www.guestreservations.com Open in urlscan Pro
2606:4700::6812:924 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trk.klclick.com/ls/click?upn=u001.Vo-2BFSE-2FQiagudmGUgwC8vRVtEb4-2Fc1WFXNXrwMIh6omJF-2B5UiRe9SAXAKSLjTVDk8hKrUy...
Effective URL:
https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign...
Submission: On July 14 via api (July 14th 2024, 11:29:25 am UTC) from BE — Scanned from CA

Summary HTTP 182 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 55 IPs in 3 countries across 51 domains to perform 182 HTTP transactions. The main IP is 2606:4700::6812:924, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.guestreservations.com. The Cisco Umbrella rank of the primary domain is 97114.
TLS certificate: Issued by WE1 on June 16th 2024. Valid for: 3 months.

This is the only time www.guestreservations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:23c... 2600:9000:23cb:ec00:14:c8fd:7700:93a1	16509 (AMAZON-02) (AMAZON-02)
4 59	2606:4700::68... 2606:4700::6812:924	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c21::5e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
6	2607:f8b0:400... 2607:f8b0:4004:c1d::61	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:b... 2600:1901:0:bc29::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
2 3	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
4	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4004:c17::64	15169 (GOOGLE) (GOOGLE)
14	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
7	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::78	15169 (GOOGLE) (GOOGLE)
8	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
3	64.233.180.94 64.233.180.94	15169 (GOOGLE) (GOOGLE)
2	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
3	142.251.163.102 142.251.163.102	15169 (GOOGLE) (GOOGLE)
3	74.119.117.16 74.119.117.16	19750 (AS-CRITEO) (AS-CRITEO)
2	172.253.122.97 172.253.122.97	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	172.253.63.105 172.253.63.105	15169 (GOOGLE) (GOOGLE)
2 2	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
3 4	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
6 7	54.227.40.53 54.227.40.53	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.192.166.88 34.192.166.88	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	51.222.241.100 51.222.241.100	16276 (OVH) (OVH)
1 1	52.87.98.237 52.87.98.237	14618 (AMAZON-AES) (AMAZON-AES)
1	23.105.12.150 23.105.12.150	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	195.244.31.10 195.244.31.10	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
1	23.55.200.222 23.55.200.222	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.251.28.231 63.251.28.231	26558 (FREEWHEEL) (FREEWHEEL)
1 2	54.161.215.88 54.161.215.88	14618 (AMAZON-AES) (AMAZON-AES)
2 2	107.21.205.162 107.21.205.162	14618 (AMAZON-AES) (AMAZON-AES)
2 2	108.156.91.29 108.156.91.29	16509 (AMAZON-02) (AMAZON-02)
1 1	198.8.71.131 198.8.71.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 3	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.50.124.22 23.50.124.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.202.32.213 52.202.32.213	14618 (AMAZON-AES) (AMAZON-AES)
1	54.84.32.3 54.84.32.3	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.203.132.170 52.203.132.170	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:220... 2600:9000:2209:6200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.50.125.47 23.50.125.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4216:6ee6:2773:bd8f:e13f	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1408:c40... 2600:1408:c400:16::17d4:f81b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	3.215.196.212 3.215.196.212	14618 (AMAZON-AES) (AMAZON-AES)
1	3.210.56.21 3.210.56.21	14618 (AMAZON-AES) (AMAZON-AES)
10	2606:4700::68... 2606:4700::6812:df0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.200.95.207 34.200.95.207	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.241.51 35.186.241.51	() ()
1	216.239.32.181 216.239.32.181	() ()
182	55

1 2600:9000:23cb:ec00:14:c8fd:7700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2606:4700::6812:924 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.guestreservations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c1d::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:bc29:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a00b::12 (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::78 (Washington, United States)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.102 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.154 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.181.211 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.227.40.53 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-40-53.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.166.88 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-166-88.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.241.100 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-011.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.87.98.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-98-237.compute-1.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.150 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.200.222 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-200-222.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.231 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.215.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-215-88.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.21.205.162 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-205-162.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.91.29 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-156-91-29.ord56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.8.71.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.124.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-124-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.32.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-32-213.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.32.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-32-3.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.132.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-132-170.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:6200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.125.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-47.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:6ee6:2773:bd8f:e13f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:16::17d4:f81b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.196.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-196-212.compute-1.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.56.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-56-21.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:df0 (United States)

ASN13335 (CLOUDFLARENET, US)

a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.95.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-95-207.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.241.51 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.181 (None, )

ASN- ()

