewards-qa.com
opentable.hitrewards-qa.com
kayak.hitrewards-qa.com
rti-master-api.hitrewards-qa.com Failed
9 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
431 KB
3 cloudfront.net
d11m0dp9ta9w39.cloudfront.net
d4466r3vlr9ym.cloudfront.net
1 MB
2 snplow.net
com-rocketmiles-qa1.collector.snplow.net
304 B
1 rocketmiles.com
translations.rocketmiles.com — Cisco Umbrella Rank: 545507
47 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 354
28 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1009
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
1 KB
25 9
Domain Requested by
5 www.googletagmanager.com kayak.hitrewards-qa.com
www.google-analytics.com
d11m0dp9ta9w39.cloudfront.net
5 kayak.hitrewards-qa.com 1 redirects static.cloudflareinsights.com
kayak.hitrewards-qa.com
3 region1.google-analytics.com www.googletagmanager.com
3 www.google-analytics.com kayak.hitrewards-qa.com
www.google-analytics.com
2 com-rocketmiles-qa1.collector.snplow.net cdn.jsdelivr.net
2 d11m0dp9ta9w39.cloudfront.net kayak.hitrewards-qa.com
1 d4466r3vlr9ym.cloudfront.net
1 translations.rocketmiles.com d11m0dp9ta9w39.cloudfront.net
1 cdn.jsdelivr.net kayak.hitrewards-qa.com
1 static.cloudflareinsights.com kayak.hitrewards-qa.com
1 fonts.googleapis.com kayak.hitrewards-qa.com
1 opentable.hitrewards-qa.com 1 redirects
0 rti-master-api.hitrewards-qa.com Failed d11m0dp9ta9w39.cloudfront.net
25 13

This site contains no links.

Subject Issuer Validity Valid
kayak.hitrewards-qa.com
Cloudflare Inc ECC CA-3		 2024-02-19 -
2024-12-31		 10 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
rocketmiles.com
GTS CA 1P5		 2024-05-30 -
2024-08-28		 3 months crt.sh
com-rocketmiles-qa1.collector.snplow.net
Amazon RSA 2048 M03		 2023-08-24 -
2024-09-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://kayak.hitrewards-qa.com/diningrewards/
Frame ID: ED37019A77D7719EF5EFC312AAF8734E
Requests: 22 HTTP requests in this frame

Frame: https://kayak.hitrewards-qa.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
Frame ID: 516C385D3C165AED3570BE6D857A56CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OpenTable Hotels

Page URL History Show full URLs

  1. https://opentable.hitrewards-qa.com/ HTTP 301
    https://kayak.hitrewards-qa.com/diningrewards/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

25
Requests

92 %
HTTPS

60 %
IPv6

9
Domains

13
Subdomains

15
IPs

3
Countries

1996 kB
Transfer

8432 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://opentable.hitrewards-qa.com/ HTTP 301
    https://kayak.hitrewards-qa.com/diningrewards/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://kayak.hitrewards-qa.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://kayak.hitrewards-qa.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kayak.hitrewards-qa.com/diningrewards/
Redirect Chain
  • https://opentable.hitrewards-qa.com/
  • https://kayak.hitrewards-qa.com/diningrewards/
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kayak.hitrewards-qa.com/diningrewards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef6e4b7664421a6d27f39ff49dd25064496415add71368f0ee98ce849dc19bf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=300, public
cf-cache-status
DYNAMIC
cf-ray
88fcf3d378df6937-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Fri, 07 Jun 2024 01:43:44 GMT
last-modified
Thu, 06 Jun 2024 19:47:18 GMT
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains
vary
Accept-Encoding
via
1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
x-amz-cf-id
KCJ0W8t3lcJ3WDMzsVmAPK_iIe2M_Yj4dpu5tQ8roh-oCtZqUDJkDQ==
x-amz-cf-pop
EWR53-C2
x-amz-expiration
expiry-date="Tue, 06 Aug 2024 00:00:00 GMT", rule-id="staging"
x-amz-id-2
rS3E2R2fetFqz4/Voqm3LLSnSr65MFOofioffi/NC8kFH08xAx3MomPCu7oT9QzPbww+nwofOYo=
x-amz-request-id
RWGAF5VWM854HDV4
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
162
content-type
text/html
date
Fri, 07 Jun 2024 01:43:38 GMT
location
https://kayak.hitrewards-qa.com/diningrewards/
server
nginx
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
Requested by
Host: kayak.hitrewards-qa.com
URL: https://kayak.hitrewards-qa.com/diningrewards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79d08edb5b23fcc8da45fcc77210c8e18771fcf3876dda7d2596cb3ed0512333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 01:43:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 01:26:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 01:43:44 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QSSXP08EVT
Requested by
Host: kayak.hitrewards-qa.com
URL: https://kayak.hitrewards-qa.com/diningrewards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58f6aebf8d20c0589b0b076e26c26e6930562589a3339fceca3798f832efd47d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:43:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100035
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Jun 2024 01:43:44 GMT
main.66ab8da421210465d3fc.css
d11m0dp9ta9w39.cloudfront.net/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/main.66ab8da421210465d3fc.css
Requested by
Host: kayak.hitrewards-qa.com
URL: https://kayak.hitrewards-qa.com/diningrewards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b600:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
328c7299d18c2d9aff83b26505a1bba6a49b5ca547e56a404b69e552454e6489

