urlscan.io logo urlscan.io
SecurityTrails logo

bookings.omnihotels.com Open in urlscan Pro
2606:4700::6812:1a5d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.em.omnihotels.com/?qs=69f5ded6af956b3eb10e86892a3fa1ad42554c055c666a9d735693103bc47b6f633b8d2bac47c5ed49b58d9c5189...
Effective URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_s...
Submission: On August 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 5 countries across 43 domains to perform 148 HTTP transactions. The main IP is 2606:4700::6812:1a5d, located in United States and belongs to CLOUDFLARENET, US. The main domain is bookings.omnihotels.com. The Cisco Umbrella rank of the primary domain is 527123.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 27th 2024. Valid for: a year.
This is the only time bookings.omnihotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.234.80 14340 (SALESFORCE)
31 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 142.250.186.132 15169 (GOOGLE)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.67.139.119 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.86.7 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.239.83.60 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 2.18.64.21 20940 (AKAMAI-ASN1)
1 95.101.111.153 20940 (AKAMAI-ASN1)
3 2620:1ec:33:1... 8075 (MICROSOFT...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 18.239.67.100 16509 (AMAZON-02)
3 107.178.244.119 396982 (GOOGLE-CL...)
1 2600:9000:223... 16509 (AMAZON-02)
2 157.240.0.6 32934 (FACEBOOK)
1 192.132.33.68 18568 (BIDTELLECT)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 23.52.181.90 16625 (AKAMAI-AS)
4 18.197.181.37 16509 (AMAZON-02)
1 18.66.102.51 16509 (AMAZON-02)
1 34.120.253.250 396982 (GOOGLE-CL...)
1 34.120.111.33 396982 (GOOGLE-CL...)
6 7 142.250.185.102 15169 (GOOGLE)
3 216.58.206.34 15169 (GOOGLE)
2 3 185.89.210.153 29990 (ASN-APPNEX)
2 52.223.40.198 16509 (AMAZON-02)
1 34.252.40.201 16509 (AMAZON-02)
1 2 3.120.68.64 16509 (AMAZON-02)
2 18.232.251.181 14618 (AMAZON-AES)
2 34.200.25.57 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.35 15169 (GOOGLE)
1 2 142.250.186.102 15169 (GOOGLE)
3 18.66.112.111 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 142.250.185.162 15169 (GOOGLE)
2 2 37.157.5.84 198622 (ADFORM)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 151.101.128.84 54113 (FASTLY)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 13.227.219.3 16509 (AMAZON-02)
6 34.98.72.95 396982 (GOOGLE-CL...)
3 192.132.33.67 18568 (BIDTELLECT)
2 23.32.101.95 16625 (AKAMAI-AS)
1 54.220.83.225 16509 (AMAZON-02)
1 34.117.121.15 396982 (GOOGLE-CL...)
1 34.149.20.44 396982 (GOOGLE-CL...)
1 34.102.183.220 396982 (GOOGLE-CL...)
1 34.149.130.207 15169 (GOOGLE)
1 151.101.192.84 54113 (FASTLY)
2 3.33.220.150 16509 (AMAZON-02)
1 34.111.8.32 396982 (GOOGLE-CL...)
1 35.173.17.244 ()
148 62
1    13.111.234.80 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.em.omnihotels.com
click.em.omnihotels.com
31    2606:4700::6812:1a5d (United States)

ASN13335 (CLOUDFLARENET, US)
bookings.omnihotels.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a02:26f0:480:f::213:7ece (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
1    2a02:26f0:780::210:ca5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
4    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    65.9.86.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-7.ams1.r.cloudfront.net
pixel-library.pmg.com
7    2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    18.239.83.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-60.ams58.r.cloudfront.net
schema.apolloplatform.com
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2.18.64.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-21.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    95.101.111.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-153.deploy.static.akamaitechnologies.com
aa.trkn.us
3    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    18.239.67.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-67-100.ams58.r.cloudfront.net
js.adsrvr.org
3    107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com
beacon.sojern.com
pixel.sojern.com
1    2600:9000:223d:9800:9:7c30:be80:21 (United States)

ASN16509 (AMAZON-02, US)
d1n00d49gkbray.cloudfront.net
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.68.bidtellect.com
bttrack.com
2    2a02:26f0:480:581::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    2a02:26f0:480:3::210:ee92 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.bttrack.com
4    23.52.181.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-181-90.deploy.static.akamaitechnologies.com
p.teads.tv
cm.teads.tv
fledge.teads.tv
4    18.197.181.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-181-37.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
1    18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net
static.hotjar.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.wknd.ai
1    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
api.edkt.io
7    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
ad.doubleclick.net
3    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
adservice.google.com
3    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    34.252.40.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-40-201.eu-west-1.compute.amazonaws.com
sp.analytics.yahoo.com
2    3.120.68.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-68-64.eu-central-1.compute.amazonaws.com
tags.w55c.net
2    18.232.251.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-251-181.compute-1.amazonaws.com
514013529.collect.igodigital.com
nova.collect.igodigital.com
2    34.200.25.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-25-57.compute-1.amazonaws.com
a7tglno5hj.execute-api.us-east-1.amazonaws.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c1f::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net
www.google.de
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
9945854.fls.doubleclick.net
3    18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-111.fra56.r.cloudfront.net
cdn.apolloplatform.com
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
2    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.227.219.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-3.ams54.r.cloudfront.net
script.hotjar.com
6    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
3    192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.67.bidtellect.com
bttrack.com
2    23.32.101.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-101-95.deploy.static.akamaitechnologies.com
t.teads.tv
1    54.220.83.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-83-225.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    34.117.121.15 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.121.117.34.bc.googleusercontent.com
data.cdnbasket.net
1    34.149.20.44 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 44.20.149.34.bc.googleusercontent.com
page.cdnbasket.net
1    34.102.183.220 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 220.183.102.34.bc.googleusercontent.com
view.cdnbasket.net
1    34.149.130.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.130.149.34.bc.googleusercontent.com
pd.cdnwidget.com
1    151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
1    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
1    35.173.17.244 (None, )

ASN- ()
tr2.smarterhq.io
Apex Domain
Subdomains		 Transfer
32 omnihotels.com
click.em.omnihotels.com — Cisco Umbrella Rank: 773604
bookings.omnihotels.com — Cisco Umbrella Rank: 527123
676 KB
12 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
9945854.fls.doubleclick.net — Cisco Umbrella Rank: 285919
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
3 KB
7 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 3941
api.bounceexchange.com — Cisco Umbrella Rank: 4107
139 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
149 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 468
region1.analytics.google.com — Cisco Umbrella Rank: 3773
1 KB
6 teads.tv
p.teads.tv — Cisco Umbrella Rank: 7621
cm.teads.tv — Cisco Umbrella Rank: 6387
fledge.teads.tv — Cisco Umbrella Rank: 15003
t.teads.tv — Cisco Umbrella Rank: 3893
7 KB
6 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1697
cdn.bttrack.com — Cisco Umbrella Rank: 14080
7 KB
5 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2631
insight.adsrvr.org — Cisco Umbrella Rank: 1486
match.adsrvr.org — Cisco Umbrella Rank: 505
6 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 963
137 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 1235
5 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
px4.ads.linkedin.com — Cisco Umbrella Rank: 7330
3 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 4688
10 KB
4 apolloplatform.com
schema.apolloplatform.com — Cisco Umbrella Rank: 253351
cdn.apolloplatform.com — Cisco Umbrella Rank: 279227
25 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
385 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178
p.typekit.net — Cisco Umbrella Rank: 1499
45 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 6963
page.cdnbasket.net — Cisco Umbrella Rank: 6969
view.cdnbasket.net — Cisco Umbrella Rank: 6981
1014 B
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
ib.adnxs.com — Cisco Umbrella Rank: 383
3 KB
3 sojern.com
beacon.sojern.com — Cisco Umbrella Rank: 8861
pixel.sojern.com — Cisco Umbrella Rank: 11857
2 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
261 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
1 KB
2 amazonaws.com
a7tglno5hj.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 267614
271 B
2 igodigital.com
514013529.collect.igodigital.com — Cisco Umbrella Rank: 352008
nova.collect.igodigital.com — Cisco Umbrella Rank: 8949
3 KB
2 w55c.net
tags.w55c.net — Cisco Umbrella Rank: 6901
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1417
25 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
71 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884
16 KB
1 smarterhq.io
tr2.smarterhq.io
127 B
1 cdnwidget.com
pd.cdnwidget.com — Cisco Umbrella Rank: 5354
288 B
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 8904
171 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
320 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 2393
501 B
1 edkt.io
api.edkt.io — Cisco Umbrella Rank: 10172
760 B
1 wknd.ai
tag.wknd.ai — Cisco Umbrella Rank: 4990
5 KB
1 cloudfront.net
d1n00d49gkbray.cloudfront.net
26 KB
1 trkn.us
aa.trkn.us — Cisco Umbrella Rank: 34532
166 B
1 pmg.com
pixel-library.pmg.com — Cisco Umbrella Rank: 89014
7 KB
1 fontawesome.com
ka-f.fontawesome.com — Cisco Umbrella Rank: 7493
76 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
832 B
148 43
Domain Requested by
31 bookings.omnihotels.com bookings.omnihotels.com
7 ad.doubleclick.net 6 redirects bookings.omnihotels.com
7 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
bookings.omnihotels.com
6 assets.bounceexchange.com tag.wknd.ai
assets.bounceexchange.com
5 analytics.tiktok.com bookings.omnihotels.com
analytics.tiktok.com
4 ct.pinterest.com s.pinimg.com
4 tags.srv.stackadapt.com bookings.omnihotels.com
tags.srv.stackadapt.com
4 bttrack.com www.googletagmanager.com
bookings.omnihotels.com
cdn.bttrack.com
bttrack.com
4 www.googletagmanager.com bookings.omnihotels.com
www.googletagmanager.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 cdn.apolloplatform.com schema.apolloplatform.com
3 insight.adsrvr.org bookings.omnihotels.com
js.adsrvr.org
3 adservice.google.com bookings.omnihotels.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
bookings.omnihotels.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
bookings.omnihotels.com
3 use.typekit.net bookings.omnihotels.com
use.typekit.net
2 t.teads.tv p.teads.tv
bookings.omnihotels.com
2 cm.teads.tv p.teads.tv
bookings.omnihotels.com
2 www.facebook.com bookings.omnihotels.com
2 c1.adform.net 2 redirects
2 pixel.sojern.com bookings.omnihotels.com
2 cm.g.doubleclick.net bookings.omnihotels.com
2 9945854.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 a7tglno5hj.execute-api.us-east-1.amazonaws.com bookings.omnihotels.com
2 tags.w55c.net 1 redirects bookings.omnihotels.com
2 secure.adnxs.com 1 redirects bookings.omnihotels.com
2 cdn.bttrack.com www.googletagmanager.com
2 s.pinimg.com bookings.omnihotels.com
s.pinimg.com
2 connect.facebook.net bookings.omnihotels.com
connect.facebook.net
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.com bookings.omnihotels.com
www.gstatic.com
1 tr2.smarterhq.io d1n00d49gkbray.cloudfront.net
1 api.bounceexchange.com assets.bounceexchange.com
1 pd.cdnwidget.com assets.bounceexchange.com
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 content.hotjar.io script.hotjar.com
1 nova.collect.igodigital.com bookings.omnihotels.com
1 fledge.teads.tv p.teads.tv
1 script.hotjar.com static.hotjar.com
1 px4.ads.linkedin.com bookings.omnihotels.com
1 match.adsrvr.org bookings.omnihotels.com
1 ib.adnxs.com 1 redirects
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.google.de bookings.omnihotels.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 514013529.collect.igodigital.com bookings.omnihotels.com
1 sp.analytics.yahoo.com bookings.omnihotels.com
1 api.edkt.io bookings.omnihotels.com
1 tag.wknd.ai bookings.omnihotels.com
1 static.hotjar.com bookings.omnihotels.com
1 p.teads.tv www.googletagmanager.com
1 d1n00d49gkbray.cloudfront.net bookings.omnihotels.com
1 beacon.sojern.com bookings.omnihotels.com
1 js.adsrvr.org www.googletagmanager.com
1 aa.trkn.us bookings.omnihotels.com
1 schema.apolloplatform.com www.googletagmanager.com
1 pixel-library.pmg.com bookings.omnihotels.com
1 www.gstatic.com www.google.com
1 ka-f.fontawesome.com bookings.omnihotels.com
1 p.typekit.net use.typekit.net
1 fonts.googleapis.com bookings.omnihotels.com
1 click.em.omnihotels.com 1 redirects
148 66
Subject Issuer Validity Valid
*.omnihotels.com
Go Daddy Secure Certificate Authority - G2		 2024-02-27 -
2025-03-30		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
ka-f.fontawesome.com
WE1		 2024-07-01 -
2024-09-29		 3 months crt.sh
pmg.com
Amazon RSA 2048 M03		 2024-02-08 -
2025-03-07		 a year crt.sh
cookielaw.org
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
cdn.apolloplatform.com
Amazon RSA 2048 M02		 2023-11-23 -
2024-12-21		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
cert1-prod.aut.a24365.net
R10		 2024-08-20 -
2024-11-18		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-21		 5 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-01 -
2024-08-30		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-01 -
2025-04-01		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-02 -
2025-08-07		 a year crt.sh
cdn.bttrack.com
E6		 2024-06-19 -
2024-09-17		 3 months crt.sh
teads.tv
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2024-08-09 -
2025-09-07		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
tag.wknd.ai
R10		 2024-07-17 -
2024-10-15		 3 months crt.sh
edkt.io
WR3		 2024-08-03 -
2024-11-01		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-30 -
2025-01-22		 6 months crt.sh
*.collect.igodigital.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-14		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon RSA 2048 M02		 2024-06-23 -
2025-07-21		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.de
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh
assets.bounceexchange.com
WR3		 2024-07-17 -
2024-10-15		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh
data.cdnbasket.net
WR3		 2024-07-02 -
2024-09-30		 3 months crt.sh
page.cdnbasket.net
WR3		 2024-07-10 -
2024-10-08		 3 months crt.sh
view.cdnbasket.net
WR3		 2024-07-11 -
2024-10-09		 3 months crt.sh
pd.cdnwidget.com
R11		 2024-07-10 -
2024-10-08		 3 months crt.sh
*.wunderkind.co
R10		 2024-08-02 -
2024-10-31		 3 months crt.sh
smarterhq.io
Amazon RSA 2048 M02		 2024-07-19 -
2025-08-17		 a year crt.sh

This page contains 9 frames:

Primary Page: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Frame ID: AB36072D140165CF58951D7773FC458E
Requests: 140 HTTP requests in this frame