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	guestreservations.com 4 redirects www.guestreservations.com — Cisco Umbrella Rank: 97114	3 MB
36	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3271 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4013 fast.a.klaviyo.com — Cisco Umbrella Rank: 4261 static-forms.klaviyo.com — Cisco Umbrella Rank: 4011 a.klaviyo.com — Cisco Umbrella Rank: 3897	85 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74 maps.googleapis.com — Cisco Umbrella Rank: 373	247 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	383 KB
7	mediawallahscript.com 6 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 3228	6 KB
7	bing.com bat.bing.com — Cisco Umbrella Rank: 326 c.bing.com — Cisco Umbrella Rank: 187	16 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 67	21 KB
6	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 460 sslwidget.criteo.com — Cisco Umbrella Rank: 1961 dis.criteo.com — Cisco Umbrella Rank: 700	6 KB
5	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 133 googleads.g.doubleclick.net — Cisco Umbrella Rank: 69 cm.g.doubleclick.net — Cisco Umbrella Rank: 264	5 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 157 www.google.com — Cisco Umbrella Rank: 5	128 B
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 265 secure.adnxs.com — Cisco Umbrella Rank: 486	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	5 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	72 KB
4	gstatic.com fonts.gstatic.com maps.gstatic.com	50 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 452	868 B
3	google.ca www.google.ca — Cisco Umbrella Rank: 9555	191 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 232	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 414	976 B
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1228	3 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 574	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 743	874 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1831	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 387	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 870	976 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 383	1 KB
2	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 5659	19 KB
1	mixpanel.com api-js.mixpanel.com	380 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1969	120 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2828	620 B
1	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 2617	259 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2541	398 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2678	277 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 665	308 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 548	280 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 402	1 KB
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 886	574 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 847	360 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1028	534 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1591	966 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 691	816 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 836	1 KB
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 626	662 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 778	581 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 824	341 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1683	375 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 699	688 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 5916	338 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 4620	411 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 726	16 KB
1	klclick.com 1 redirects trk.klclick.com — Cisco Umbrella Rank: 13647	875 B
0	revcontent.com Failed trends.revcontent.com Failed
182	51

	Domain	Requested by
59	www.guestreservations.com	4 redirects www.guestreservations.com
14	static.klaviyo.com	www.googletagmanager.com static.klaviyo.com
10	a.klaviyo.com	static.klaviyo.com static-tracking.klaviyo.com
8	static-tracking.klaviyo.com	static.klaviyo.com
8	www.googletagmanager.com	www.guestreservations.com www.googletagmanager.com www.google-analytics.com
7	partner.mediawallahscript.com	6 redirects
6	bat.bing.com	www.guestreservations.com bat.bing.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	maps.googleapis.com	www.guestreservations.com maps.googleapis.com
6	fonts.googleapis.com	www.guestreservations.com client
4	www.facebook.com
4	connect.facebook.net	www.guestreservations.com connect.facebook.net
3	idsync.rlcdn.com	2 redirects
3	ib.adnxs.com	2 redirects
3	www.google.ca
3	analytics.google.com	www.googletagmanager.com
3	gum.criteo.com	2 redirects static.criteo.net
2	dpm.demdex.net	1 redirects
2	eb2.3lift.com	1 redirects
2	live.rezync.com	2 redirects
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	match.adsrvr.org	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	x.bidswitch.net	1 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	www.google.com
2	static-forms.klaviyo.com	static.klaviyo.com
2	fast.a.klaviyo.com	static.klaviyo.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	maps.gstatic.com
2	cdn.mxpnl.com	www.guestreservations.com
2	fonts.gstatic.com	fonts.googleapis.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ade.clmbtech.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	s.ad.smaato.net
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	c.bing.com
1	exchange.mediavine.com
1	contextual.media.net
1	p.rfihub.com	1 redirects
1	ads.stickyadstv.com
1	tags.bluekai.com
1	visitor.omnitagjs.com
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	secure.adnxs.com	1 redirects
1	sslwidget.criteo.com	static.criteo.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.criteo.net	www.guestreservations.com
1	trk.klclick.com	1 redirects
0	trends.revcontent.com Failed
182	64

This site contains links to these domains. Also see Links.

Domain
groups.guestreservations.com
www.facebook.com
twitter.com
www.instagram.com
www.pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
guestreservations.com WE1	`2024-06-16` - `2024-09-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-27` - `2024-09-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-22` - `2024-07-21`	3 months	crt.sh
static.klaviyo.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
static-tracking.klaviyo.com R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.ca WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
fast.a.klaviyo.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
static-forms.klaviyo.com R11	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-09` - `2025-02-08`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M03	`2024-03-05` - `2025-04-02`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
colombiaonline.com R11	`2024-06-28` - `2024-09-26`	3 months	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2024-02-24` - `2025-03-23`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2024-04-15` - `2025-05-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
a.klaviyo.com E1	`2024-05-24` - `2024-08-22`	3 months	crt.sh
*.mixpanel.com GeoTrust TLS RSA CA G1	`2024-02-08` - `2025-03-10`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Frame ID: 61295F28247E777E69199C87D95BD14E
Requests: 94 HTTP requests in this frame