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:43:45 GMT
content-encoding
gzip
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 06 Aug 2024 00:00:00 GMT", rule-id="staging"
last-modified
Thu, 06 Jun 2024 19:47:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
W/"aa4226584a7e4f92bfc1d588d0269763"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
foxRyCm9ex3F2WwVTtDGIg38E_Mh-qQUa_HDJZUA0ON5NLqOKCJHDg==
6.66ab8da421210465d3fc.bundle.js
d11m0dp9ta9w39.cloudfront.net/ 		7 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/6.66ab8da421210465d3fc.bundle.js
Requested by
Host: kayak.hitrewards-qa.com
URL: https://kayak.hitrewards-qa.com/diningrewards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b600:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1614a2cf44304f73cc18d27c468e1a31f0a5288d81136f20584d3e7785f64f14

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:43:45 GMT
content-encoding
gzip
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 06 Aug 2024 00:00:00 GMT", rule-id="staging"
last-modified
Thu, 06 Jun 2024 19:47:27 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
W/"a3dd5f174199e8dfddc85270a09c7a6d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
6PldvmDPnVQQhAZX81aSqJlL3Jpl1uCX9EsZUW7_6sCgy5qanS-EvA==
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: kayak.hitrewards-qa.com
URL: https://kayak.hitrewards-qa.com/diningrewards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Origin
https://kayak.hitrewards-qa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:43:44 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88fcf3f659b31ca9-FRA
sp.js
cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.18.2/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.18.2/sp.js
Requested by
Host: kayak.hitrewards-qa.com
URL: https://kayak.hitrewards-qa.com/diningrewards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e60566140391e341c2fb0139d6a36214cc68a132acfb259cfbeabe5fc5c3790f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 07 Jun 2024 01:43:44 GMT
x-content-type-options
nosniff
content-encoding
br
age
1447101
x-jsd-version
2.18.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
28128
x-served-by
cache-fra-eddf8230025-FRA
x-jsd-version-type
version
etag
W/"135e4-14sK6xTLcsxoNM76wQY/9bAR7No"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: kayak.hitrewards-qa.com
URL: https://kayak.hitrewards-qa.com/diningrewards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 07 Jun 2024 01:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
161
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 07 Jun 2024 03:41:03 GMT
gtm.js
www.googletagmanager.com/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHW5DNW7&l=testarossaDataLayer
Requested by
Host: kayak.hitrewards-qa.com
URL: https://kayak.hitrewards-qa.com/diningrewards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1708959bc3b506ffcd0f9674df086b401f1087fff4cfd485bb780ca5f976f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:43:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71059
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 00:36:19 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 01:43:44 GMT
gtm.js
www.googletagmanager.com/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KMS8RFG&l=dataLayerKayak
Requested by
Host: kayak.hitrewards-qa.com
URL: https://kayak.hitrewards-qa.com/diningrewards/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e69970a46aeced37b72542675ba04b863b30cce1fe3d28a46274cca23e036b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:43:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73207
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 00:36:19 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 01:43:44 GMT
collect
region1.google-analytics.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QSSXP08EVT&gtm=45je4650v893003832za200&_p=1717724624349&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=263913692.1717724624&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717724624&sct=1&seg=0&dl=https%3A%2F%2Fkayak.hitrewards-qa.com%2Fdiningrewards%2F&dt=OpenTable%20Hotels&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6063