Frame: https://bttrack.com/Pixel/Conversion/15411/pmg_ohr_pageview
Frame ID: AA91070D94F28DC1A15327135B0F9C71
Requests: 1 HTTP requests in this frame

Frame: https://9945854.fls.doubleclick.net/activityi;dc_pre=CLq_xZnDiYgDFU6PgwcdGhMnZg;src=9945854;type=rtgco0;cat=globa0;ord=8920112082045;npa=1;auiddc=181269480.1724361508;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1943830390;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48l0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail
Frame ID: 8B2DADCED114369C8D668A9B8CA6C1F1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le97XwpAAAAAP1OicOTNou9XwqgwMbSdBGLHYBF&co=aHR0cHM6Ly9ib29raW5ncy5vbW5paG90ZWxzLmNvbTo0NDM.&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=op1td77scze4
Frame ID: 166F3CD17F6459C07334E21E241927AB
Requests: 1 HTTP requests in this frame

Frame: https://fledge.teads.tv/v1/interest-group/tag.html
Frame ID: E6E9B1F4E12FCA6BEF2F3732D45B5128
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 22388FD74C8F6FFA4EAF2BE746748007
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 226FD51CB0DDBEFEDC3D6FDFDB33C912
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=yfvavnx&ref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&upid=s2p53hs&upv=1.1.0&paapi=1
Frame ID: B069D853EFECC791AA122B0BEBBCF608
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=wn5plxq&ref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&upid=0cbz3wn&upv=1.1.0&paapi=1
Frame ID: B1866424763632AEC33B01E8A41FDF79
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | Omni Hotels & Resorts

Page URL History Show full URLs

  1. https://click.em.omnihotels.com/?qs=69f5ded6af956b3eb10e86892a3fa1ad42554c055c666a9d735693103bc47b6f633b8d2b... HTTP 302
    https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

148
Requests

93 %
HTTPS

30 %
IPv6

43
Domains

66
Subdomains

62
IPs

5
Countries

2191 kB
Transfer

6398 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.em.omnihotels.com/?qs=69f5ded6af956b3eb10e86892a3fa1ad42554c055c666a9d735693103bc47b6f633b8d2bac47c5ed49b58d9c5189cb7b99e09c629d354ad4 HTTP 302
    https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64
  • https://ad.doubleclick.net/ddm/activity/src=12702588;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=2027637194 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=12702588;dc_pre=CLWrxJnDiYgDFehnHgIdKzU2Bg;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=2027637194 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CLWrxJnDiYgDFehnHgIdKzU2Bg;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=2027637194
Request Chain 66
  • https://secure.adnxs.com/px?id=1648638&seg=32474541&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1648638%26seg%3D32474541%26t%3D2
Request Chain 69
  • https://tags.w55c.net/rs?id=b753d945b20448378a2f2e7c15f10576&t=homepage HTTP 302
  • https://tags.w55c.net/rs?sccid=4a8b29fa-5225-1e10-59c2-abaa9ba7c513&scc=1&id=b753d945b20448378a2f2e7c15f10576&t=homepage
Request Chain 70
  • https://ad.doubleclick.net/ddm/activity/src=12702588;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=974729952 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=12702588;dc_pre=CN2KyJnDiYgDFYlIHgIdTP8DnA;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=974729952 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CN2KyJnDiYgDFYlIHgIdTP8DnA;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=974729952
Request Chain 78
  • https://9945854.fls.doubleclick.net/activityi;src=9945854;type=rtgco0;cat=globa0;ord=8920112082045;npa=1;auiddc=181269480.1724361508;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1943830390;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48l0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail HTTP 302
  • https://9945854.fls.doubleclick.net/activityi;dc_pre=CLq_xZnDiYgDFU6PgwcdGhMnZg;src=9945854;type=rtgco0;cat=globa0;ord=8920112082045;npa=1;auiddc=181269480.1724361508;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1943830390;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48l0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail
Request Chain 89
  • https://ad.doubleclick.net/ddm/activity/src=9197352;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=9197352;dc_pre=CMzlzJnDiYgDFdNpHgIdsHsufg;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=9197352;dc_pre=CMzlzJnDiYgDFdNpHgIdsHsufg;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
Request Chain 92
  • https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=M3KxC-GLVOk9D3HNZNAx0Bbnk5suCa_Lg-Jz3iJuXb-YGVyFhE9UwAGcVUesPWF5 HTTP 302
  • https://pixel.sojern.com/idsync/apn?id=3423374250960288965&sjrn_id=M3KxC-GLVOk9D3HNZNAx0Bbnk5suCa_Lg-Jz3iJuXb-YGVyFhE9UwAGcVUesPWF5
Request Chain 94
  • https://c1.adform.net/serving/cookie/match?cid=a0c1e46a-e39d-ea7b-b2b2-b173937bfd35&party=1296 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&cid=a0c1e46a-e39d-ea7b-b2b2-b173937bfd35&party=1296 HTTP 302
  • https://pixel.sojern.com/idsync/adf?adfid=4808709293948829577&cid=a0c1e46a-e39d-ea7b-b2b2-b173937bfd35
Request Chain 99
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1724361508676&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1724361508676&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&e_ipv6=AQIhsOj5T8-dMQAAAZF79IlwPkCMlw782enKryiRRTXzjL6iYgX1CpMKz2Ge9elxF2k8OZnT

148 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
bookings.omnihotels.com/
Redirect Chain
  • https://click.em.omnihotels.com/?qs=69f5ded6af956b3eb10e86892a3fa1ad42554c055c666a9d735693103bc47b6f633b8d2bac47c5ed49b58d9c5189cb7b99e09c629d354ad4
  • https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&u...
42 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54dec0abb522786278d58ef65f9f8487d475f27d8b4ee571c8fef7d064dcd888
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
Strict-Transport-Security max-age=15638400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
access-control-allow-methods
GET, POST
access-control-max-age
1000
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8b75e5393b61630a-HAM
content-encoding
gzip
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin
date
Thu, 22 Aug 2024 21:18:27 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15638400
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private
Connection
close
Content-Length
775
Content-Type
text/html; charset=utf-8
Date
Thu, 22 Aug 2024 21:18:26 GMT
Location
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
css2
fonts.googleapis.com/ 		1 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b90cf481a2ad169e12b9828c0d230570ad18116830d66d37aebcebdcd32b8bf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Aug 2024 21:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 22 Aug 2024 20:15:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Aug 2024 21:18:27 GMT
jquery-ui.min.css
bookings.omnihotels.com/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/css/jquery-ui.min.css?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cafe94ba60283d2f3973530b64b9b615585263b4cc08cc8687521fb892b75538
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18832
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:38 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"643d0372-7851"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e53fca39630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:27 GMT
bootstrap.min.css
bookings.omnihotels.com/css/ 		158 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/css/bootstrap.min.css
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
pragma
public
referrer-policy
same-origin
last-modified
Thu, 25 Jan 2024 11:47:06 GMT
server
cloudflare
etag
W/"65b24a3a-279d8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e53fca3a630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:27 GMT
slick.min.css
bookings.omnihotels.com/css/ 		1 KB
560 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/css/slick.min.css
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ec747afc45612c45573a7101ecf9adf6dee6e98c2620b22ee3f70144f9548e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:39 GMT
server
cloudflare
etag
W/"643d0373-52f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e53fca3c630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:27 GMT
slick-theme.min.css
bookings.omnihotels.com/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/css/slick-theme.min.css
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4bc789142ca61c2faae60acec10c04360e92f0995c4bc6d29b076e39d09e2c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
233940
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:39 GMT
server
cloudflare
etag
W/"643d0373-e78"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e53fca3e630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:27 GMT
font-awesome.min.css
bookings.omnihotels.com/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/css/font-awesome.min.css?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18832
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:28:28 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"643d032c-7918"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e53fca40630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:27 GMT
datepicker.min.css
bookings.omnihotels.com/vuedatepicker/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/vuedatepicker/datepicker.min.css?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7888999fa80868a7f03f4afcc1ab6f9bc8cf16113794978fde1ba006c961ce8
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18832
pragma
public
referrer-policy
same-origin
last-modified
Mon, 24 Apr 2023 16:35:38 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"6446afda-10ac"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e53fca41630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:27 GMT
gsx0mqu.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/gsx0mqu.css
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
73b7f2f8725690c65daa20ee5336d595b4e1369dd42dc4c6baa11bd1fe1df90b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 22 Aug 2024 21:18:27 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
930
styles.css
bookings.omnihotels.com/css/scss/ 		478 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/css/scss/styles.css?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e386e36d1649a3cf2bed067e5b7755287843fb32d7f1301edec98141067b1a5c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
pragma
public
referrer-policy
same-origin
last-modified
Thu, 22 Aug 2024 11:49:53 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"66c725e1-77884"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e53fca42630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:27 GMT
jquery-3.6.1.min.js
bookings.omnihotels.com/js/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/jquery-3.6.1.min.js
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:39 GMT
server
cloudflare
etag
W/"643d0373-15e40"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e53fca43630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:27 GMT
omnihotels.svg
bookings.omnihotels.com/images/logos/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bookings.omnihotels.com/images/logos/omnihotels.svg?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32984fcae927955ad21b22eba413e78d35b6f75613a52d1ff6cbf9c5c139d0ac
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18832
referrer-policy
same-origin
last-modified
Thu, 14 Mar 2024 09:26:17 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65f2c2b9-1a80"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
image/svg+xml
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=2592000
cf-ray
8b75e53fca44630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Sat, 21 Sep 2024 21:18:27 GMT
omnihotels.svg
bookings.omnihotels.com/images/logos/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bookings.omnihotels.com/images/logos/omnihotels.svg
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32984fcae927955ad21b22eba413e78d35b6f75613a52d1ff6cbf9c5c139d0ac
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
462377
referrer-policy
same-origin
last-modified
Thu, 14 Mar 2024 09:26:17 GMT
server
cloudflare
etag
W/"65f2c2b9-1a80"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
image/svg+xml
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=2592000
cf-ray
8b75e53ffa59630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Sat, 21 Sep 2024 21:18:27 GMT
login.svg
bookings.omnihotels.com/images/icons/p3/ 		358 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bookings.omnihotels.com/images/icons/p3/login.svg
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1faec96c5766cc5da452b7c0b8b078b32275ac7ad8dec805a8a25961a9b43df
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
292857
referrer-policy
same-origin
last-modified
Tue, 27 Jun 2023 10:00:03 GMT
server
cloudflare
etag
W/"649ab323-166"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
image/svg+xml
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=2592000
cf-ray
8b75e5401a76630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Sat, 21 Sep 2024 21:18:27 GMT
omni-select-logo.svg
bookings.omnihotels.com/membersarea/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bookings.omnihotels.com/membersarea/images/omni-select-logo.svg
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1bd791dbae37c7eb4a2c35b384be01328236f5088a9237d020eeda521fac99f
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
referrer-policy
same-origin
last-modified
Thu, 04 Jan 2024 11:40:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"6596993a-16dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
image/svg+xml
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=2592000
cf-ray
8b75e5403aa4630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Sat, 21 Sep 2024 21:18:27 GMT
toggle-validation-classes.js
bookings.omnihotels.com/js/form-scripts/ 		2 KB
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/form-scripts/toggle-validation-classes.js?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2780ede9598614a57b1265fbfbc739c2c36f0cb7656bb59aa86a08e8ca5a1b95
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:39 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"643d0373-70b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e5415be1630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:28 GMT
password-reveal.js
bookings.omnihotels.com/js/form-scripts/ 		2 KB
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/form-scripts/password-reveal.js?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d998de525e2f49633d799353b5cfcdcc930241f375300401ae3bb52c85ea58
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
pragma
public
referrer-policy
same-origin
last-modified
Thu, 18 Jul 2024 08:59:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"6698d97c-6a9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e5415be4630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:28 GMT
sign-in-banner.png
bookings.omnihotels.com/images/ 		220 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bookings.omnihotels.com/images/sign-in-banner.png
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3724d91d386a94f5f996109e99b924baa373c2baa4ef06f664a89a023241a251
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cf-cache-status
HIT
content-length
225256
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:39 GMT
server
cloudflare
etag
"643d0373-36fe8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
image/png
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b75e5406acd630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Sat, 21 Sep 2024 21:18:27 GMT
popper.min.js
bookings.omnihotels.com/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/popper.min.js?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
625b022a42ed5d9c39911e42050f4fd9834ea039af978b7716f7800ade95eb55
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18832
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:39 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"643d0373-4afd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e540ab2a630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:27 GMT
slick.min.js
bookings.omnihotels.com/js/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/slick.min.js
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c53bd4fb46505b90b10e21b4c6e477a14abb0ed61eab0a7b44ee0c351de5b5a
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
via
1.1 google
cf-cache-status
HIT
content-encoding
gzip
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:39 GMT
server
cloudflare
etag
W/"643d0373-aa39"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
access-control-allow-origin
https://www.omnihotels.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=14400
cf-ray
8b75e540fb7c630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Fri, 23 Aug 2024 01:18:28 GMT
lazyload.min.js
bookings.omnihotels.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/lazyload.min.js?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cae0b9d70b27cc19083606d3249728c06e567271cef4692d9aa2e6f1e787f96
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18833
pragma
public
referrer-policy
same-origin
last-modified
Mon, 24 Apr 2023 16:35:38 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"6446afda-164f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e540fb88630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:28 GMT
jquery-ui.min.js
bookings.omnihotels.com/js/ 		249 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/jquery-ui.min.js?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c340313fbf7869da6c98fa2d5904983db6d7a1eb5bed7c114c98355eef779ec0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18833
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:39 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"643d0373-3e467"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e5414bd2630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:28 GMT
bootstrap.min.js
bookings.omnihotels.com/js/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/bootstrap.min.js
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
via
1.1 google
cf-cache-status
HIT
content-encoding
gzip
age
42355
pragma
public
referrer-policy
same-origin
last-modified
Thu, 25 Jan 2024 11:47:06 GMT
server
cloudflare
etag
W/"65b24a3a-f463"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
access-control-allow-origin
https://www.omnihotels.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=14400
cf-ray
8b75e5414bd7630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Fri, 23 Aug 2024 01:18:28 GMT
input-mask.min.js
bookings.omnihotels.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/input-mask.min.js?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591c6bf7ae2840dc3c4bb1da23a9ee7da4a783e78026eda46ce3fcee561422e9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18833
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:39 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"643d0373-c9d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e5414bd9630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:28 GMT
p3core.js
bookings.omnihotels.com/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/p3core.js?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27325ea16f0df99976e67b268976c6d4562a6824c86d3bc2edf4e04776c5034d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18832
pragma
public
referrer-policy
same-origin
last-modified
Thu, 18 Jul 2024 08:59:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"6698d97c-1b7d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e5414bda630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:28 GMT
bootstrap-multiselect.js
bookings.omnihotels.com/js/ 		67 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/bootstrap-multiselect.js?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
821e680e0e3aaf1443afd405e277a193550d50b434e4485b33dc0e7ab125c117
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18832
pragma
public
referrer-policy
same-origin
last-modified
Mon, 17 Apr 2023 08:29:39 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"643d0373-10d85"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e5414bdb630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:28 GMT
jquery.validate.min.js
bookings.omnihotels.com/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/jquery.validate.min.js
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
544524
pragma
public
referrer-policy
same-origin
last-modified
Wed, 24 Jan 2024 14:15:51 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65b11b97-6019"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e5414bdc630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:28 GMT
custom.js
bookings.omnihotels.com/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/custom.js?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac9c5cd537f4f793c78efd5acf796522a5b2449afbe28da4d6e51f1b6fe4c3f8
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18832
pragma
public
referrer-policy
same-origin
last-modified
Thu, 30 May 2024 09:25:41 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"66584615-4e35"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e5415bdf630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:28 GMT
enterprise.js
www.google.com/recaptcha/ 		2 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?onload=onloadCallbackOfRecaptchaEnterprise
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
daa4ffb809434104d7f2fac6509b7468c826ae1ee137eb381c5a937034f2a5ef
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 22 Aug 2024 21:18:28 GMT
recaptcha.js
bookings.omnihotels.com/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/js/recaptcha.js?a6ac1c1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e7dd6901dded3ec83c1358e84b7020185757fe5318df4fa948800e3dd9d4e0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
pragma
public
referrer-policy
same-origin
last-modified
Thu, 18 Jul 2024 08:59:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"6698d97c-12ad"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=604800
cf-ray
8b75e5415be0630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Thu, 29 Aug 2024 21:18:28 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=gsx0mqu&ht=tk&f=44870.44872.44873.44874.44875.45404.45407&a=137763107&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/gsx0mqu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:ca5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
last-modified
Sun, 28 Jul 2024 12:45:14 GMT
server
nginx
etag
"66a63d5a-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/ 		476 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32082961c638086ac178c9b978e935d7abd9a6edad848dcf2be7a7cfd39c677b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133686
x-xss-protection
0
last-modified
Thu, 22 Aug 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Aug 2024 21:18:28 GMT
icon-dropdown-arrow.svg
bookings.omnihotels.com/images/icons/p3/ 		401 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bookings.omnihotels.com/images/icons/p3/icon-dropdown-arrow.svg
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/css/scss/styles.css?a6ac1c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe92e0a271866d066c160619d758d8106cfba28bea8193b1fa5c6d87722702e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/css/scss/styles.css?a6ac1c1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
via
1.1 google
cf-cache-status
HIT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 19 Jul 2023 11:27:14 GMT
server
cloudflare
etag
W/"64b7c892-191"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
image/svg+xml
access-control-max-age
1000
access-control-allow-origin
https://www.omnihotels.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=14400
cf-ray
8b75e5415be5630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Fri, 23 Aug 2024 01:18:28 GMT
loyalty-banner.webp
bookings.omnihotels.com/images/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bookings.omnihotels.com/images/loyalty-banner.webp
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/css/scss/styles.css?a6ac1c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b4eefde7fc63bf7b20cff2575cb6698bc83a313c4b99794f096dbda1bd9c908
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/css/scss/styles.css?a6ac1c1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cf-cache-status
HIT
content-length
167832
referrer-policy
same-origin
last-modified
Thu, 04 Jan 2024 11:40:42 GMT
server
cloudflare
etag
"6596993a-28f98"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
image/webp
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b75e5415be7630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Sat, 21 Sep 2024 21:18:28 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bookings.omnihotels.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 15:02:44 GMT
x-content-type-options
nosniff
age
195344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 15:02:44 GMT
l
use.typekit.net/af/b65d74/00000000000000007735c62d/30/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b65d74/00000000000000007735c62d/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/gsx0mqu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a334534614782c0e1ff21a6d9870e45372fd008677911a4195c517404b503443