Frame: https://www.guestreservations.com/site/searchloading
Frame ID: 2580A6ADF8B07776D9FD18867F071759
Requests: 46 HTTP requests in this frame

Frame: https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js
Frame ID: 4447790952149C793DAED5F4F5FA5B71
Requests: 4 HTTP requests in this frame

Frame: https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js
Frame ID: 6EA676FB833C2ECB361158129E7489CC
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.guestreservations.com&origin=onetag
Frame ID: 2A7465CAC7B9CDD758635A44DEC0B960
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&google_gid=CAESEJYGm7zX23FOqBoA-S2DyS0&google_cver=1&google_ula=913071,0
Frame ID: 82619E5FC806FBC5BC50D92162BFCC43
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Guest Reservations

Page URL History Show full URLs

https://trk.klclick.com/ls/click?upn=u001.Vo-2BFSE-2FQiagudmGUgwC8vRVtEb4-2Fc1WFXNXrwMIh6omJF-2B5UiR... HTTP 302
https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=c... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

182
Requests

92 %
HTTPS

32 %
IPv6

51
Domains

64
Subdomains

55
IPs

3
Countries

3701 kB
Transfer

8774 kB
Size

99
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://groups.guestreservations.com/Group-Rate/
Title: Groups (9+ Rooms)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/guestreservations

Search URL Search Domain Scan URL

URL: https://twitter.com/guest_res

Search URL Search Domain Scan URL

URL: https://www.instagram.com/guestreservations/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/guestreservations/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@GuestReservations

Search URL Search Domain Scan URL

URL: https://groups.guestreservations.com/Group-Rate/?GroupType=150&sc=GRes_Weddings
Title: Weddings

Search URL Search Domain Scan URL

URL: https://groups.guestreservations.com/Group-Rate/?es=1
Title: Extended Stay

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trk.klclick.com/ls/click?upn=u001.Vo-2BFSE-2FQiagudmGUgwC8vRVtEb4-2Fc1WFXNXrwMIh6omJF-2B5UiRe9SAXAKSLjTVDk8hKrUymUInZiZNWwk2DDoOeYW8-2B9j8gJP-2FIqYdC69wjXkXRyFeOe6aQA7asRxJZ7XyH4kHTC7ZLczCZv-2BFtirYhS3B8x6ypavgRw36sw9YVgaaJkRQ-2Fy1US-2FDbCPWDoBRdZeYbbZIMHbttRA5Fhoy4etKFXMDmLkOfDexQv84CwD5kzVl28587XhqIVv9qvmVz5u-2BBuco3aD4dya7lhQzu24ilGe1Bg5iv1KmJVNbsgE1Wj8C-2FSGI6WiUmYiehkMd25BteoOl-2B4RSQIe-2FSHRU-2BkbPvDXR42hfGJIBlk-2BNTzMa5Xp48kkyF-2F2HJoWruJIrm4RKQD-2FCMapxX1AI-2FFfng-2Flh5QCDML0lKfYHs1v2D-2BKvrUL-2BllFQR0mPH9L-2BUSCo3nP_k-2FJyLFxkGkNSUigfTVsX6Y4xzr7JXAhZ3q-2FnANSrGjsYStez7wUkr9AvVDDkr-2BFwTW3zSCuci3PvBc1sWnIgD8nPwjx-2BrD5XBsoZvXLWV63m4Ch7jK-2FDnDfE93AAdwMffU6mp1zQzahPHr-2FsFtDibwU2Gr7qJMIiCy4ergq-2BMedAOecN-2FiYpuZoep8o9cYdExlTkyAR3Bi-2BOWJQyc8VT1lRH-2BwFsufrcpXSZbpfR8uuwa4X7VnehsPvhWNS29WUZmfr6Uzev0-2Bbxu6INVEPoQ4LFAeCgEn9mkCD9jzFsRBO1SI2LZAiZht4hiF3tVY1dlCeCRuVgF4DkjKvIFYIgi0H0wYeH3LPYNhqlu7jWxUjy55NES5Ir-2FnDxaGQYy6-2Br0SLPKLf5fhcmYtR3w42ACCO3Ax4CPbiHm09uE-2Fk3GCR0OIimpT58OVauOVeWVjiY91uAVqR1M4KBgPddwtTJuGITHd9MvTKrlP2hNJsom6U-3D HTTP 302
https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

Request Chain 53

https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

Request Chain 58

https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

Request Chain 68

https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&google_cm&google_hm=ay1YT1dXVlF3dHJwYnlUQTZSWUNBMG5fX19uc2E4cFVrcUdNenZIZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&google_gid=CAESEJYGm7zX23FOqBoA-S2DyS0&google_cver=1&google_ula=913071,0

Request Chain 136

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-48dWBwwtrpbyTA6RYCA0n___nsa4KM07o73IDg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-48dWBwwtrpbyTA6RYCA0n___nsa4KM07o73IDg&expires=30