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QSSXP08EVT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 01:43:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kayak.hitrewards-qa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1665924925&t=pageview&_s=1&dl=https%3A%2F%2Fkayak.hitrewards-qa.com%2Fdiningrewards%2F&ul=de-de&de=UTF-8&dt=OpenTable%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABEAAAACAAI~&jid=642682900&gjid=1561387823&cid=263913692.1717724624&tid=UA-103175370-1&_gid=1298383328.1717724624&_r=1&_slc=1&gtm=45He4650n81KMS8RFGza200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=571363665
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
146298026bcef5390b1565e429d6a31ccad89556e8e7f49dee3f9573beae8c47
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 01:43:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kayak.hitrewards-qa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		270 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HR6J13818X&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba86d91189b33e4a8674d3f2ccb38f6d8edd48e9ffede4ecdb4af6bc9b868cda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:43:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96165
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Jun 2024 01:43:44 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HR6J13818X&gtm=45je4650v9126406648za200&_p=1717724624349&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=263913692.1717724624&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fkayak.hitrewards-qa.com%2Fdiningrewards%2F&dt=OpenTable%20Hotels&sid=1717724624&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HR6J13818X&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 01:43:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kayak.hitrewards-qa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.po.json
translations.rocketmiles.com/ 		204 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://translations.rocketmiles.com/en.po.json
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.66ab8da421210465d3fc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.79.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df675567f66eb257570a8cec956f48aeb042701a10306fc6985722605edec90d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:43:46 GMT
x-amz-version-id
t22SJjoplQLUhSPB5X8OmkbcgH8CXGWA
content-encoding
gzip
cf-cache-status
DYNAMIC
via
1.1 b58f4c458263fcafb0c4b2b684d9bc50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
x-recruiting
Like HTTP headers? Come write ours: https://boards.greenhouse.io/rocketmiles/
x-cache
Miss from cloudfront
last-modified
Thu, 06 Jun 2024 21:46:33 GMT
server
cloudflare
etag
W/"f60baa88253518c1c39126df8f3d8a25"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin
cf-ray
88fcf4007be5718b-FRA
x-amz-cf-id
VtBBvFoNlmc0xjdcVesNGXC1t3WbCl6evRmZcTrRpg4AUMkGV46Pvw==
main.js
kayak.hitrewards-qa.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/ Frame 516C
Redirect Chain
  • https://kayak.hitrewards-qa.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://kayak.hitrewards-qa.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kayak.hitrewards-qa.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
Protocol
H2
Server
2606:4700::6812:9004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ca76faf6c4cd4ed1e24c0861b719dc6a900d9507e8fdb146bf1c3abf87a974
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 07 Jun 2024 01:43:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
88fcf4005b3f6937-FRA

Redirect headers

date
Fri, 07 Jun 2024 01:43:45 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
88fcf4003b346937-FRA
content-length
0
rum
kayak.hitrewards-qa.com/cdn-cgi/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kayak.hitrewards-qa.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://kayak.hitrewards-qa.com/diningrewards/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 07 Jun 2024 01:43:45 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://kayak.hitrewards-qa.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88fcf4003b3b6937-FRA
kayak.ico
d4466r3vlr9ym.cloudfront.net/uploads/favicons/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d4466r3vlr9ym.cloudfront.net/uploads/favicons/kayak.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:9600:10:cdb:b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14365c02fa81662114baa281a33cbfacb3fdf8bde1b405935f0005b74b62f384