Request headers

Referer
https://use.typekit.net/gsx0mqu.css
Origin
https://bookings.omnihotels.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
server
nginx
etag
"25dfbce677e3f0f86fc3cf6a56b2e1bfccf2796a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21472
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bookings.omnihotels.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:11:11 GMT
x-content-type-options
nosniff
age
198437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:11:11 GMT
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/css/scss/styles.css?a6ac1c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer
Origin
https://bookings.omnihotels.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
via
1.1 b2f9e36e364eb2776f6de72b5841ef0c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CPH50-C2
age
9713492
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81o3ZPaPDRW0ugwF14dDChWuTwkYpaZjBRzsKHrmNjFwRyU3ywcWzhnpxvqmljvn%2BgkLtlo2KU1ev8v%2Bczv3rYGd5MASX%2FGPhBXVKI3h%2BLx5s9eatagOLO%2B7AMuunZKkb3vYeikj%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8b75e541afb692d4-CPH
access-control-allow-headers
fa-kit-token
x-amz-cf-id
5jxVDZuv13Mz7aVmOjfZr9y0fSpfOv__HFXliJrjAwC-QCY2AfnY1w==
l
use.typekit.net/af/e74318/00000000000000007735c620/30/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e74318/00000000000000007735c620/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/gsx0mqu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
522e7fe1c9a58bc6742ffc993f258039f8e466de5f696ec0357e06004cbcec28

Request headers

Referer
https://use.typekit.net/gsx0mqu.css
Origin
https://bookings.omnihotels.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
server
nginx
etag
"a9f3a1be5ba95f324a68c1fcee1fe99bdd5a72ec"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22716
eye.webp
bookings.omnihotels.com/images/icons/p3/ 		416 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bookings.omnihotels.com/images/icons/p3/eye.webp
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/css/scss/styles.css?a6ac1c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4019587a58b47600b0c345b48fd9f58af0d1f80ddeecdd67838bf30d72cb882
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/css/scss/styles.css?a6ac1c1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cf-cache-status
HIT
content-length
416
referrer-policy
same-origin
last-modified
Wed, 26 Jul 2023 13:42:00 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
"64c122a8-1a0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
image/webp
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b75e541fc72630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Sat, 21 Sep 2024 21:18:28 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 		539 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=onloadCallbackOfRecaptchaEnterprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://bookings.omnihotels.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 17:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219509
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 04:00:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Aug 2025 17:12:56 GMT
alli-lib
pixel-library.pmg.com/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel-library.pmg.com/alli-lib
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-7.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e26115d5d30637c0bb28de8548e8dba25eee5be273cd7647c8e528d60a013240

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 20:37:02 GMT
content-encoding
gzip
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
last-modified
Tue, 05 Sep 2023 19:37:36 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
2501
etag
W/"2acca1d0036b90667020ea6a806895fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
VyXptPPtFeGZ5mTf4f9ZoS6OZN6yt-L9_rcyT8dB_z1ozFQaV7kDVA==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7Ul52Di6PS5B5w/RS7EYIA==
age
19816
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Wed, 21 Aug 2024 06:34:20 GMT
server
cloudflare
etag
0x8DCC1AB4A1B52D8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4621ec4d-b01e-00b4-22fa-f39f88000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b75e543c96c62d8-HAM
apolloDQ.js
schema.apolloplatform.com/clientJS/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://schema.apolloplatform.com/clientJS/apolloDQ.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-60.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cb34277a5434f95f67e8db342273633beb965b1e4151781e11145a76526437a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 05:10:00 GMT
content-encoding
br
via
1.1 327603281c948cac70b552029adb2e26.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 17:53:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P5
age
77476
etag
W/"50f83e3656b9a14af6c7186e53c14586"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
p2dz-xAD4k87YbaZUMHURu0ZvmpClq3koX0h_TqSKFJIwedapAIhcg==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Aug 2024 21:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
203
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 22 Aug 2024 23:15:05 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHH59LBC77U6OCP0SEB0&lib=ttq
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b40ee314ac4676449ac588072867c6a2651e02277057135fe3a90aba8b8272e1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
ab4b0f24
date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24082221182816C5E6E5FADD5A525F01-6B8DB5AF73C442C6-00
x-cache
TCP_MISS from a2-20-179-85.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=1, origin; dur=95
content-length
1717
pragma
no-cache
server
nginx
x-tt-logid
2024082221182816C5E6E5FADD5A525F01
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
96,2.20.179.85
x-tt-trace-host
016c20600c93d5b4c0f90f27deb184ebe2bb279c731ab3aacf4372b0ebe85d45867e78a783bbe3bdf891b152803654807a2942f27fb2bd52b91a11403a95d4a2a69ab9ca4549b8528d2a262343ecf02c3f21ac4e28f215104c0dd4dae5b9603c0e
expires
Thu, 22 Aug 2024 21:18:28 GMT
cs.js
aa.trkn.us/1/e/ 		0
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.trkn.us/1/e/cs.js?cid=c013&evid=3c5e0548-25ae-4ed8-8b01-c4dba7a076f8&suu=1&dmn=bookings.omnihotels.com
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 22 Aug 2024 21:18:28 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
Expires
Thu, 22 Aug 2024 22:18:28 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12702588
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
819fdf6c9cdc55e451290629cb237214cbb7381541b4e931b342e7d9f4e7e2b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78265
x-xss-protection
0
last-modified
Thu, 22 Aug 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Aug 2024 21:18:28 GMT
js
www.googletagmanager.com/gtag/ 		262 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BELGX2HEXN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38b1769af5d9e27f36e6b97605c8d12d9b7bae5cb80059db6def8892186c8eb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94014
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Aug 2024 21:18:28 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 22 Aug 2024 21:18:27 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FC3B8FEE593F4B6E8980402D03EF5B32 Ref B: CPH30EDGE0616 Ref C: 2024-08-22T21:18:28Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1e898342f996200ceb14753e5829a6ff91de9ba3bc8114240e22e1c4d859bf2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
534, 534
date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Aug 2024 07:32:21 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0, 0
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=28960
accept-ranges
bytes
content-length
755
destination
www.googletagmanager.com/gtag/ 		239 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9945854&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f712eb753218cbd75d8c5d319f9646d828a3d22838adee23c6b0dd994a1f878c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87109
x-xss-protection
0
last-modified
Thu, 22 Aug 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Aug 2024 21:18:28 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.67.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-67-100.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 22 Aug 2024 05:00:52 GMT
Content-Encoding
gzip
Via
1.1 4792ba662c3860029a9df33f3dc5f36c.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS58-P4
Age
58656
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
tfb8AnxEIN11Hkr8dgRLFUuWa6y5Www8jWGp-MdlGLVFWVK_pdKNTA==
193971
beacon.sojern.com/pixel/p/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.sojern.com/pixel/p/193971?f_v=v6_js&p_v=2&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
a913bc8f409fa5411023215b5715c71c2675cf4a2b067f5e8413fcd53135d385

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
content-encoding
gzip
via
1.1 google
date
Thu, 22 Aug 2024 21:18:28 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
812
expires
Thu, 01 Jan 1970 00:00:00 GMT
omni.js
d1n00d49gkbray.cloudfront.net/js/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1n00d49gkbray.cloudfront.net/js/omni.js
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:9800:9:7c30:be80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2c0e1aebf907b85c8790c7910529e00521037df698079cef17489cd7ff37a97

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
UKgwtaOgohRi53SBv_KYuUM0SS730YAz
content-encoding
gzip
via
1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
date
Thu, 22 Aug 2024 05:20:40 GMT
last-modified
Wed, 03 Nov 2021 21:46:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
57469
x-amz-server-side-encryption
AES256
etag
W/"ba07639de361d72b2d682bae718f1dd7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
CiUF55H3-1J4ASuB8GpwRcPl3HBEvF3_BIefuqEy7I7hwfVVyuDhpQ==
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 22 Aug 2024 21:18:28 GMT
document-policy
force-load-at-top
x-fb-server-load
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58912
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=4275, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
oX4MPfkbwDe7b7s31wvjLbngS4JdyinBdJJF28MPOYwiA+aZmdGAW4Q1RgD6Ae35Hc4VKpB2gl5EXZPVbiJlUA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pmg_ohr_pageview
bttrack.com/Pixel/Conversion/15411/ Frame AA91 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/Pixel/Conversion/15411/pmg_ohr_pageview
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.68.bidtellect.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private,no-cache
content-length
105
content-type
text/html; charset=utf-8
date
Thu, 22 Aug 2024 21:18:23 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000;
x-servername
Track001-iad
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:581::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
98ea26191ffc6155103762f2a7205b0b1af5f0e8d4e26cb4b539e581e2e48686

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"e5ca9645e8d8c8a937d77f8658e7bab1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1880
44641
cdn.bttrack.com/universal/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bttrack.com/universal/44641
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3::210:ee92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
36ff8562b6eb7a71acaeb673fe704baefd260365cdd37c9e23bb73c82263b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-servername
assets01-iad
date
Thu, 22 Aug 2024 21:18:28 GMT
cache-control
private, max-age=900
content-length
2779
content-type
application/javascript; charset=utf-8
analytics.min.js
cdn.bttrack.com/js/15411/analytics/1.0/ 		599 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bttrack.com/js/15411/analytics/1.0/analytics.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3::210:ee92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cf83c170fc992166303ac5ee3ad9353ebeff4e41f0bf72f104cc843cc8958471

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-servername
assets01-iad
date
Thu, 22 Aug 2024 21:18:28 GMT
cache-control
private, max-age=26660
content-length
599
content-type
text/javascript; charset=utf-8
teads-fellow.js
p.teads.tv/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.teads.tv/teads-fellow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.181.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-181-90.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
653c605223792518e8d7a382812f876321c916845a3f249b022ce16b892f5427