Request Chain 137

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1010634846103465533

Request Chain 138

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&custom=&tag_format=img&tag_action=sync&custom=&cb=03916f2a-2b6e-49a6-bd5a-fc94a0c6b6d3 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=03916f2a-2b6e-49a6-bd5a-fc94a0c6b6d3&final=true&reqid=4e528dc0-41d4-11ef-8f74-b71b5ff5b604&timestamp=2024-07-14T11%3A29%3A17.469Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=1010634846103465533&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=4e57e4f0-41d4-11ef-abdc-5944c6fe0e03?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=4e57e4f0-41d4-11ef-abdc-5944c6fe0e03?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=717aa5bff70cf83f0992bc905c0bc609&tag_format=img&tag_action=sync&cb=903249758 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=e1c5bea8-1987-426a-a0ec-9294aa310367&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=4e57e4f0-41d4-11ef-abdc-5944c6fe0e03&cb=1720956557978&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1720956557978 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=cc27f9f5-5623-40e7-9e0b-f51d0cff5075&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1720956557978 HTTP 302
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=4ecdd840-41d4-11ef-ac62-4d5969f4be60

Request Chain 142

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=VaIjdbXYwp6xImfhWT1CvNA4M8PhxiVj

Request Chain 143

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TZG0wwwtrpbyTA6RYCA0n___nsa3GYYHHLYObQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TZG0wwwtrpbyTA6RYCA0n___nsa3GYYHHLYObQ&C=1

Request Chain 145

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-BkH5mgwtrpbyTA6RYCA0n___nsYVLiAguHYvsw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-BkH5mgwtrpbyTA6RYCA0n___nsYVLiAguHYvsw

Request Chain 146

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Dy9JPwwtrpbyTA6RYCA0n___nsaKPMBCjp2GYw HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Dy9JPwwtrpbyTA6RYCA0n___nsaKPMBCjp2GYw&_li_chk=true&previous_uuid=e8a1c3d98cf84f7aa7eb9938a03fa830 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e8a1c3d9-8cf8-4f7a-a7eb-9938a03fa830 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=f58b6dab-92d0-4afc-97bc-7382a9c060e5%3A1720956557.9011648&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Df58b6dab-92d0-4afc-97bc-7382a9c060e5%253A1720956557.9011648%26_%3D1720956557.9035916&cb=1720956557.9036636 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2018245974248784082&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Df58b6dab-92d0-4afc-97bc-7382a9c060e5%253A1720956557.9011648%26_%3D1720956557.9035916 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=f58b6dab-92d0-4afc-97bc-7382a9c060e5%3A1720956557.9011648&_=1720956557.9035916 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdmNThiNmRhYi05MmQwLTRhZmMtOTdiYy03MzgyYTljMDYwZTU6MTcyMDk1NjU1Ny45MDExNjQ4EAAaDQiO7c60BhIFCOgHEABCAEoA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOXrrYHLwQLwjbO8pHlzvPE&google_cver=1

Request Chain 160

https://eb2.3lift.com/xuid?mid=2711&xuid=k-JV0g5gwtrpbyTA6RYCA0n___nsa_sWGg-58l-g&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-JV0g5gwtrpbyTA6RYCA0n___nsa_sWGg-58l-g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 169

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=WS-6Gq7ATcEF4pYvCwGVmUWW2qzrZV0h HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=WS-6Gq7ATcEF4pYvCwGVmUWW2qzrZV0h

182 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.guestreservations.com/
Redirect Chain

https://trk.klclick.com/ls/click?upn=u001.Vo-2BFSE-2FQiagudmGUgwC8vRVtEb4-2Fc1WFXNXrwMIh6omJF-2B5UiRe9SAXAKSLjTVDk8hKrUymUInZiZNWwk2DDoOeYW8-2B9j8gJP-2FIqYdC69wjXkXRyFeOe6aQA7asRxJZ7XyH4kHTC7ZLczCZ...
https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Pr...

85 KB
13 KB

213ms
130ms

Document
text/html

2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc561b37437447d9a162d2e7e4532070f046c145e2358dc503b8c6aadbfb21cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a312c89b9bc7145-YUL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 14 Jul 2024 11:29:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 363
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 11:29:15 GMT
location: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
server: nginx
via: 1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront)
x-amz-cf-id: U6LiTjx_WVbYW3UFEEfDwiTmmTcyMH_ZSsLTrBlZyFlTkMz1_6WV7A==
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 site-compressed.1720470000.css
www.guestreservations.com/boost/ 257 KB
39 KB 52ms
51ms Stylesheet
text/css 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fec9ae6f7e857ead2ca0ccb0a67b878f44badafee0f8efd8552bc5adb7b0e553

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:15 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 08 Jul 2024 20:20:00 GMT
server: cloudflare
age: 288237
cf-polished: origSize=319985
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8a312c8abb527145-YUL
expires: Tue, 13 Aug 2024 11:29:15 GMT