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:43:47 GMT
via
1.1 349eb6985da057f318665aa6bde74732.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2019 04:08:06 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
etag
"743d6b010d2bc56c5cacc6973d669532"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/vnd.microsoft.icon
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
4286
x-amz-cf-id
OhgAc2qJDGZZ5Wm5G4cJtrG-IH9dxJg5IavMuKEFbZMqbzQz-fE2_g==
88fcf3d378df6937
kayak.hitrewards-qa.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 516C 		0
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kayak.hitrewards-qa.com/cdn-cgi/challenge-platform/h/b/jsd/r/88fcf3d378df6937
Requested by
Host: kayak.hitrewards-qa.com
URL: https://kayak.hitrewards-qa.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 07 Jun 2024 01:43:46 GMT
server
cloudflare
cf-ray
88fcf400cb676937-FRA
content-length
0
content-type
text/plain; charset=UTF-8
tp2
com-rocketmiles-qa1.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://com-rocketmiles-qa1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.207.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-207-99.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://kayak.hitrewards-qa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://kayak.hitrewards-qa.com
access-control-max-age
600
content-length
0
date
Fri, 07 Jun 2024 01:43:47 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
experiments
rti-master-api.hitrewards-qa.com/rest/opentable/ 		0
0
tp2
com-rocketmiles-qa1.collector.snplow.net/com.snowplowanalytics.snowplow/ 		2 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://com-rocketmiles-qa1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.18.2/sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.207.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-207-99.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://kayak.hitrewards-qa.com
date
Fri, 07 Jun 2024 01:43:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
server
nginx
content-length
2
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1665924925&t=pageview&_s=1&dl=https%3A%2F%2Fkayak.hitrewards-qa.com%2Fdiningrewards%2F&dp=%2Fdiningrewards%2F&ul=de-de&de=UTF-8&dt=OpenTable%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABEAAAACgDIAB~&jid=2042003377&gjid=1831187176&cid=263913692.1717724624&tid=UA-85503115-12&_gid=1298383328.1717724624&_r=1&_slc=1&z=588861005
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 01:43:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kayak.hitrewards-qa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QSSXP08EVT&l=ga4DataLayer
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.66ab8da421210465d3fc.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f120f189c2660ae7da0c99fae2ea81f8e3a8d7fcc2f2540ce79af2cc4f4dff23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:43:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99967
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Jun 2024 01:43:46 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QSSXP08EVT&gtm=45je4650v893003832za200&_p=1717724624349&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=263913692.1717724624&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717724624&sct=1&seg=0&dl=https%3A%2F%2Fkayak.hitrewards-qa.com%2Fdiningrewards%2F&dt=OpenTable%20Hotels&en=scroll&epn.percent_scrolled=90&_et=12&tfd=8427
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QSSXP08EVT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kayak.hitrewards-qa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 01:43:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kayak.hitrewards-qa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rti-master-api.hitrewards-qa.com
URL
https://rti-master-api.hitrewards-qa.com/rest/opentable/experiments?max=100