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 22 Aug 2024 21:18:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jul 2024 13:21:36 GMT
Server
AmazonS3
x-amz-request-id
RC5WRJX3EZQMB7TT
ETag
"8308c4ca0f38b20101f1aa83176a264c"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=420
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5806
x-amz-id-2
sLmb6u/tAt09NNsL3dqOTmX4AtIY8xi2z2WkPaPhqwX2Isy7dQr9OZUSe6BTJrxSOHQEOyfUp1YnPhfbIemhnQ==
events.js
tags.srv.stackadapt.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.181.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-181-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ddb9cf282a11171052fca93f2f71484ae2e7ae5fc8d9eed15fbaf789c057e1c6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Aug 2024 21:18:28 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
hotjar-3621851.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3621851.js?sv=6
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
66b684a9bd117ea6bef9bd049cd47c2d0e6a707ca5c94d4fbeeddd8f60a26ed0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 22 Aug 2024 21:18:28 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/27c0ffdfd40055baffdb4a8f3c5af456
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
AiFjlqBm7LS9Vro6HiE7mUufmifZ1paKvbqoA5vdmO_NR9uPUNwvgg==
i.js
tag.wknd.ai/5615/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/5615/i.js
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
7e198c09440c48a05d7bc57abda36df8520a89e0c45cac60a0189bd450e5853b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 20:27:20 GMT
content-encoding
gzip
x-envoy-decorator-operation
tag-router.tag-router.svc.cluster.local:80/*
via
1.1 google
age
3068
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4359
server
istio-envoy
etag
c8d80dc2777fd
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
trigger
api.edkt.io/nexus/api/v1/attribution/ 		0
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.edkt.io/nexus/api/v1/attribution/trigger?apgId=50&pixId=118
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"event_trigger_data":[{"priority":"1","trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x00000000000000000000000000000000","source_keys":["199","200"]}],"aggregatable_values":{"199":32768,"200":32768},"debug_key":"17661767980887527903","debug_reporting":true,"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com"}
date
Thu, 22 Aug 2024 21:18:28 GMT
via
1.1 google
server
Google Frontend
cache-status
disabled
content-type
image/gif
access-control-allow-origin
*
x-cloud-trace-context
bdfb3be2564f8ed292a431bfb722501d
cache-control
no-cache, no-store, must-revalidate
cache-id
AMS-5232d789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
src=12702588;dc_pre=CLWrxJnDiYgDFehnHgIdKzU2Bg;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=12702588;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord...
  • https://ad.doubleclick.net/ddm/activity/src=12702588;dc_pre=CLWrxJnDiYgDFehnHgIdKzU2Bg;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...
  • https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CLWrxJnDiYgDFehnHgIdKzU2Bg;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CLWrxJnDiYgDFehnHgIdKzU2Bg;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=2027637194
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Aug 2024 21:18:28 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"7889510963442078907"}],"aggregatable_trigger_data":[{"filters":[{"14":["13639100"]}],"key_piece":"0xbcf46ed9d0fcdb0e","source_keys":["12","13","14","15","16","17","18","19","20","21","628579056","628579057","628579058","628579059","899991472","899991473","899991474","899991475"]},{"key_piece":"0x2399c646a7cb1edc","not_filters":{"14":["13639100"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628579056","628579057","628579058","628579059","899991472","899991473","899991474","899991475"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628579056":32,"628579057":32,"628579058":32,"628579059":3177,"899991472":32,"899991473":32,"899991474":32,"899991475":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2982197056539485465","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7889510963442078907","filters":[{"14":["13639100"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"7889510963442078907","filters":[{"14":["13639100"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"7889510963442078907","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"7889510963442078907","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12702588"]}}
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
image/png
location
https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CLWrxJnDiYgDFehnHgIdKzU2Bg;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=2027637194
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1673
bttrack.com/pixel/retarget/ 		0
0
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1648638&seg=32474541&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1648638%26seg%3D32474541%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1648638%26seg%3D32474541%26t%3D2
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:28 GMT
an-x-request-uuid
879b10f6-db8b-4859-be5e-c1adbb94b6e1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.208; 193.32.248.208; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:28 GMT
an-x-request-uuid
5c393c9f-5588-4ffb-836c-b736f1480906
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1648638%26seg%3D32474541%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.208; 193.32.248.208; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=hxkjicc&ct=0:zmh3z57&fmt=3
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
spp.pl
sp.analytics.yahoo.com/ 		43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10193172&he={INSERT_MACRO_HERE}&auid={INSERT_MACRO_HERE}
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.252.40.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-40-201.eu-west-1.compute.amazonaws.com
Software
ATS/9.1.10.134 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:28 GMT
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.134)
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS/9.1.10.134
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Thu, 22 Aug 2024 21:18:28 GMT
rs
tags.w55c.net/
Redirect Chain
  • https://tags.w55c.net/rs?id=b753d945b20448378a2f2e7c15f10576&t=homepage
  • https://tags.w55c.net/rs?sccid=4a8b29fa-5225-1e10-59c2-abaa9ba7c513&scc=1&id=b753d945b20448378a2f2e7c15f10576&t=homepage
42 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/rs?sccid=4a8b29fa-5225-1e10-59c2-abaa9ba7c513&scc=1&id=b753d945b20448378a2f2e7c15f10576&t=homepage
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
HTTP/1.1
Server
3.120.68.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-68-64.eu-central-1.compute.amazonaws.com
Software
Retargeting/v2.0.30-810-g7063ef3#rel-ec2-master i-0b06c9495afa07179@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Aug 2024 21:18:28 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-810-g7063ef3#rel-ec2-master i-0b06c9495afa07179@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Aug 2024 21:18:28 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-810-g7063ef3#rel-ec2-master i-0efdbea0dd39465b6@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Location
https://tags.w55c.net/rs?sccid=4a8b29fa-5225-1e10-59c2-abaa9ba7c513&scc=1&id=b753d945b20448378a2f2e7c15f10576&t=homepage
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
src=12702588;dc_pre=CN2KyJnDiYgDFYlIHgIdTP8DnA;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=12702588;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
  • https://ad.doubleclick.net/ddm/activity/src=12702588;dc_pre=CN2KyJnDiYgDFYlIHgIdTP8DnA;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr...
  • https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CN2KyJnDiYgDFYlIHgIdTP8DnA;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CN2KyJnDiYgDFYlIHgIdTP8DnA;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=974729952
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Aug 2024 21:18:28 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"2312017947426892582"}],"aggregatable_trigger_data":[{"filters":[{"14":["14396674"]}],"key_piece":"0x7e67843eba6b8564","source_keys":["12","13","14","15","16","17","18","19","20","21","628579056","628579057","628579058","628579059","899991472","899991473","899991474","899991475"]},{"key_piece":"0x33776725565248ae","not_filters":{"14":["14396674"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628579056","628579057","628579058","628579059","899991472","899991473","899991474","899991475"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628579056":32,"628579057":32,"628579058":32,"628579059":3177,"899991472":32,"899991473":32,"899991474":32,"899991475":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"9740503397584877995","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2312017947426892582","filters":[{"14":["14396674"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2312017947426892582","filters":[{"14":["14396674"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2312017947426892582","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2312017947426892582","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12702588"]}}
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
image/png
location
https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CN2KyJnDiYgDFYlIHgIdTP8DnA;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=974729952
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b.json
cdn.cookielaw.org/consent/1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b/1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0deb579f4758f3bb28fb6d75a3c0acf42a8d3c994dc8cfd3fd06af40fa24b75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
36873
content-md5
DHYW9DUGJ2p1mQcSvz2n5A==
content-length
1576
x-ms-lease-status
unlocked
last-modified
Thu, 27 Jun 2024 20:12:00 GMT
server
cloudflare
etag
0x8DC96E5677175BF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
db53de30-001e-008f-52ce-c8ddd6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b75e5448fdfca95-HAM
expires
Fri, 23 Aug 2024 21:18:28 GMT
collect.js
514013529.collect.igodigital.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://514013529.collect.igodigital.com/collect.js
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.251.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-251-181.compute-1.amazonaws.com
Software
/
Resource Hash
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:29 GMT
content-encoding
gzip
last-modified
Wed, 21 Aug 2024 21:17:02 GMT
vary
Accept-Encoding
content-type
application/javascript
pixel
a7tglno5hj.execute-api.us-east-1.amazonaws.com// 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a7tglno5hj.execute-api.us-east-1.amazonaws.com//pixel?pid=&event=init
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.200.25.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-25-57.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:29 GMT
content-length
43
apigw-requestid
c7et2jSKIAMEJkg=
content-type
image/gif
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BELGX2HEXN&gtm=45je48l0v892865381z8813109288za200zb813109288&_p=1724361508036&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&ul=en&cid=446438378.1724361509&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Fet_rid%3D4733585%26utm_term%3D%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&dp=%2Flogin&dt=Login&sid=1724361508&sct=1&seg=0&en=detect_user&_fv=1&_nsi=1&_ss=1&ep.country=&ep.detailed_event=Page%20Load%20Completed&ep.name=User%20Sign%20In&ep.platform_version=Booking%20Engine&ep.site_section=booking%20engine&ep.weekday_or_weekend=weekday&ep.campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&ep.source=adhoc&ep.medium=email&ep.content=152075&up.custom_user_id=&up.loyalty_id=&up.user_login_state=logged%20out&tfd=2655
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BELGX2HEXN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bookings.omnihotels.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BELGX2HEXN&cid=446438378.1724361509&gtm=45je48l0v892865381z8813109288za200zb813109288&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BELGX2HEXN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bookings.omnihotels.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BELGX2HEXN&cid=446438378.1724361509&gtm=45je48l0v892865381z8813109288za200zb813109288&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=558467321
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
a7tglno5hj.execute-api.us-east-1.amazonaws.com// 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a7tglno5hj.execute-api.us-east-1.amazonaws.com//pixel?pid=&event=PageView&eventID=1724361508402.347273.19&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.200.25.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-25-57.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:29 GMT
content-length
43
apigw-requestid
c7et2j7-oAMEJMQ=
content-type
image/gif
activityi;dc_pre=CLq_xZnDiYgDFU6PgwcdGhMnZg;src=9945854;type=rtgco0;cat=globa0;ord=8920112082045;npa=1;auiddc=181269480.1724361508;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u...
9945854.fls.doubleclick.net/ Frame 8B2D
Redirect Chain
  • https://9945854.fls.doubleclick.net/activityi;src=9945854;type=rtgco0;cat=globa0;ord=8920112082045;npa=1;auiddc=181269480.1724361508;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined...
  • https://9945854.fls.doubleclick.net/activityi;dc_pre=CLq_xZnDiYgDFU6PgwcdGhMnZg;src=9945854;type=rtgco0;cat=globa0;ord=8920112082045;npa=1;auiddc=181269480.1724361508;u1=undefined;u3=undefined;u4=u...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9945854.fls.doubleclick.net/activityi;dc_pre=CLq_xZnDiYgDFU6PgwcdGhMnZg;src=9945854;type=rtgco0;cat=globa0;ord=8920112082045;npa=1;auiddc=181269480.1724361508;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1943830390;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48l0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9945854&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
844
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Aug 2024 21:18:28 GMT
expires
Thu, 22 Aug 2024 21:18:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Aug 2024 21:18:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9945854.fls.doubleclick.net/activityi;dc_pre=CLq_xZnDiYgDFU6PgwcdGhMnZg;src=9945854;type=rtgco0;cat=globa0;ord=8920112082045;npa=1;auiddc=181269480.1724361508;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1943830390;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48l0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=9945854;type=rtgco0;cat=globa0;ord=8920112082045;npa=1;auiddc=181269480.1724361508;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=9945854;type=rtgco0;cat=globa0;ord=8920112082045;npa=1;auiddc=181269480.1724361508;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1943830390;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48l0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail?
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:28 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"2968660895898410118"}],"aggregatable_trigger_data":[{"filters":[{"14":["9389649"]}],"key_piece":"0x3ac425f83989fdbe","source_keys":["12","13","14","15","16","17","18","19","20","21","18838136","18838137","18838138","18838139","628646972","628646973","628646974","628646975","628867828","628867829","628867830","628867831","628870292","628870293","628870294","628870295","634755436","634755437","634755438","634755439","638530408","638530409","638530410","638530411","899991712","899991713","899991714","899991715","900062040","900062041","900062042","900062043"]},{"key_piece":"0x2fbfc2df075c06e6","not_filters":{"14":["9389649"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","18838136","18838137","18838138","18838139","628646972","628646973","628646974","628646975","628867828","628867829","628867830","628867831","628870292","628870293","628870294","628870295","634755436","634755437","634755438","634755439","638530408","638530409","638530410","638530411","899991712","899991713","899991714","899991715","900062040","900062041","900062042","900062043"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"18838136":59,"18838137":59,"18838138":59,"18838139":5778,"19":65,"20":65,"21":6356,"628646972":32,"628646973":32,"628646974":32,"628646975":3177,"628867828":32,"628867829":32,"628867830":32,"628867831":3177,"628870292":32,"628870293":32,"628870294":32,"628870295":3177,"634755436":32,"634755437":32,"634755438":32,"634755439":3177,"638530408":93,"638530409":93,"638530410":93,"638530411":9081,"899991712":81,"899991713":81,"899991714":81,"899991715":7946,"900062040":218,"900062041":218,"900062042":218,"900062043":21189},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"13760933598362682110","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2968660895898410118","filters":[{"14":["9389649"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2968660895898410118","filters":[{"14":["9389649"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2968660895898410118","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2968660895898410118","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9945854"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame 166F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le97XwpAAAAAP1OicOTNou9XwqgwMbSdBGLHYBF&co=aHR0cHM6Ly9ib29raW5ncy5vbW5paG90ZWxzLmNvbTo0NDM.&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=op1td77scze4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8bK2uvOosA9pb-VvvIdleQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8bK2uvOosA9pb-VvvIdleQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Aug 2024 21:18:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Page%20Load%20Started.json
cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/Page%20Load%20Started.json
Requested by
Host: schema.apolloplatform.com
URL: https://schema.apolloplatform.com/clientJS/apolloDQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-111.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8a99f7fa226be0d5bcc878f3ad41381727cb2d9dd9012c106e5cedff5e6a085

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 09:04:31 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
44437
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1272
last-modified
Wed, 26 Apr 2023 21:28:17 GMT
server
AmazonS3
etag
"8a562bbb55c47c263c38b93aebb70dc2"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
QuJ46IK1Ou7i2HiMVLHibAUakgENZPKFPU-Lr-vv14sdOeL8aGVzwg==
User%20Detected.json
cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/ 		584 B
993 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/User%20Detected.json
Requested by
Host: schema.apolloplatform.com
URL: https://schema.apolloplatform.com/clientJS/apolloDQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-111.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c919ed7913ac55a25e3b84f3995d8fb60de863d9fd4116880d975c2620373323