GET
H2 200 logo-bell-dark.svg
www.guestreservations.com/assets/f415e69c/images/logo/ 6 KB
2 KB 30ms
29ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/f415e69c/images/logo/logo-bell-dark.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8add2ea8a82e3f30ba20be47ef707c61e41ea7027e854c9c1797cc45cb2d4499

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Jun 2024 15:02:00 GMT
server: cloudflare
age: 111823
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a312c8abb547145-YUL
content-length: 2333
expires: Tue, 16 Jul 2024 11:29:15 GMT

GET
H2 200 phone-yellow.svg
www.guestreservations.com/assets/f415e69c/images/ 764 B
567 B 33ms
32ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/f415e69c/images/phone-yellow.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89d1cf21ac70da8a120e2452f1e4d161c6b12257e90a7e949b86c98d260d2f83

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Jun 2024 15:02:00 GMT
server: cloudflare
age: 106680
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a312c8abb557145-YUL
content-length: 500
expires: Tue, 16 Jul 2024 11:29:15 GMT

GET
H2 200 london.jpg
www.guestreservations.com/images/pages/p-home/destinations/ 89 KB
90 KB 55ms
46ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/destinations/london.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e8de09bd822fd6556ce9acf5ca57830e1d862a81b14b384a44ce2d48f7cd72e

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:15 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 198359
cf-polished: origSize=91634
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8aeb9b7145-YUL
content-length: 91626
expires: Tue, 13 Aug 2024 11:29:15 GMT

GET
H2 200 los-angeles.jpg
www.guestreservations.com/images/pages/p-home/destinations/ 50 KB
50 KB 55ms
46ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/destinations/los-angeles.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07efcf822b1de3c7a9baac29df9d741f6974c13466960f990f3cd5739f27c53c

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:15 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 1139220
cf-polished: origSize=51349
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8aeba17145-YUL
content-length: 51341
expires: Tue, 13 Aug 2024 11:29:15 GMT

GET
H2 200 miami.jpg
www.guestreservations.com/images/pages/p-home/destinations/ 325 KB
326 KB 56ms
47ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/destinations/miami.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8768a2ae84516bbbbbede1877afd7f1b8274b7b02c794f75cacfba685fcf296

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 198359
cf-polished: origSize=332968
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8aeba57145-YUL
content-length: 332960
expires: Tue, 13 Aug 2024 11:29:15 GMT

GET
H2 200 new-york.jpg
www.guestreservations.com/images/pages/p-home/destinations/ 128 KB
128 KB 38ms
30ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/destinations/new-york.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4808dc03604e09a22ca006f9d476502084a27beeaa1b3a81cf74c6b0dc0fa890

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:15 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 198359
cf-polished: origSize=130646
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8aeba77145-YUL
content-length: 130638
expires: Tue, 13 Aug 2024 11:29:15 GMT

GET
H2 200 phuket.jpg
www.guestreservations.com/images/pages/p-home/destinations/ 175 KB
176 KB 55ms
48ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/destinations/phuket.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb875ef064277c6f4be9e72a5a7afd4af72ec8339575ca48fc9648c1f8164aa6

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 288237
cf-polished: origSize=179680
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8aeba97145-YUL
content-length: 179672
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 sydney.jpg
www.guestreservations.com/images/pages/p-home/destinations/ 106 KB
106 KB 54ms
46ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/destinations/sydney.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b06f24a2e59e15ddcd0d57bf6c274ded794e0df306ef374750b58c7534051d

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:15 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 1139220
cf-polished: origSize=108250
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8aebab7145-YUL
content-length: 108242
expires: Tue, 13 Aug 2024 11:29:15 GMT

GET
H2 200 rom.jpg
www.guestreservations.com/images/pages/p-home/destinations/ 89 KB
89 KB 54ms
47ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/destinations/rom.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b2656274b0bfc939a9e6ea0c136dbe3029b5172e7c27ff9a572f755b78054bf

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 1060010
cf-polished: origSize=91413
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8aebae7145-YUL
content-length: 91405
expires: Tue, 13 Aug 2024 11:29:15 GMT

GET
H2 200 tokyo.jpg
www.guestreservations.com/images/pages/p-home/destinations/ 62 KB
62 KB 54ms
47ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/destinations/tokyo.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e74f141dcaae1cdfca64cbb04a4249984fdfd92cd7bcb99c50abf5c37b65fe8b

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 288237
cf-polished: origSize=63339
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8aebaf7145-YUL
content-length: 63331
expires: Tue, 13 Aug 2024 11:29:15 GMT

GET
H2 200 4e59e3fb-e543-4c2c-acdc-53a4d78517e8.jpg
www.guestreservations.com/images/pages/p-home/featured-hotels/ 137 KB
137 KB 56ms
48ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/featured-hotels/4e59e3fb-e543-4c2c-acdc-53a4d78517e8.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce2a3678699466fae8be896c8c5acc805907af4c4a4b9dd15c68ed391f10a180