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| WL_API_SERVER string| WL_ENVIRONMENT object| WL_RESOURCE_URL_WHITELIST string| WL_SLUG string| WL_BASE_HREF undefined| API_AUTH_HEADER string| GIT_COMMIT string| WL_BUILDER_API_KEY string| WL_PARTNER_SLUG string| WL_API_REWARD_PROGRAM_SLUG string| WL_PORTAL_SLUG object| WL_SITE_MODES string| WL_DEFAULT_SITE_MODE string| WL_LOGO_URL string| WL_HEADER_LOGO_URL string| WL_WEB_APP_NG_MODULE boolean| WL_SEARCH_PAGE_SHOW_FULL_EARN_LABEL boolean| WL_REQUIRE_REDEMPTION_ACCESS_TOKEN boolean| WL_CONFIRM_PAGE_HAS_PHONE_NUMBER_FORM boolean| WL_USER_RSVN_PAGE_SHOW_DETAILS_MODAL_ON_LOAD boolean| WL_USER_RSVN_PAGE_SHOW_SUPPORT_CONTACT boolean| WL_USER_RSVN_PAGE_ALLOW_ASSIGN_REWARD_ACCOUNT string| WL_MILES_POSTED_WEEKS_DURATION object| WL_MILES_POSTED_HOURS_DURATION object| WL_SUPPORTED_LANGUAGES string| WL_FALLBACK_LANGUAGE boolean| WL_USE_USER_DEFAULT_LANGUAGE string| WL_FALLBACK_CURRENCY boolean| WL_USE_USER_DEFAULT_CURRENCY boolean| WL_SNOWPLOW_ENABLED boolean| WL_WHITEFALCON_ENABLED string| WL_SNOWPLOW_APP_ID object| WL_FACEBOOK_TRACKING_PIXEL_ID string| WL_LANGUAGE_COOKIE string| WL_CURRENCY_COOKIE object| WL_ACCOUNT_NUMBER_VALIDATION_MSG object| WL_LOGIN_DISABLED object| WL_USERGROUP_NAME object| WL_USE_FIRST_PARTY_LOGIN string| WL_PROGRAM_LABEL object| WL_DISPLAY_CROSS_SELL_BANNER_HEADER object| WL_DISPLAY_ROCKET_TRAVEL_BRANDED_TERMS_PAGE_HEADLINE object| WL_DISPLAY_ROCKET_TRAVEL_BRANDED_PRIVACY_PAGE_HEADLINE object| WL_DISPLAY_ROCKET_BRANDED_CONTACT_US_PAGE object| WL_MFA_ENABLED object| WL_MFA_SEND_METHODS object| WL_MFA_MAX_ATTEMPTS object| WL_HAS_MULTIPLE_REWARD_PROGRAMS object| WL_DEFAULT_REWARD_PROGRAM object| WL_DISPLAY_STRIKETHROUGH_PRICING object| WL_GATING_PREAUTH object| WL_GATING_SMS_LOGO object| WL_USE_BURN_SLIDER object| WL_ENABLE_GUEST_DETAILS_PREFILL object| WL_USE_CUSTOM_PRIMARY_COLOR string| WL_PRICING_ROUND_METHOD boolean| WL_PAYMENT_SHOW_OVERLAY object| WL_PAYMENT_OVERLAY_MSG_INTERVAL boolean| WL_PAYMENT_SHOW_CREDIT_CARD_IMAGES object| WL_PAYMENT_SECONDARY_LOGO object| WL_SHOW_REWARD_PROGRAM_PICKER object| WL_USE_EXTERNAL_REDEMPTION boolean| WL_DISPLAY_LAST_NAME_ONLY_ON_HEADER object| WL_REWARD_BONUS_UNIT object| WL_REWARD_BASE_UNIT object| WL_REWARD_BOOST_IS_BONUS object| WL_SHOW_GUEST_INFO_COMPANY_INVOICE boolean| WL_TEALIUM_ENABLED string| WL_GA_TRACKING_ID string| WL_GA4_MEASUREMENT_ID string| WL_API_SERVER_REST_ENDPOINT object| WL_DISPLAY_AVAILABLE_CREDIT_CARDS object| WL_CDK_THEME function| getCookie object| GlobalSnowplowNamespace function| snowplow function| ga function| gtag object| dataLayer object| testarossaDataLayer object| dataLayerKayak object| Snowplow object| google_tag_data object| gaplugins object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject object| gaData object| trWebpackJsonp object| __core-js_shared__ function| applyFocusVisiblePolyfill object| __global__ object| regeneratorRuntime function| _ object| __cfBeacon object| ga4DataLayer