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 08:15:19 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Apr 2023 21:28:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
46990
x-amz-server-side-encryption
AES256
etag
"f41ff4a57b50f9eb1d3685d9c9778040"
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
584
x-amz-cf-id
RaGIYF6RQL8vdPzv8ZfxC-8CvFbBII36XErsUgymjX_pO_dNmp20bQ==
Page%20Load%20Completed.json
cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/ 		289 B
697 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/Page%20Load%20Completed.json
Requested by
Host: schema.apolloplatform.com
URL: https://schema.apolloplatform.com/clientJS/apolloDQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-111.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ab8f34de3ccd3634518dd9188b7ec7cf08e00190b5e56e6606ad3ed2c92b2dd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 08:15:20 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Apr 2023 21:28:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
46989
x-amz-server-side-encryption
AES256
etag
"4856c2ac363ca2cca9a78021417898b6"
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
289
x-amz-cf-id
4ILH0mTSXKv_aBctG9IO8JyB90_Dv0kcpqDf3VjYw3lqN402tVBWfw==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		72 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8b75e54538916a76-TXL
access-control-allow-headers
Content-Type
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Aug 2024 10:43:03 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=69335
accept-ranges
bytes
content-length
14628
collect
www.google-analytics.com/j/ 		3 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=791283767&t=pageview&_s=1&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&ul=de-de&de=UTF-8&dt=Login%20%7C%20Omni%20Hotels%20%26%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=582648459&gjid=1973303791&cid=446438378.1724361509&tid=UA-33986005-1&_gid=1290181034.1724361509&_r=1&_slc=1&gtm=45He48l0n81T9DN3NRv813109288za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=1384827056
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bookings.omnihotels.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=791283767&t=pageview&_s=1&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&ul=de-de&de=UTF-8&dt=Login%20%7C%20Omni%20Hotels%20%26%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=&gjid=&cid=446438378.1724361509&tid=UA-33986005-1&_gid=1290181034.1724361509&gtm=45He48l0n81T9DN3NRv813109288za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=2001763739
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 14:07:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25832
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
27003626.js
bat.bing.com/p/action/ 		334 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/27003626.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08a70bbce72580774f43a559d6e8f338acb64136e2c102ad2e0b5b1c1766ce16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 22 Aug 2024 21:18:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 53D6D0564CC648A7BC5EFA65D36A4995 Ref B: CPH30EDGE0616 Ref C: 2024-08-22T21:18:28Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
src=9197352;dc_pre=CMzlzJnDiYgDFdNpHgIdsHsufg;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=9197352;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
  • https://ad.doubleclick.net/ddm/activity/src=9197352;dc_pre=CMzlzJnDiYgDFdNpHgIdsHsufg;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
  • https://adservice.google.com/ddm/fls/z/src=9197352;dc_pre=CMzlzJnDiYgDFdNpHgIdsHsufg;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=9197352;dc_pre=CMzlzJnDiYgDFdNpHgIdsHsufg;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Aug 2024 21:18:28 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"9649463781519751569"}],"aggregatable_trigger_data":[{"filters":[{"14":["8311219"]}],"key_piece":"0xc60a329485be1783","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xc2e49b72d1b4fbca","not_filters":{"14":["8311219"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"1482215333809564259","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9649463781519751569","filters":[{"14":["8311219"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9649463781519751569","filters":[{"14":["8311219"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9649463781519751569","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9649463781519751569","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9197352"]}}
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
image/png
location
https://adservice.google.com/ddm/fls/z/src=9197352;dc_pre=CMzlzJnDiYgDFdNpHgIdsHsufg;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=YTBjMWU0NmEtZTM5ZC1lYTdiLWIyYjItYjE3MzkzN2JmZDM1&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=M3KxC-GLVOk9D3HNZNAx0Bbnk5suCa_Lg-Jz3iJuXb-YGVyFhE9UwAGcVUesPWF5&sjrn_ula=786550668
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=YTBjMWU0NmEtZTM5ZC1lYTdiLWIyYjItYjE3MzkzN2JmZDM1&google_nid=sojern_adh
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apn
pixel.sojern.com/idsync/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=M3KxC-GLVOk9D3HNZNAx0Bbnk5suCa_Lg-Jz3iJuXb-YGVyFhE9UwAGcVUesPWF5
  • https://pixel.sojern.com/idsync/apn?id=3423374250960288965&sjrn_id=M3KxC-GLVOk9D3HNZNAx0Bbnk5suCa_Lg-Jz3iJuXb-YGVyFhE9UwAGcVUesPWF5
42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idsync/apn?id=3423374250960288965&sjrn_id=M3KxC-GLVOk9D3HNZNAx0Bbnk5suCa_Lg-Jz3iJuXb-YGVyFhE9UwAGcVUesPWF5
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Server
107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
date
Thu, 22 Aug 2024 21:18:29 GMT
via
1.1 google
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:28 GMT
an-x-request-uuid
fad6c44d-2b9f-4372-a706-3331a28f4e8c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.sojern.com/idsync/apn?id=3423374250960288965&sjrn_id=M3KxC-GLVOk9D3HNZNAx0Bbnk5suCa_Lg-Jz3iJuXb-YGVyFhE9UwAGcVUesPWF5
x-proxy-origin
193.32.248.208; 193.32.248.208; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=M3KxC-GLVOk9D3HNZNAx0Bbnk5suCa_Lg-Jz3iJuXb-YGVyFhE9UwAGcVUesPWF5&ttd_tpi=1
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
adf
pixel.sojern.com/idsync/
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?cid=a0c1e46a-e39d-ea7b-b2b2-b173937bfd35&party=1296
  • https://c1.adform.net/serving/cookie/match?CC=1&cid=a0c1e46a-e39d-ea7b-b2b2-b173937bfd35&party=1296
  • https://pixel.sojern.com/idsync/adf?adfid=4808709293948829577&cid=a0c1e46a-e39d-ea7b-b2b2-b173937bfd35
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idsync/adf?adfid=4808709293948829577&cid=a0c1e46a-e39d-ea7b-b2b2-b173937bfd35
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Server
107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
date
Thu, 22 Aug 2024 21:18:29 GMT
via
1.1 google
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.sojern.com/idsync/adf?adfid=4808709293948829577&cid=a0c1e46a-e39d-ea7b-b2b2-b173937bfd35
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
main.MTkwN2JhZDdhMA.js
analytics.tiktok.com/i18n/pixel/static/ 		331 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTkwN2JhZDdhMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHH59LBC77U6OCP0SEB0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3f567978a7f344ccbafd6675087cfd33c5e0f9aa943aec1b64ec2b28055f9f15

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
ab4b12a0
date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240820124822F20B311C7CF218BBAE4F
x-tt-trace-id
00-240820124822F20B311C7CF218BBAE4F-72E015338ECE0E91-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-85.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010573273ad1d3e829af1035e58488eb85e7deebdb97f5898e4cf92aa912b51435f242bb98111b8259d7bd82c43fe1001e50ba8b60b4e9f72da441f90ee27b8b72327ee38ecba28fd1a7589f8f853e3cf5c351a78ea43b5cab3c3d4a88d6bd7c58
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
94987
main.1b182128.js
s.pinimg.com/ct/lib/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.1b182128.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:581::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6515981ad814530ea37bc6838f8d8cc3074eaf22dffef1b8f207959afd0a492b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"2ede1d70eab18c6ab52837a878fb9264"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
23553
210262292977069
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/210262292977069?v=2.9.165&r=stable&domain=bookings.omnihotels.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
da166bdb05a6470dda640d3002feac44ebc3088d301cf781f0607f373ef7597d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 22 Aug 2024 21:18:28 GMT
document-policy
force-load-at-top
x-fb-server-load
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13084
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=68, mss=1232, tbw=66883, tp=62, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
cWpLwxEr2vItyMN2Tugc2QNW4EAsiJK7o7BboJYTtGt21M4XpzoNL9ku7yiOsBRIy/HuQabFhNOxDC/AzleuZA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
attribution_trigger
px.ads.linkedin.com/ 		2 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=3868034&time=1724361508676&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6100046535C54CC6A31FC88F4553B317 Ref B: CPH30EDGE0310 Ref C: 2024-08-22T21:18:28Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lva1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYgTDMyYgoB9TmWXlF+uA==
x-fs-uuid
0006204c3332620a01f539965e517eb8
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1724361508676&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1724361508676&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-oh...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1724361508676&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&e_ipv6=AQIhsOj5T8-dMQAAAZF79IlwPkCMlw782enKryiRRTXzjL6iYgX1CpMKz2Ge9elxF2k8OZnT
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:29 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 306366A1834743FEB3F2670E7CDF1096 Ref B: CPH30EDGE0320 Ref C: 2024-08-22T21:18:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYgTDM88CsTsymUs+1OUA==

Redirect headers

date
Thu, 22 Aug 2024 21:18:28 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 42F47F4A6A924DBCB3AA0A77CB1E1BA5 Ref B: CPH30EDGE0919 Ref C: 2024-08-22T21:18:29Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1724361508676&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&e_ipv6=AQIhsOj5T8-dMQAAAZF79IlwPkCMlw782enKryiRRTXzjL6iYgX1CpMKz2Ge9elxF2k8OZnT
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYgTDM4t61b6qY8/yAzMg==
/
ct.pinterest.com/user/ 		321 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613054820814&cb=1724361508699&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.1b182128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8257727cd4fa3be74e55fc11f7f6d0063bcf254f8616da30e97628101f8882de

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1042912781609424
content-length
186
pin-unauth
dWlkPU16bG1abUZoTnpBdFpHWmxNeTAwTjJVMkxUbGxObUV0TjJOaVlUQTNPVGc0Tmpkag
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bookings.omnihotels.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
3241ae12ecef327d6ee2618dd13bec9ec9710d0c
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2613054820814&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%221b182128%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1724361508704
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.1b182128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:28 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://bookings.omnihotels.com
pinterest-version
3241ae12ecef327d6ee2618dd13bec9ec9710d0c
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
5838305087609402
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=210262292977069&ev=PageView&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&rl=&if=false&ts=1724361508716&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724361508715.73837140693351783&ler=empty&cdl=API_unavailable&it=1724361508661&coo=false&eid=1724361508402.347273.19&rqm=GET
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 22 Aug 2024 21:18:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=210262292977069&ev=PageView&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&rl=&if=false&ts=1724361508716&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724361508715.73837140693351783&ler=empty&cdl=API_unavailable&it=1724361508661&coo=false&eid=1724361508402.347273.19&rqm=FGET
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xafb0c99c4ab4074d","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:3800918483286899","7830:3800918483286899","10853:3800918483286899","41:3800918483286899","8046:3800918483286899"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 22 Aug 2024 21:18:29 GMT
x-fb-server-load
43
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406076288883923570", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=3085, tp=-1, tpl=-1, uplat=159, ullat=0
pragma
no-cache
x-fb-debug
/NrQ4Kdrv0w1T8HVpSeNl2cY8exS0jcxo9znkcL6w8baHx+PSwFBPExSedskZmekJjOOXw9ZAumDavU+E0fl/Q==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406076288883923570"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=27003626&tm=gtm002&Ver=2&mid=2e8788ac-effe-43d0-9c6e-c5da51eeec93&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Login%20%7C%20Omni%20Hotels%20%26%20Resorts&p=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&r=&lt=2270&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=938738
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 22 Aug 2024 21:18:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 56FD3DA413684E78B558E0E300B23E44 Ref B: CPH30EDGE0616 Ref C: 2024-08-22T21:18:28Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202406.1.0/ 		451 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7I5y/rp4ODu7ul89ty+epQ==
age
82285
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
112027
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:20:01 GMT
server
cloudflare
etag
0x8DCA5E56F667161
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c05e064f-501e-009c-79cf-d7e837000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b75e5459b1862d8-HAM
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3621851.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-3.ams54.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4cc2a0a7eb7d5483edc69be298297f9e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
2012123
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
hfKSvlV00MTkwSdC7guOpEb0CY1n9WI6DFicT9FnsCmzLrDBvOMOUg==
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.181.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-181-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ec8955d5d6e35b7943c598939ae4e5b7aec62d672470b093aefd365626713ace

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Aug 2024 21:18:28 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.181.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-181-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Aug 2024 21:18:28 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
identify_c2008b8c.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTkwN2JhZDdhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
ab4b1611
date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202407291241428A0637CBFAAEB41DCF01
x-tt-trace-id
00-2407291241428A0637CBFAAEB41DCF01-5E518F47C6012312-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-85.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01e33994960eedba4d9d64bb2cce523cc44cf9a1ceb6067a86a86c193f5f828f28bdf557cde35992181eb3e1ed8857856db1b699a90312147d7379f71cee1d04dd01e66feac1f106f50fe3bcde315804ca4d23cf41cda1e80b4cdebaad1c4e97a7
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39594
pixel
analytics.tiktok.com/api/v2/ 		0
873 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTkwN2JhZDdhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
27ba50dd.ab4b1612
date
Thu, 22 Aug 2024 21:18:28 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240822211828214CA1E66DF44869C635-3769B350E8872925-00
x-cache
TCP_MISS from a2-20-179-85.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time
129,2.20.179.85
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=42, inner; dur=34
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240822211828214CA1E66DF44869C635
x-cache-remote
TCP_MISS from a23-218-222-20.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
42,23.218.222.20
x-tt-trace-host
016c20600c93d5b4c0f90f27deb184ebe23fd36d72c9aaa814cfd95262d320df1a170e0840ec55c6162ac42f408b086fbfd047724b1d11b71252bb10a4c4a057beef1decfb66564f01735ece4cfc42e206afe7f0862504e0db10337c13b2b3b14ebfbb95b613581fcbd050f372a9eb392b
access-control-allow-headers
Authorization,*
expires
Thu, 22 Aug 2024 21:18:28 GMT
runtime_6459738026535cda4232dc813c61447d.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/5615/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:41:52 GMT
content-encoding
br
ad-auction-allowed
true
age
2482597
x-guploader-uploadid
AHxI1nOtGS0mFXir4DNYBw7iDrIGN5XGkp0ykcIqrZEprN-K6CZ6HH0A1tX7BGwBI8XcVbVomLg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1316
last-modified
Wed, 24 Jul 2024 15:06:02 GMT
server
UploadServer
etag
"09512239cb2a22728ca9f8608dfc2181"
x-goog-generation
1713883050962681
x-goog-hash
crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
1316
accept-ranges
bytes
content-type
text/javascript
en.json
cdn.cookielaw.org/consent/1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b/ac28045b-6313-4aae-ae01-51ef06f8f87f/ 		117 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b/ac28045b-6313-4aae-ae01-51ef06f8f87f/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e407a994358c787157ad3a465ce12dcec6c51abf84337d097bc5d6840ef6af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
36873
content-md5
ZXTDBj5wsfNycnYf2m7pCw==
content-length
22643
x-ms-lease-status
unlocked
last-modified
Thu, 27 Jun 2024 20:12:03 GMT
server
cloudflare
etag
0x8DC96E56949EF25
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2244b4dc-001e-00ad-1fce-c8b3e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b75e54619d3ca95-HAM
expires
Fri, 23 Aug 2024 21:18:28 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Aug 2024 21:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sHJXWIgDpMKY35PyRRy4zQ==
age
18831
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3003
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:19:54 GMT
server
cloudflare
etag
0x8DCA5E56B3084E2
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e02b3de5-301e-002d-5c83-d8104a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b75e5468a20ca95-HAM
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Aug 2024 21:18:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
HyPJ72TNHxdfOI82cqKVqA==
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:20:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b94b99f7-601e-0053-3983-d88f85000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b75e5468a23ca95-HAM
saq_pxl
tags.srv.stackadapt.com/ 		94 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=RyRCfsnbaVa9UDYqPKC--w&is_js=true&landing_url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&t=Login%20%7C%20Omni%20Hotels%20%26%20Resorts&tip=c-5R91RMnmsObz08c5cS2eV7KYQfQ4ZSfunXY39uxR8&host=https%3A%2F%2Fbookings.omnihotels.com&sa_conv_data_css_value=%270-3e24f711-1f13-55b6-69d3-385a051b0fb9%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd93e24f7111f1355b669d3385a051b0fb9c120f8d0&l_src=&l_src_d=&u_src=adhoc&u_src_d=2024-08-22T21%3A18%3A28.753Z&shop=false&sa-user-id-v3=s%253AAQAKIAvrl3lTQBG6hJHuk-_O8y5Wd-6cMm2JeaFsw14To1uvENYBGAQgpNaetgYwAToEED3EAEIEE4nTrw.u8ytO1wUSzj3oDHJjRuiMFUcQwpwSMkLuTafnuZfFyo&sa-user-id-v2=s%253APiT3ER8TVbZp0zhaBRsPucEg-NA.VJagCTDi0We7Vca%252FpBjJ4wSERovxEakX3mA4nJFXLBE&sa-user-id=s%253A0-3e24f711-1f13-55b6-69d3-385a051b0fb9.8REgQkKO%252BUqcfZWy9F8rj8bgd%252FR90cohUxfA5PkAA4w
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.181.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-181-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://bookings.omnihotels.com
date
Thu, 22 Aug 2024 21:18:29 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
94
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bookings.omnihotels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Aug 2024 21:18:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
19755
x-ms-lease-status
unlocked
last-modified
Thu, 22 Aug 2024 07:42:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
efff3bc1-d01e-00af-5898-f4b11a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b75e546fd0b62d8-HAM
act
analytics.tiktok.com/api/v2/pixel/ 		0
716 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTkwN2JhZDdhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
ab4b1b7d
date
Thu, 22 Aug 2024 21:18:29 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240822211829570653677760DEB6FCBB-6D92187EFAA53D08-00
x-cache
TCP_MISS from a2-20-179-85.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing
inner; dur=19, cdn-cache; desc=MISS, edge; dur=7, origin; dur=108
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240822211829570653677760DEB6FCBB
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
109,2.20.179.85
x-tt-trace-host
016c20600c93d5b4c0f90f27deb184ebe2bb279c731ab3aacf4372b0ebe85d4586f4d1b50eb77ace921fdaacf979f12d2e2e38f841b27ca1c15e78aec8b311070fc67494dc2769ba7f8887e85c510f47f053614362d90fc7f2d859a355dd0cc770
access-control-allow-headers
Authorization,*
expires
Thu, 22 Aug 2024 21:18:29 GMT
js
bttrack.com/engagement/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/js?goalId=15411&cb=1724361509014
Requested by
Host: cdn.bttrack.com
URL: https://cdn.bttrack.com/js/15411/analytics/1.0/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.67 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.67.bidtellect.com
Software
/
Resource Hash
4004a8ee755939ed6730ce45ba2ac28148ff7efdacd2a77ddcc261536ec33fe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-servername
Track001-iad
pragma
no-cache
date
Thu, 22 Aug 2024 21:18:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/javascript; charset=utf-8
cache-control
private,no-cache
expires
-1
advertiser
cm.teads.tv/v2/ 		137 B
585 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&advertiser_id=31741
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.181.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-181-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0e1ee1f5a91680a05010a5468caaa4d5ebfc05ba1b288edbfb0540ceb6632b52