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 1060011
cf-polished: origSize=140418
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8aebb47145-YUL
content-length: 140410
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 45548bfb-0c67-4443-a625-68b838cfa293.jpg
www.guestreservations.com/images/pages/p-home/featured-hotels/ 150 KB
150 KB 67ms
60ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/featured-hotels/45548bfb-0c67-4443-a625-68b838cfa293.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e470caf3954391b92617ab17fda724e9fa4f4f50b2802e21bebc99f3535a65d

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 1139221
cf-polished: origSize=153401
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8afbd07145-YUL
content-length: 153393
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 2217841c-6eb8-5ab2-8857-db7c1f4ad5d1.jpg
www.guestreservations.com/images/pages/p-home/featured-hotels/ 71 KB
71 KB 66ms
59ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/featured-hotels/2217841c-6eb8-5ab2-8857-db7c1f4ad5d1.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4da2635c9842212b0b48f05688407cc8818c8809bae86ec1a41d795309a30e4

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 1138964
cf-polished: origSize=72656
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8afbd37145-YUL
content-length: 72648
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 d592e189-fceb-51bd-a379-ef0c81c11455.jpg
www.guestreservations.com/images/pages/p-home/featured-hotels/ 53 KB
53 KB 71ms
64ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/featured-hotels/d592e189-fceb-51bd-a379-ef0c81c11455.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 786c39f445a4b6fb5e65fe93fc56012a641bb150c6d9c3c89e6f91ee9ac75b83

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 198360
cf-polished: origSize=54481
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8afbd47145-YUL
content-length: 54473
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 52ce0231-cb14-575e-8f97-ce5586cea1ab.jpg
www.guestreservations.com/images/pages/p-home/featured-hotels/ 77 KB
77 KB 68ms
61ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/featured-hotels/52ce0231-cb14-575e-8f97-ce5586cea1ab.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30bc8ba6fd8ea49b3aa785e81efdf9dd848c59166c7bed59d8b05093065fa976

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 198360
cf-polished: origSize=78922
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8afbd67145-YUL
content-length: 78914
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 9a145841-8c30-5f28-b0be-c5db01841f01.jpg
www.guestreservations.com/images/pages/p-home/featured-hotels/ 61 KB
61 KB 68ms
61ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/featured-hotels/9a145841-8c30-5f28-b0be-c5db01841f01.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e502c55f3832d4f948a5b719a78821bc676b8165878de7384b32c801eb270381

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 1060011
cf-polished: origSize=62806
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8afbd77145-YUL
content-length: 62798
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 exclusive-deals.svg
www.guestreservations.com/assets/4a44a40b/images/reasons/ 5 KB
1 KB 66ms
61ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/4a44a40b/images/reasons/exclusive-deals.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2904914988fb94f490eb7a21e5fba3de11b7bc1d12caefadb10923ea9c46c712

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 May 2024 13:15:32 GMT
server: cloudflare
age: 110696
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a312c8afbd97145-YUL
content-length: 876
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 massive-selection.svg
www.guestreservations.com/assets/4a44a40b/images/reasons/ 6 KB
2 KB 67ms
61ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/4a44a40b/images/reasons/massive-selection.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12bfc27c309e6157f56426265194dea3e3d8c585111466d7a538aa8d670a607b

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 May 2024 13:15:32 GMT
server: cloudflare
age: 107062
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a312c8afbdb7145-YUL
content-length: 2068
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 customer-service.svg
www.guestreservations.com/assets/4a44a40b/images/reasons/ 3 KB
735 B 72ms
66ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/4a44a40b/images/reasons/customer-service.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da097e694e53f1173022013d84222bbef8a0a22820574bfce016dd4994718266

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 May 2024 13:15:32 GMT
server: cloudflare
age: 110710
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a312c8afbde7145-YUL
content-length: 668
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 strict-privac.svg
www.guestreservations.com/assets/4a44a40b/images/reasons/ 3 KB
712 B 69ms
64ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/4a44a40b/images/reasons/strict-privac.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60ec1580f50298895fa128e675a6e816a172850abb751875978b5df5c59a1146

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 May 2024 13:15:32 GMT
server: cloudflare
age: 111783
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a312c8afbe07145-YUL
content-length: 644
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 logo-dark-tm.svg
www.guestreservations.com/assets/237ed65f/images/ 4 KB
2 KB 69ms
64ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/237ed65f/images/logo-dark-tm.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee6f78d10947b106171636ad321f3569e46c99ad0a33c88056820327ca23491

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 15:56:12 GMT
server: cloudflare
age: 107062
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a312c8afbe17145-YUL
content-length: 1687
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 facebook.svg
www.guestreservations.com/assets/237ed65f/images/social-networks/ 228 B
242 B 71ms
66ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/237ed65f/images/social-networks/facebook.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45bb486b9e917d695991d2988c5f5a319b350621f155e2d8aa4fdf5a9456b89f