16 Cookies

Domain/Path Name / Value
kayak.hitrewards-qa.com/diningrewards Name: trfe.performance_cookies_enabled
Value: true
kayak.hitrewards-qa.com/diningrewards Name: trfe.targeting_cookies_enabled
Value: true
kayak.hitrewards-qa.com/diningrewards Name: trfe.functional_cookies_enabled
Value: true
.kayak.hitrewards-qa.com/ Name: __cf_bm
Value: Dvxtjs6RyM4rxdG0Zwte_SF1pnPGSDEN.KX_Ml84WrU-1717724624-1.0.1.1-9DYysxa2B6o1JET5es66tadI_TrJrhYu55pnsva0XQQyrByITa7NH9Tnt7_lpUF63tKPnrRm7re2OXzT..Tnr47V6cnt02oUu3jW6y3Uv5c
.hitrewards-qa.com/ Name: _ga
Value: GA1.2.263913692.1717724624
.hitrewards-qa.com/ Name: _gid
Value: GA1.2.1298383328.1717724624
.hitrewards-qa.com/ Name: _gat_UA-103175370-1
Value: 1
.hitrewards-qa.com/ Name: _ga_HR6J13818X
Value: GS1.2.1717724624.1.0.1717724624.0.0.0
.hitrewards-qa.com/ Name: builderSessionId
Value: 99d4d400fe2b4952b993534906c33142
.kayak.hitrewards-qa.com/ Name: cf_clearance
Value: lsUxUmxQbJafu3dhBSjacZUwLl5GU.kM6WkQjW1NPFc-1717724626-1.0.1.1-l5qU8tMmc8xP3iKpha36JZKVFX0jbWOfxgSCWZlTVb7RlS_W4tjvrtyZIgmSBKV6H56YvH30tqP_RTF2ThImoA
kayak.hitrewards-qa.com/ Name: _sp_ses.06ef
Value: *
kayak.hitrewards-qa.com/ Name: _sp_id.06ef
Value: f4ce03fe-7502-4e58-9f47-4fbb6d712b83.1717724627.1.1717724627.1717724627.b07d048a-9d71-4118-851f-050c77ee503d
.hitrewards-qa.com/ Name: _gat
Value: 1
.hitrewards-qa.com/ Name: _ga_QSSXP08EVT
Value: GS1.1.1717724624.1.1.1717724626.0.0.0
rti-master-api.hitrewards-qa.com/ Name: XSRF-TOKEN
Value: 52a9ecbb-bbea-45f5-9454-7968160e4844
rti-master-api.hitrewards-qa.com/ Name: JSESSIONID
Value: 5c9be4c2-6720-4d54-bf7d-7925f8d3047c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
com-rocketmiles-qa1.collector.snplow.net
d11m0dp9ta9w39.cloudfront.net
d4466r3vlr9ym.cloudfront.net
fonts.googleapis.com
kayak.hitrewards-qa.com
opentable.hitrewards-qa.com
region1.google-analytics.com
rti-master-api.hitrewards-qa.com
static.cloudflareinsights.com
translations.rocketmiles.com
www.google-analytics.com
www.googletagmanager.com
rti-master-api.hitrewards-qa.com
104.18.79.74
142.250.185.72
142.250.186.78
2001:4860:4802:32::36
216.239.32.36
2600:9000:225b:b600:16:792e:2d40:21
2600:9000:237d:9600:10:cdb:b80:21
2606:4700::6810:4f49
2606:4700::6812:9004
2a00:1450:4001:800::200e
2a00:1450:4001:811::200a
2a00:1450:4001:82a::2008
2a04:4e42:200::485
44.194.207.99
54.162.67.29
14365c02fa81662114baa281a33cbfacb3fdf8bde1b405935f0005b74b62f384
146298026bcef5390b1565e429d6a31ccad89556e8e7f49dee3f9573beae8c47
1614a2cf44304f73cc18d27c468e1a31f0a5288d81136f20584d3e7785f64f14
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
328c7299d18c2d9aff83b26505a1bba6a49b5ca547e56a404b69e552454e6489
4e69970a46aeced37b72542675ba04b863b30cce1fe3d28a46274cca23e036b2
58f6aebf8d20c0589b0b076e26c26e6930562589a3339fceca3798f832efd47d
6ef6e4b7664421a6d27f39ff49dd25064496415add71368f0ee98ce849dc19bf
79d08edb5b23fcc8da45fcc77210c8e18771fcf3876dda7d2596cb3ed0512333
a2ca76faf6c4cd4ed1e24c0861b719dc6a900d9507e8fdb146bf1c3abf87a974
ba86d91189b33e4a8674d3f2ccb38f6d8edd48e9ffede4ecdb4af6bc9b868cda
c1708959bc3b506ffcd0f9674df086b401f1087fff4cfd485bb780ca5f976f5f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df675567f66eb257570a8cec956f48aeb042701a10306fc6985722605edec90d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60566140391e341c2fb0139d6a36214cc68a132acfb259cfbeabe5fc5c3790f
f120f189c2660ae7da0c99fae2ea81f8e3a8d7fcc2f2540ce79af2cc4f4dff23
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7