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Aug 2024 21:18:29 GMT
Observe-Browsing-Topics
?1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://bookings.omnihotels.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
137
Expires
Thu, 22 Aug 2024 21:18:29 GMT
event
bttrack.com/engagement/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215411%22%2C%22sessionId%22%3A%22c68ec7a8-3598-45ea-b699-7a1bf3f1191d%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by
Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15411&cb=1724361509014
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.67 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.67.bidtellect.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-servername
Track001-iad
pragma
no-cache
date
Thu, 22 Aug 2024 21:18:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/plain
access-control-allow-origin
*
cache-control
private,no-cache
content-length
0
expires
-1
getpixels
bttrack.com/engagement/ 		0
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/getpixels?gid=15411
Requested by
Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15411&cb=1724361509014
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.67 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.67.bidtellect.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-servername
Track003-iad
pragma
no-cache
date
Thu, 22 Aug 2024 21:18:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/html
access-control-allow-origin
*
cache-control
private,no-cache
content-length
0
expires
-1
tag.html
fledge.teads.tv/v1/interest-group/ Frame E6E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fledge.teads.tv/v1/interest-group/tag.html
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.181.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-181-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Ad-Auction-Allowed
true
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
539
Content-Type
text/html; charset=utf-8
Date
Thu, 22 Aug 2024 21:18:29 GMT
Expires
Thu, 22 Aug 2024 21:18:29 GMT
Pragma
no-cache
track
t.teads.tv/ 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.teads.tv/track?action=browser-topics&env=js-web&tag_version=6.20.0_03d6d47&provider=tag&advertiser_id=31741&referer=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%3Dundefined%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&user_session_id=c4859a8a-5faf-4a17-bac8-5f0232da3a8c
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.101.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-101-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:29 GMT
observe-browsing-topics
?1
content-type
image/gif
access-control-allow-origin
https://bookings.omnihotels.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
23
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.20.0_03d6d47&provider=tag&advertiser_id=31741&referer=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%3Dundefined%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&user_session_id=c4859a8a-5faf-4a17-bac8-5f0232da3a8c
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.101.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-101-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 22 Aug 2024 21:18:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
expires
Sat, 26 Jul 1997 05:00:00 GMT
conversion
cm.teads.tv/v3/ 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.teads.tv/v3/conversion?action=pageView&env=js-web&tag_version=6.20.0_03d6d47&provider=tag&advertiser_id=31741&referer=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%3Dundefined%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&user_session_id=c4859a8a-5faf-4a17-bac8-5f0232da3a8c
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.181.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-181-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Attribution-Reporting-Register-Trigger
{"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1724361509","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date
Thu, 22 Aug 2024 21:18:29 GMT
Observe-Browsing-Topics
?1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 22 Aug 2024 21:18:29 GMT
main-v2_21ccd07868faedfb910eb6abb0bce064.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		505 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_21ccd07868faedfb910eb6abb0bce064.br.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/5615/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f6ac43240471ab2b5f276378644c9e0d24e7d2a1e18374a9c75e2e980a3fec4a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 15:38:37 GMT
content-encoding
br
ad-auction-allowed
true
age
106792
x-guploader-uploadid
AHxI1nOsMMcSdaaCbWZnwYDsYEbq_IE4_arv8WXjHem0gEzl6K3qqRBuND3LRaRbBVPdeJ8pS6Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113057
last-modified
Wed, 21 Aug 2024 15:38:29 GMT
server
UploadServer
etag
"e7bc3926dc256d86792bf7edccff6176"
x-goog-generation
1724254709216276
x-goog-hash
crc32c=YL4OWQ==, md5=57w5JtwlbYZ5K/ftzP9hdg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
113057
accept-ranges
bytes
content-type
text/javascript
cjs_min_3a843477d8e318f67237a66d0a58c542.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/5615/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 22:11:16 GMT
content-encoding
gzip
ad-auction-allowed
true
age
1638433
x-guploader-uploadid
AHxI1nPL-oALqNZq0lFTcNfuQhARgfWFGZV51H6gqxVphHTSJqyk7w5Gs4XCux2fqKvFrM0rMxPofv6h_Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15748
last-modified
Mon, 22 Apr 2024 20:59:52 GMT
server
UploadServer
etag
"1eb885454ea6bef1c9747800702959de"
x-goog-generation
1713819592631797
x-goog-hash
crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000,no-transform
x-goog-stored-content-length
15748
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
track_page_view
nova.collect.igodigital.com/c2/514013529/ 		43 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/514013529/track_page_view?payload=%7B%22title%22%3A%22Login%20%7C%20Omni%20Hotels%20%26%20Resorts%22%2C%22url%22%3A%22https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail%22%2C%22referrer%22%3A%22%22%7D
Requested by
Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.251.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-251-181.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-runtime
0.013628
date
Thu, 22 Aug 2024 21:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
x-xss-protection
1; mode=block
x-request-id
78c1f273-f9b6-48fb-8988-07cac0e35943
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3621851&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.220.83.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-83-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4e6c8c8eb1313ab359ee3601abf40985556272577f070045f9dab15dcd2e8160

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Aug 2024 21:18:29 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.121.15 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.121.117.34.bc.googleusercontent.com
Software
/
Resource Hash
0869744a5242249d78d150c4fa9496c32192f67745486c9681180d6a18fd0550

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Aug 2024 21:18:29 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.44 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
44.20.149.34.bc.googleusercontent.com
Software
/
Resource Hash
f495f75d8e073c48d77c5a0e3a8017c9bdc65e2b52e6d6695203629dc2df083f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Aug 2024 21:18:29 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.220 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
220.183.102.34.bc.googleusercontent.com
Software
/
Resource Hash
a9fc942887009f415ce8c2d14d6fcf3a4025b22523fc1c40723897f9118d57d8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Aug 2024 21:18:29 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
inbox-v2_8b00c97e2219e5686c0a4fcd0a475cf3.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_8b00c97e2219e5686c0a4fcd0a475cf3.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_21ccd07868faedfb910eb6abb0bce064.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c09ac19649ee099b07d720801552c98d4be47fb4f1008fa1668c340ede90ac2f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 17:29:28 GMT
content-encoding
br
ad-auction-allowed
true
age
1309741
x-guploader-uploadid
AHxI1nNCs44TQ0irh2NPRhw9hphN2yH1Ay9pFYpc8Oan749s1rafKKw8qr5mBvFHB2RGXYgVBoqP9U5vxg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5448
last-modified
Wed, 07 Aug 2024 17:29:08 GMT
server
UploadServer
etag
"02d3480947cda0d9d90a67fcddf60ded"
x-goog-generation
1723051748343352
x-goog-hash
crc32c=7zEZiQ==, md5=AtNICUfNoNnZCmf83fYN7Q==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
5448
accept-ranges
bytes
content-type
text/javascript
onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_21ccd07868faedfb910eb6abb0bce064.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:41:50 GMT
content-encoding
br
ad-auction-allowed
true
age
2482599
x-guploader-uploadid
AHxI1nO_mDWFgvfD5sxvra5pktNIGtTEOuIBUCC80p_1mIzOI2vTFV6qp-copJ__HU4JC8-RLoE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5003
last-modified
Wed, 24 Jul 2024 15:05:55 GMT
server
UploadServer
etag
"7ff99b6f1cea743cef749de91009e764"
x-goog-generation
1713883044855037
x-goog-hash
crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
5003
accept-ranges
bytes
content-type
text/javascript
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 2238 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_21ccd07868faedfb910eb6abb0bce064.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
ad-auction-allowed
true
age
2482572
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Thu, 25 Jul 2024 03:42:17 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Wed, 24 Jul 2024 15:05:28 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1721833528211758
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
AHxI1nNybWJqrvqebofVXi5seF3ucK9mauFF1EQlYzS9xN-e6Fea6pHPj-y2iOn4XoCHM64IpJ6xEaDoxQ
lookup
pd.cdnwidget.com/ 		74 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pd.cdnwidget.com/lookup?deviceID=undefined&bxwid=5615&bxdid=6807822123588308519&visitID=1724361509588754&enableUID2=false
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_21ccd07868faedfb910eb6abb0bce064.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
f309b4b6297e8c886d8d6b1ff31decc2d09f6eecf7804e3325bf5a2d3a5eac55