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 20:21:03 GMT
server: cloudflare
age: 110710
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=172800
cf-ray: 8a312c8afbe47145-YUL
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 twitter.svg
www.guestreservations.com/assets/237ed65f/images/social-networks/ 549 B
420 B 70ms
66ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/237ed65f/images/social-networks/twitter.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f51af69687876ee069f6c91befd54cbedf49a0b754fff0f0f510c4920f99fdae

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 20:21:03 GMT
server: cloudflare
age: 106681
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=172800
cf-ray: 8a312c8afbe67145-YUL
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 instagram.svg
www.guestreservations.com/assets/237ed65f/images/social-networks/ 808 B
517 B 80ms
76ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/237ed65f/images/social-networks/instagram.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bfc37ff880caeb229fffa577d4ba4286e6a58cf68af9d9818f0617715a365fc

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 20:21:03 GMT
server: cloudflare
age: 99336
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=172800
cf-ray: 8a312c8afbe77145-YUL
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 pinterest.svg
www.guestreservations.com/assets/237ed65f/images/social-networks/ 2 KB
1 KB 67ms
63ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/237ed65f/images/social-networks/pinterest.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a7397d8e0ec390e0e7ac653f64be9cae1566e935795cb1c3a66b643b70ef6f

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 20:21:03 GMT
server: cloudflare
age: 111824
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=172800
cf-ray: 8a312c8afbe87145-YUL
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 you-tube.svg
www.guestreservations.com/assets/237ed65f/images/social-networks/ 2 KB
1 KB 70ms
66ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/assets/237ed65f/images/social-networks/you-tube.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81a738fe93926aa93523e2f3233a79e0f3072c5d0544883c7923a79650b2c8da

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 20:21:03 GMT
server: cloudflare
age: 110710
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=172800
cf-ray: 8a312c8afbe97145-YUL
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 rocket-loader.min.js Show response
www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 55ms
52ms Script
application/javascript 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 08:14:23 GMT
server: cloudflare
etag: W/"668f945f-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8a312c8afbeb7145-YUL
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 searchloading Show response
www.guestreservations.com/site/ Frame 2580 8 KB
3 KB 139ms
136ms Document
text/html 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/site/searchloading
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c7cba6c9f330e59e2f2a03345260cf399f8d586da6e739954d60d66adbb16f

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a312c8aebb27145-YUL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 14 Jul 2024 11:29:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 30 KB
1 KB 119ms
50ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.guestreservations.com
URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13471b4283cd0eef752d70c2994923d831d67a5a1c840f2a76a9c05e23f9f72f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 10:09:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 11:29:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
926 B 119ms
50ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Hind+Madurai:wght@300;400;500&display=swap

Requested by

Host: www.guestreservations.com
URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c78708b377c4481d55502b4fc6048936b2de587596f2ab5b02fef9a915ea8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 11:29:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 11:29:16 GMT

GET
H2 200 site-compressed.1720470000.css
www.guestreservations.com/boost/ Frame 2580 257 KB
0 52ms
51ms Stylesheet
text/css 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/site/searchloading
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fec9ae6f7e857ead2ca0ccb0a67b878f44badafee0f8efd8552bc5adb7b0e553

Request headers

Referer: https://www.guestreservations.com/site/searchloading
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:15 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 08 Jul 2024 20:20:00 GMT
server: cloudflare
age: 288237
cf-polished: origSize=319985
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8a312c8abb527145-YUL
expires: Tue, 13 Aug 2024 11:29:15 GMT

GET
H2 200 simple.1664567162.css
www.guestreservations.com/css/ Frame 2580 0
93 B 56ms
55ms Stylesheet
text/css 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/css/simple.1664567162.css
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/site/searchloading
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guestreservations.com/site/searchloading
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 04 Feb 2021 14:33:47 GMT
server: cloudflare
age: 2185153
vary: User-Agent, Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8bdd677145-YUL
content-length: 0
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 loader.1664567162.css
www.guestreservations.com/css/pages/ Frame 2580 1 KB
653 B 56ms
55ms Stylesheet
text/css 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/css/pages/loader.1664567162.css
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/site/searchloading
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6157eea255cb43f55015b8e3ad737c8dc5b461a0b4d952b193db3e7f6324a66c

Request headers

Referer: https://www.guestreservations.com/site/searchloading
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 30 Sep 2022 19:46:02 GMT
server: cloudflare
age: 198360
cf-polished: origSize=1710
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8a312c8bdd697145-YUL
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 spinner.1689364624.css
www.guestreservations.com/assets/11fa1ba1/css/ Frame 2580 1 KB
482 B 56ms
56ms Stylesheet
text/css 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/assets/11fa1ba1/css/spinner.1689364624.css
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/site/searchloading
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a207b905835387010dc53573b764c38cde958162f1af572dd710e56a364e2d