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:29 GMT
x-envoy-decorator-operation
id-resolution.id-resolution.svc.cluster.local:9000/*
via
1.1 google
server
istio-envoy
content-type
application/json
access-control-allow-origin
*
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
/
px.ads.linkedin.com/wa/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Aug 2024 21:18:28 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: AB04200D9B394B8CAC54F5CFAFCF22CF Ref B: CPH30EDGE0919 Ref C: 2024-08-22T21:18:29Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://bookings.omnihotels.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYgTDNAFDyLcQ4c2UcckQ==
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.1b182128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:29 GMT
x-cdn
fastly
age
2028
etag
"16d5d552603d86726ae439fc61299d42"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4103
ct.html
ct.pinterest.com/ Frame 226F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.1b182128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Thu, 22 Aug 2024 21:18:29 GMT
pinterest-version
3241ae12ecef327d6ee2618dd13bec9ec9710d0c
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
2968206376712339
up
insight.adsrvr.org/track/ Frame B069 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=yfvavnx&ref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&upid=s2p53hs&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length
0
content-type
text/html
date
Thu, 22 Aug 2024 21:18:29 GMT
server
Kestrel
up
insight.adsrvr.org/track/ Frame B186 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=wn5plxq&ref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&upid=0cbz3wn&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length
0
content-type
text/html
date
Thu, 22 Aug 2024 21:18:29 GMT
server
Kestrel
favicon.ico
bookings.omnihotels.com/images/favicon/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bookings.omnihotels.com/images/favicon/favicon.ico?a6ac1c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec33225de79266bd483b6fe0bca2d9fafbbb9155df5a25011fe0d669411416e9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&et_rid=4733585&utm_source=sfmc&utm_term=&utm_content=152075&utm_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_id=4733585&sfmc_activityid=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&utm_medium=email&sfmc_journey_id=56b3d4a8-e19e-42e3-8681-36d2992991ae&sfmc_journey_name=ho-rmeia-lrbna_daprdses_ewpetskasea_gu42&sfmc_activity_id=6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe&sfmc_activity_name=ho-rmeia-lrbna_daprdses_ewpetskases__gua2g4&sfmc_asset_id=152075&sfmc_channel=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:29 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-encoding
gzip
cf-cache-status
HIT
age
18832
referrer-policy
same-origin
last-modified
Wed, 19 Jul 2023 11:27:14 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64b7c892-3c2e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
image/x-icon
access-control-max-age
1000
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=2592000
cf-ray
8b75e54bff18630a-HAM
access-control-allow-headers
x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
expires
Sat, 21 Sep 2024 21:18:29 GMT
init1.js
api.bounceexchange.com/bounce/ 		36 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=1479&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYAmAFgGYA2fAVgAYBOADjps2AC8QoBafYupgDuAUwBGOVMBEB9VABMoNamwBOInCAA2cNBgKU6dAB78jmdTBGr1qqNgCGWragQBzGXFVaoAC2DAAA44AKTkAIIhxABiUdFiICAA1q5uOAB0IAC2CKi+INJaGUjZcVogbq5h0bpZMlki8qhwWWEAIiJZDqhaUZS1MppeSCLtDvL5SH0DSA5Zgd1uCO1N6ig8IL6qPJ3dWjxiqg4I8jIL8uo4g6IiwcAOSRqDHg5wbmR9IsAyqgrtpIRyOQaEwaNNgHUhqoRu0cDAslNiP0ITJpKpWuQ2uC6iUENI8e1aAJCGCkQM-pjlGJyPJSA4mDt8AwRDxSMQROQeExKEx8DwqPJiAwGEKGPgHKMkXCEXJ5P9AcDQX1pUgZA4UKgAG5SACeFLalBETDpNGpPEI+CQxFZIlIlB4DjEdAcPCMIjoMDoNKQTCs2PqjWaGI6XR6yvhqrAIC8CBEOtl7SpNLpDJETJZbI5XJ5fIFotF4sllBVMijMbjMgQc1GmPyPHRIlQLq0qjEVZk8gcgVU8hwTxEQkCXxwSQcfYcMjccDZ4Zl6rQ2uA8f1huNDlNnItVptdodTpdbo9XvkPr9Uojao1i-jVYa7TrDabPBbbYnne7vf7g+Ho77V0ncAOMQbikLOqpjn23z6kSdAkmBMhIL4xyxr0mK7D0mDapI3wlMkqAiFAISEAAQlExBaIEZFhJExDEP4QShMQNARFENAxKxMQJHh7gZNkuT5IUxSlExMTlJUyxMeQNQog0TQtKxaGhr0InIpC0bQpKzFtOMkwcapCFzAsqBLApbSrCI6ybNs6H7IcxynOclzXCItw4PcjxXDgLxvB8KlfD8fySW0AJAiCpJsfpUIwkFKp6QMaKtEFcUori+LAKZMFwSp5JykFSa0vSjLMqy7KctyvL8pQgrCgWEp6SWgVaSFirheec5XrqjWYquJpmlu1qkLa9qOs6rp0O6nrer6mlkjJgbyUFNn1ReZaqLGy65Vp+UpkVGaldmFV5jVwqFstMqretlbVqZD4NE+L7tu+PZ-jIA5DsAI5jiIE5TjOKlUcQADCZGqFRLG0VRhBtNgiQpARRGkbRTS5cQ1FkTysFMLR-CKkw5B0KCTIA8DtHaij1FEGQVC0IwIJMCSoFA2Rmpg5EJFkSImrWDIYluI0cgSajEQwE4fZEViTO0YE8jRKgqhuQAMiA4ys8AqhwJKJPEPIbiswjZGoDgAAK6jatGOCA3AbnZNYrMi0UmsGzgADKcASEgvxiLbEPC6Lju0YbAAqIjGMArvu573tC+E9ti5LxCzIhsgfazlMUCojAsGCUPi5hDjywA2rz-OuAAurAft54XnPc8XpxlxXDsw3hyeJDz+d843faYGIgRQIIXx9wXpeYIEH32CU8wuMcIwyDAWgOG49iakhUBAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_21ccd07868faedfb910eb6abb0bce064.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 21:18:29 GMT
content-encoding
gzip
x-envoy-decorator-operation
legacy-api-tier1.legacy-api.svc.cluster.local:80/*
via
1.1 google
content-type
text/html; charset=UTF-8
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-envoy-upstream-service-time
13
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BELGX2HEXN&gtm=45je48l0v892865381z8813109288za200zb813109288&_p=1724361508036&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&ul=en&cid=446438378.1724361509&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Fet_rid%3D4733585%26utm_term%3D%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&dp=%2Flogin&dt=Login&sid=1724361508&sct=1&seg=1&en=page_view&ep.country=&ep.detailed_event=Page%20Load%20Completed&ep.name=User%20Sign%20In&ep.platform_version=Booking%20Engine&ep.site_section=booking%20engine&ep.weekday_or_weekend=weekday&ep.campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&ep.source=adhoc&ep.medium=email&ep.content=152075&ep.count_page_load_completed=1&_et=2&tfd=7658
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BELGX2HEXN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bookings.omnihotels.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SmarterHandler.ashx
tr2.smarterhq.io/app1/ 		7 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=1979941823&i=7b2hrefqup-1&cb=_smtr.postprocess&cu=true&bv=2.7.14&utc=-120&utm_campaign=direct-ohr-email-brand_padres_sweepstakes_sg_aug24&pt=5&href=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&hostn=bookings.omnihotels.com&pathn=%2Flogin
Requested by
Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/omni.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.17.244 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
62d2b289923f4ac801870b808ea8fc97e60053b7659040e6787344512889b4f6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 21:18:33 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
7
content-type
text/javascript
event
bttrack.com/engagement/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bttrack.com
URL
https://bttrack.com/pixel/retarget/1673
Domain
bttrack.com
URL
https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215411%22%2C%22sessionId%22%3A%22c68ec7a8-3598-45ea-b699-7a1bf3f1191d%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A2%2C%22url%22%3A%22https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| $ function| jQuery object| dataLayer function| Popper function| _extends function| _typeof function| LazyLoad object| bootstrap function| InputMask object| inputMask string| property function| handleAddingSpinner function| handleKeyDownOnTabList function| focusNextTab function| noScroll function| openWidget function| closeWidget function| cleanCancellationPolicyFromPms function| showTooltip function| hideTooltip function| toggleTooltip function| handleTriggerKeyup function| setDatepickerPos function| handleMobileToDesktopView function| toggleMobileDesktopView function| refreshSlick function| createApiUrl function| onloadCallbackOfRecaptchaEnterprise function| toggleValidityMessage function| showErrors function| userInput object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| pmg object| img string| GoogleAnalyticsObject function| ga string| TiktokAnalyticsObject object| ttq object| _pxDataLayer function| __pxDataTag object| pxcelData object| s string| _linkedin_data_partner_id string| key object| _smtr string| _randomPageId function| fbq function| _fbq function| pintrk string| url string| vpv function| saq function| _saq function| hj object| _hjSettings object| data object| script function| gtag function| OptanonWrapper object| _etmc object| gaGlobal function| apolloDQInit function| jspbGetTypeName object| recaptcha object| closure_lm_646315 function| ttd_dom_ready object| ttd_up_api function| TTDUniversalPixelApi object| ttdPixel function| UET function| UET_init function| UET_push object| gaplugins object| gaData object| ueto_e6bdd141ee object| uetq object| shqChromeOnsiteResponse object| _shqdbl object| _shqDebug object| SmtrRmkr function| lintrk boolean| _already_called_lintrk string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| bouncex object| Optanon object| OneTrust object| res object| saCookies string| current_window_url_param object| bidtellectEngagement object| teads_e number| teads_adv_id object| bidtellect boolean| first_party_cookie_allowed boolean| teads_tracking_allowed string| advertiser_domain string| teads_session_id object| teads_tracking_events_sent object| webpackChunksmart_tag object| _etmc_temp string| func_name object| args string| collect_url object| regeneratorRuntime object| bxgraph function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| ORIBILI

56 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ACgiStxJS0xC8aTgSXdzLoDzOObvFtPs1t4tJv9glIx8y6Imt6YxrG0UwTVL3hj4ORSzEd0iqrzkrF4o1XAYeaA
bookings.omnihotels.com/ Name: P3_GEO_2021
Value: eyJpdiI6InRORlhTOXpubVRVSndQeFVJcVp3NUE9PSIsInZhbHVlIjoiZThsalZWV0ltbGJYN3BadFlPaVdPMENBM2l3WFdoeVBxajJHOWR4TFpvTkM3T1JmemFHaFBuOHRwc1J4a08vVXc4NGlvOGovSG96Wjk2dGk1TFcvbk9MM0RaVEtSUmxCaDFReFprbmpTdldzY2hUOU5US0R5N3BQQng3Q2V5RGprZEJJV3doV1hpdXRSUUFjS1lzSThWNFQ5UXRja0ErRlFDY2hyRGJJWHZwRHUzQkw5Q0VVVzA0enFDYUJFOVl6N2J4NGIreTltRjZoai9WZnRiKzF3Q3dGV0pDakdsV1hrR0x3Y2VIUTYwYmFBeDliL29WZ1I3UFEydklSbS9MSEF6NnB6bTlvZmxBRjQ3Q3FLV3IyK2JKMjl2VU5xc2JsMkQ5YmQrUmp6U0tGTkh1dWpNeVZoVXY3aUJya2RBaUFibW53UTBZczBmdXRhTlQvdnZzRWE5Y0dnSE9nT3I5amRRY3AwaDRnWEo3UmJUQUVVMGI1Y2JEdU0rNjVURXQ0cmlNVG9ZSGpvdEZSM1VXTFlZb296QzhLbW5BMHZOaTFQS2pBVExSdDRkaHdVWXBqYWJGTmJIMElQRzJLZGlscUxWbkZkWWVBUTdGWGErc1d3cHAxUTVrZmkrMTcyVi91c2hyV2s0QTlPU0FGb0kwNXYxc3Z0NjEyeVJkc0Vqc1g3dFp1M3N6cDczQ2dQRFJKUXRoeUxHWUNKbFNiNW1BZk9VSTFTbzZWK3NVPSIsIm1hYyI6IjI2OTdhYjAyNmI5NTRmNTEzN2YzNDBhMjc5ZWYwYjg3YjUyZTc2NDFlMDVkYjVjOWFlOWY0OWU5ZTFiNzIxODgiLCJ0YWciOiIifQ%3D%3D
bookings.omnihotels.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImxESDRuSUhGdFJQTENlTlVmVTAweVE9PSIsInZhbHVlIjoiUGVuWDdYM3RFMG8rQXEvYzR4VTZpVzhmam5WbU9Fb3FEazYwYmtoNVlIMDRNak5Na1hOVENDcmx1eHptZTh0WlREa204enVaYzE4M0YwNEZJbWdmdXZHNEZ1WmVDOFBiT2t3TjQ3TnRZSVlhSWpXMXJzVHduUlpua1ZzSENQWSsiLCJtYWMiOiI1MmJhNmEwMzM2OGY1NzUxMjc4OGY0M2Q4YzU5MzNiMWFjNDE1YjJkMDE1ODgzZmFhYzA5N2ExNDlmOGQ2MTM0IiwidGFnIjoiIn0%3D
bookings.omnihotels.com/ Name: laravel_session
Value: eyJpdiI6ImpRaDBWVFpjRElCdjhlRjZLUzM2Y2c9PSIsInZhbHVlIjoiQXc2bWY1S1BCd1h1bkIwWnp3Q215cjUzdmJ0dXFYYXBnUmlpQ25qRE1wMCthZWQrazU1QjRTR1Zwekc1emdYdmRxVUFMUnY5VGZ3czgvRlh4SWxQODNtT2F6VCtQa2JYWDViZUZWL3g4MzRqbTVHQVVoNTNIVDNvbHR5VW1KeTYiLCJtYWMiOiJhM2U2Y2U3YTk5YTk0ZDhiYmNhNWFlMDQ0OTZhMGJkMDU2ZWQ2OWZlYjc4OWM0YjFiODI2NmU2ZTAxODk1NTRiIiwidGFnIjoiIn0%3D
bookings.omnihotels.com/ Name: utm
Value: eyJpdiI6InJWNGpDdUx5eDg1eUJMNHZaUlRFVlE9PSIsInZhbHVlIjoiaGxtR1U2RzJmQ3lNZldTaXpVWEZ4WGN3VDFWN2N1S3VJRWx3WXJwTldkck5pWFR1NlY0ckpqNFoxZFdyU3RZNzVWS2hUSkc0SzM1UzNNa05IQnhHQTNmZDIwQlg4ZktjaUl1akU5MjlqaHRpVW14Y05xMFVzcUd2dDgvaXhibmtpZDZSY0J2MElLeWlGT2taQmZVdTVyYTU3SUJFTitjVWhzM1o0eFd2SXdZZXI5VDZLZWV6dGtzWFgzL1Y2Y1hpMUFwd2ZsTFRMVlZHNnh4b0ZlR2lCZz09IiwibWFjIjoiNTdiMWI5MDA5YjI0ZDNhYzc4OTM2YWY0MDIzZThkM2Y4ZDQ0MDZkY2YzODg2MmY4ZTA0YjVjZWFkYWFkZWIxNyIsInRhZyI6IiJ9
.omnihotels.com/ Name: _gcl_au
Value: 1.1.181269480.1724361508
.omnihotels.com/ Name: _ga_BELGX2HEXN
Value: GS1.1.1724361508.1.1.1724361508.60.0.0
.tiktok.com/ Name: _ttp
Value: 2l1xiC2V8xOGV4WaS4ttWXq03I8
.omnihotels.com/ Name: _ga
Value: GA1.2.446438378.1724361509
.omnihotels.com/ Name: _gid
Value: GA1.2.1290181034.1724361509
.omnihotels.com/ Name: _gat_UA-33986005-1
Value: 1
.bookings.omnihotels.com/ Name: _ga
Value: GA1.3.446438378.1724361509
.bookings.omnihotels.com/ Name: _gid
Value: GA1.3.1290181034.1724361509
.omnihotels.com/ Name: smtrsession
Value: cameFromEmail%7Ctrue
.omnihotels.com/ Name: _fbp
Value: fb.1.1724361508715.73837140693351783
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3e24f711-1f13-55b6-69d3-385a051b0fb9.8REgQkKO%2BUqcfZWy9F8rj8bgd%2FR90cohUxfA5PkAA4w
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3e24f711-1f13-55b6-69d3-385a051b0fb9.8REgQkKO%2BUqcfZWy9F8rj8bgd%2FR90cohUxfA5PkAA4w
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3APiT3ER8TVbZp0zhaBRsPucEg-NA.VJagCTDi0We7Vca%2FpBjJ4wSERovxEakX3mA4nJFXLBE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3APiT3ER8TVbZp0zhaBRsPucEg-NA.VJagCTDi0We7Vca%2FpBjJ4wSERovxEakX3mA4nJFXLBE
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAvrl3lTQBG6hJHuk-_O8y5Wd-6cMm2JeaFsw14To1uvENYBGAQgpNaetgYwAToEED3EAEIEE4nTrw.u8ytO1wUSzj3oDHJjRuiMFUcQwpwSMkLuTafnuZfFyo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAvrl3lTQBG6hJHuk-_O8y5Wd-6cMm2JeaFsw14To1uvENYBGAQgpNaetgYwAToEED3EAEIEE4nTrw.u8ytO1wUSzj3oDHJjRuiMFUcQwpwSMkLuTafnuZfFyo
bookings.omnihotels.com/ Name: sa-u-source
Value: adhoc
bookings.omnihotels.com/ Name: sa-u-date
Value: 2024-08-22T21:18:28.753Z
bookings.omnihotels.com/ Name: sa-user-id
Value: s%253A0-3e24f711-1f13-55b6-69d3-385a051b0fb9.8REgQkKO%252BUqcfZWy9F8rj8bgd%252FR90cohUxfA5PkAA4w
bookings.omnihotels.com/ Name: sa-user-id-v2
Value: s%253APiT3ER8TVbZp0zhaBRsPucEg-NA.VJagCTDi0We7Vca%252FpBjJ4wSERovxEakX3mA4nJFXLBE
bookings.omnihotels.com/ Name: sa-user-id-v3
Value: s%253AAQAKIAvrl3lTQBG6hJHuk-_O8y5Wd-6cMm2JeaFsw14To1uvENYBGAQgpNaetgYwAToEED3EAEIEE4nTrw.u8ytO1wUSzj3oDHJjRuiMFUcQwpwSMkLuTafnuZfFyo
.omnihotels.com/ Name: _tt_enable_cookie
Value: 1
.omnihotels.com/ Name: _ttp
Value: sPRLCVp5E_-byXDEzWLYTBKU_k-
api.edkt.io/ Name: ar_debug
Value: 1
api.edkt.io/ Name: ar_debug_uuid
Value: 17661767980887527903
.adnxs.com/ Name: XANDR_PANID
Value: Aeu49xT_f1ZZ66v8AOKFdc7NbwTbKiqvi5y4QLGMSajA4lQ9Sx5t1VkNOG2ELnfeoteGuouemcR4eD6O5BEosSswj7jW_MKJPJst3I4oMNE.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 3423374250960288965
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E>2h2*FE!]tbP6j2F-XstGt!@Did$r*+/
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.pinterest.com/ Name: ar_debug
Value: 1
.bookings.omnihotels.com/ Name: _pin_unauth
Value: dWlkPU16bG1abUZoTnpBdFpHWmxNeTAwTjJVMkxUbGxObUV0TjJOaVlUQTNPVGc0Tmpkag
.w55c.net/ Name: wfivefivec
Value: rhFHSNs01SHfco2
.omnihotels.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Aug+22+2024+23%3A18%3A28+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202406.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=4e08018b-baaf-48c8-b26b-57e01f57b115&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-brand_padres_sweepstakes_sg_aug24%26et_rid%3D4733585%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D152075%26utm_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_id%3D4733585%26sfmc_activityid%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26utm_medium%3Demail%26sfmc_journey_id%3D56b3d4a8-e19e-42e3-8681-36d2992991ae%26sfmc_journey_name%3Dho-rmeia-lrbna_daprdses_ewpetskasea_gu42%26sfmc_activity_id%3D6e84a5b3-71c2-4e46-ab0a-00e0f03dc8fe%26sfmc_activity_name%3Dho-rmeia-lrbna_daprdses_ewpetskases__gua2g4%26sfmc_asset_id%3D152075%26sfmc_channel%3Demail&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1%2CC0005%3A1
.doubleclick.net/ Name: IDE
Value: AHWqTUnRUV14CZkdapP1gjIs_irvyseovd5xG7ohoFZhVAmzkj7SbAl_tua6j1TsIGA
.sojern.com/ Name: cid
Value: a0c1e46a-e39d-ea7b-b2b2-b173937bfd35#1724284800000
.sojern.com/ Name: apnid
Value: 3423374250960288965
.adform.net/ Name: C
Value: 1
.omnihotels.com/ Name: tfpsi
Value: c4859a8a-5faf-4a17-bac8-5f0232da3a8c
.adform.net/ Name: uid
Value: 4808709293948829577
.sojern.com/ Name: adfid
Value: 4808709293948829577
.omnihotels.com/ Name: _hjSessionUser_3621851
Value: eyJpZCI6ImExMGMzZDJkLWVkOTYtNWY0Zi05ZDhmLTJhZjU3NDQ1ODU4MyIsImNyZWF0ZWQiOjE3MjQzNjE1MDkyMjUsImV4aXN0aW5nIjp0cnVlfQ==
.omnihotels.com/ Name: _hjSession_3621851
Value: eyJpZCI6IjFiYTU0Y2Y3LThjZDEtNDdlNS04ZDQ3LWM0Y2JlY2JiNWNmYSIsImMiOjE3MjQzNjE1MDkyMjUsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
cm.teads.tv/ Name: ar_debug
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&a22d8be4-fea5-4457-8991-7d8f6c0f2964"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjQzNjE1MDk7MjswMjGgfDoWoToTMdxjxKbTBLdDtXGp1kqMozzZPFN1Vz5RyA==
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=3157:u=1:x=1:i=1724361509:t=1724447909:v=2:sig=AQGVgNInwUhT6cDoIiUSY5_nPOxM_zZM"
.igodigital.com/ Name: igodigitaltc2
Value: 13be1cbc-60cc-11ef-9e61-2ec0ab210470
.igodigital.com/ Name: igodigitalst_514013529
Value: 13be2338-60cc-11ef-9e61-2ec0ab210470
.igodigital.com/ Name: igodigitalstdomain
Value: 2000028897

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
Strict-Transport-Security max-age=15638400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

514013529.collect.igodigital.com
9945854.fls.doubleclick.net
a7tglno5hj.execute-api.us-east-1.amazonaws.com
aa.trkn.us
ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
api.bounceexchange.com
api.edkt.io
assets.bounceexchange.com
bat.bing.com
beacon.sojern.com
bookings.omnihotels.com
bttrack.com
c1.adform.net
cdn.apolloplatform.com
cdn.bttrack.com
cdn.cookielaw.org
click.em.omnihotels.com
cm.g.doubleclick.net
cm.teads.tv
connect.facebook.net
content.hotjar.io
ct.pinterest.com
d1n00d49gkbray.cloudfront.net
data.cdnbasket.net
fledge.teads.tv
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
ka-f.fontawesome.com
match.adsrvr.org
nova.collect.igodigital.com
p.teads.tv
p.typekit.net
page.cdnbasket.net
pd.cdnwidget.com
pixel-library.pmg.com
pixel.sojern.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.pinimg.com
schema.apolloplatform.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
sp.analytics.yahoo.com
static.hotjar.com
stats.g.doubleclick.net
t.teads.tv
tag.wknd.ai
tags.srv.stackadapt.com
tags.w55c.net
tr2.smarterhq.io
use.typekit.net
view.cdnbasket.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
bttrack.com
107.178.244.119
13.107.42.14
13.111.234.80
13.227.219.3
142.250.185.102
142.250.185.162
142.250.186.102
142.250.186.132
151.101.128.84
151.101.192.84
157.240.0.6
172.67.139.119
18.197.181.37
18.232.251.181
18.239.67.100
18.239.83.60
18.66.102.51
18.66.112.111
185.89.210.153
192.132.33.67
192.132.33.68
2.18.64.21
2001:4860:4802:34::36
216.58.206.34
216.58.206.35
23.32.101.95
23.52.181.90
2600:9000:223d:9800:9:7c30:be80:21
2606:4700:4400::6812:2089
2606:4700::6812:1a5d
2606:4700::6812:572a
2620:1ec:21::14
2620:1ec:33:1::10
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c1f::9d
2a02:26f0:3500:10::210:a9a
2a02:26f0:480:3::210:ee92
2a02:26f0:480:581::1931
2a02:26f0:480:f::213:7ece
2a02:26f0:780::210:ca5b
2a03:2880:f177:185:face:b00c:0:25de
3.120.68.64
3.33.220.150
34.102.183.220
34.111.8.32
34.117.121.15
34.120.111.33
34.120.253.250
34.149.130.207
34.149.20.44
34.200.25.57
34.252.40.201
34.98.72.95
35.173.17.244
37.157.5.84
52.223.40.198
54.220.83.225
65.9.86.7
95.101.111.153
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0869744a5242249d78d150c4fa9496c32192f67745486c9681180d6a18fd0550
08a70bbce72580774f43a559d6e8f338acb64136e2c102ad2e0b5b1c1766ce16
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e1ee1f5a91680a05010a5468caaa4d5ebfc05ba1b288edbfb0540ceb6632b52
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
15e407a994358c787157ad3a465ce12dcec6c51abf84337d097bc5d6840ef6af
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cae0b9d70b27cc19083606d3249728c06e567271cef4692d9aa2e6f1e787f96
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e898342f996200ceb14753e5829a6ff91de9ba3bc8114240e22e1c4d859bf2b
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
27325ea16f0df99976e67b268976c6d4562a6824c86d3bc2edf4e04776c5034d
2780ede9598614a57b1265fbfbc739c2c36f0cb7656bb59aa86a08e8ca5a1b95
2ab8f34de3ccd3634518dd9188b7ec7cf08e00190b5e56e6606ad3ed2c92b2dd
2cb34277a5434f95f67e8db342273633beb965b1e4151781e11145a76526437a
32082961c638086ac178c9b978e935d7abd9a6edad848dcf2be7a7cfd39c677b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32984fcae927955ad21b22eba413e78d35b6f75613a52d1ff6cbf9c5c139d0ac
34e7dd6901dded3ec83c1358e84b7020185757fe5318df4fa948800e3dd9d4e0
36ff8562b6eb7a71acaeb673fe704baefd260365cdd37c9e23bb73c82263b855
3724d91d386a94f5f996109e99b924baa373c2baa4ef06f664a89a023241a251
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38b1769af5d9e27f36e6b97605c8d12d9b7bae5cb80059db6def8892186c8eb0
3f567978a7f344ccbafd6675087cfd33c5e0f9aa943aec1b64ec2b28055f9f15
4004a8ee755939ed6730ce45ba2ac28148ff7efdacd2a77ddcc261536ec33fe9
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
4b4eefde7fc63bf7b20cff2575cb6698bc83a313c4b99794f096dbda1bd9c908
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c53bd4fb46505b90b10e21b4c6e477a14abb0ed61eab0a7b44ee0c351de5b5a
4e6c8c8eb1313ab359ee3601abf40985556272577f070045f9dab15dcd2e8160
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
50ec747afc45612c45573a7101ecf9adf6dee6e98c2620b22ee3f70144f9548e
522e7fe1c9a58bc6742ffc993f258039f8e466de5f696ec0357e06004cbcec28
54dec0abb522786278d58ef65f9f8487d475f27d8b4ee571c8fef7d064dcd888
591c6bf7ae2840dc3c4bb1da23a9ee7da4a783e78026eda46ce3fcee561422e9
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
625b022a42ed5d9c39911e42050f4fd9834ea039af978b7716f7800ade95eb55
62d2b289923f4ac801870b808ea8fc97e60053b7659040e6787344512889b4f6
6515981ad814530ea37bc6838f8d8cc3074eaf22dffef1b8f207959afd0a492b
653c605223792518e8d7a382812f876321c916845a3f249b022ce16b892f5427
66b684a9bd117ea6bef9bd049cd47c2d0e6a707ca5c94d4fbeeddd8f60a26ed0
6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780
73b7f2f8725690c65daa20ee5336d595b4e1369dd42dc4c6baa11bd1fe1df90b
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7e198c09440c48a05d7bc57abda36df8520a89e0c45cac60a0189bd450e5853b
819fdf6c9cdc55e451290629cb237214cbb7381541b4e931b342e7d9f4e7e2b1
821e680e0e3aaf1443afd405e277a193550d50b434e4485b33dc0e7ab125c117
8257727cd4fa3be74e55fc11f7f6d0063bcf254f8616da30e97628101f8882de
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ea26191ffc6155103762f2a7205b0b1af5f0e8d4e26cb4b539e581e2e48686
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
a334534614782c0e1ff21a6d9870e45372fd008677911a4195c517404b503443
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a3d998de525e2f49633d799353b5cfcdcc930241f375300401ae3bb52c85ea58
a7888999fa80868a7f03f4afcc1ab6f9bc8cf16113794978fde1ba006c961ce8
a913bc8f409fa5411023215b5715c71c2675cf4a2b067f5e8413fcd53135d385
a9fc942887009f415ce8c2d14d6fcf3a4025b22523fc1c40723897f9118d57d8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4bc789142ca61c2faae60acec10c04360e92f0995c4bc6d29b076e39d09e2c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
abe92e0a271866d066c160619d758d8106cfba28bea8193b1fa5c6d87722702e
ac9c5cd537f4f793c78efd5acf796522a5b2449afbe28da4d6e51f1b6fe4c3f8
b40ee314ac4676449ac588072867c6a2651e02277057135fe3a90aba8b8272e1
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b90cf481a2ad169e12b9828c0d230570ad18116830d66d37aebcebdcd32b8bf8
c09ac19649ee099b07d720801552c98d4be47fb4f1008fa1668c340ede90ac2f
c340313fbf7869da6c98fa2d5904983db6d7a1eb5bed7c114c98355eef779ec0
c919ed7913ac55a25e3b84f3995d8fb60de863d9fd4116880d975c2620373323
cafe94ba60283d2f3973530b64b9b615585263b4cc08cc8687521fb892b75538
cf83c170fc992166303ac5ee3ad9353ebeff4e41f0bf72f104cc843cc8958471
d1bd791dbae37c7eb4a2c35b384be01328236f5088a9237d020eeda521fac99f
d2c0e1aebf907b85c8790c7910529e00521037df698079cef17489cd7ff37a97
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
d8a99f7fa226be0d5bcc878f3ad41381727cb2d9dd9012c106e5cedff5e6a085
da166bdb05a6470dda640d3002feac44ebc3088d301cf781f0607f373ef7597d
daa4ffb809434104d7f2fac6509b7468c826ae1ee137eb381c5a937034f2a5ef
ddb9cf282a11171052fca93f2f71484ae2e7ae5fc8d9eed15fbaf789c057e1c6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0deb579f4758f3bb28fb6d75a3c0acf42a8d3c994dc8cfd3fd06af40fa24b75
e1faec96c5766cc5da452b7c0b8b078b32275ac7ad8dec805a8a25961a9b43df
e26115d5d30637c0bb28de8548e8dba25eee5be273cd7647c8e528d60a013240
e386e36d1649a3cf2bed067e5b7755287843fb32d7f1301edec98141067b1a5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4019587a58b47600b0c345b48fd9f58af0d1f80ddeecdd67838bf30d72cb882
ec33225de79266bd483b6fe0bca2d9fafbbb9155df5a25011fe0d669411416e9
ec8955d5d6e35b7943c598939ae4e5b7aec62d672470b093aefd365626713ace
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14
f309b4b6297e8c886d8d6b1ff31decc2d09f6eecf7804e3325bf5a2d3a5eac55
f495f75d8e073c48d77c5a0e3a8017c9bdc65e2b52e6d6695203629dc2df083f
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f6ac43240471ab2b5f276378644c9e0d24e7d2a1e18374a9c75e2e980a3fec4a
f712eb753218cbd75d8c5d319f9646d828a3d22838adee23c6b0dd994a1f878c
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218