Request headers

Referer: https://www.guestreservations.com/site/searchloading
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Jul 2023 19:57:04 GMT
server: cloudflare
age: 198624
cf-polished: origSize=1544
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8a312c8bdd6a7145-YUL
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 rocket-loader.min.js Show response
www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 2580 12 KB
0 55ms
52ms Script
application/javascript 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.guestreservations.com
URL: https://www.guestreservations.com/site/searchloading

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.guestreservations.com/site/searchloading
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 08:14:23 GMT
server: cloudflare
etag: W/"668f945f-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8a312c8afbeb7145-YUL
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 home-book-form.jpg
www.guestreservations.com/images/pages/p-home/ 688 KB
689 KB 51ms
51ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/home-book-form.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47cc11c19b25af7a989a96bdb2fb1a9b623a1815a5fae93d5b39ffd318a8b2f9

Request headers

Referer: https://www.guestreservations.com/boost/site-compressed.1720470000.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 1060011
cf-polished: origSize=749479
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8bed757145-YUL
content-length: 704238
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 calendar.svg
www.guestreservations.com/boost_assets/6fa385f1/images/ 825 B
604 B 52ms
51ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/boost_assets/6fa385f1/images/calendar.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aef47c1ad08d8fc6db195bf4a023aed27ba77b2f177de3364a312b7b4ff760ac

Request headers

Referer: https://www.guestreservations.com/boost/site-compressed.1720470000.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 13:51:46 GMT
server: cloudflare
age: 92610
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a312c8bed777145-YUL
content-length: 485
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 arrow-down.svg
www.guestreservations.com/boost_assets/6fa385f1/images/ 3 KB
626 B 54ms
54ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/boost_assets/6fa385f1/images/arrow-down.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25a1111f66d36d8603f76f16036f2bcfc31f3a8f0168abd86209a7055bc4f0c9

Request headers

Referer: https://www.guestreservations.com/boost/site-compressed.1720470000.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 13:51:46 GMT
server: cloudflare
age: 46520
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a312c8bed797145-YUL
content-length: 506
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 about-gr-bg-home.jpg
www.guestreservations.com/images/pages/p-home/ 303 KB
304 KB 50ms
50ms Image
image/jpeg 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/about-gr-bg-home.jpg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6dd9a20ebd46e799894e6295a7c2ff2694a6c33e71c41296e32ecd35f4576f3

Request headers

Referer: https://www.guestreservations.com/boost/site-compressed.1720470000.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 1139221
cf-polished: origSize=328762
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8a312c8bed7b7145-YUL
content-length: 310465
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 next.svg
www.guestreservations.com/images/pages/p-home/ 752 B
559 B 54ms
53ms Image
image/svg+xml 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guestreservations.com/images/pages/p-home/next.svg
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19dafff03dcb32a85467ecd04cb78d54af93b6d2ba521de45f179eb307e988a7

Request headers

Referer: https://www.guestreservations.com/boost/site-compressed.1720470000.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 30 Sep 2022 19:45:58 GMT
server: cloudflare
age: 7635
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=172800
cf-ray: 8a312c8bed7c7145-YUL
expires: Tue, 16 Jul 2024 11:29:16 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 95ms
31ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 20:51:01 GMT
x-content-type-options: nosniff
age: 311895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 20:51:01 GMT

GET
H2 200 f0Xu0e2p98ZvDXdZQIOcpqjfXaUXfsEp.woff2
fonts.gstatic.com/s/hindmadurai/v11/ 14 KB
14 KB 128ms
65ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hindmadurai/v11/f0Xu0e2p98ZvDXdZQIOcpqjfXaUXfsEp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hind+Madurai:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2904bf65c98204b61d6bc88e39a22a0c77b5282c55a328997199cf5d419f8cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 13:39:39 GMT
x-content-type-options: nosniff
age: 337777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14048
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:49:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 13:39:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2580 30 KB
0 119ms
50ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.guestreservations.com
URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13471b4283cd0eef752d70c2994923d831d67a5a1c840f2a76a9c05e23f9f72f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 10:09:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 11:29:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2580 3 KB
0 119ms
50ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Hind+Madurai:wght@300;400;500&display=swap

Requested by

Host: www.guestreservations.com
URL: https://www.guestreservations.com/boost/site-compressed.1720470000.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c78708b377c4481d55502b4fc6048936b2de587596f2ab5b02fef9a915ea8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 11:29:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 11:29:16 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 277 KB
92 KB 146ms
73ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCGyzSMOtzEO7yuVY1c_XrQqOxKdZ6NZTU&libraries=places&callback=initAutocomplete&language=en

Requested by

Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

96201c3015f2927ea66e2fffb7754943ac5b5ee53584bce35f79a3f195d19535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94011
x-xss-protection: 0

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 50 KB
16 KB 136ms
63ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

769c0c15b0505b178f3a245cd21b058c38f1bb0a091ccdfb83ea159bf9da10a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 03 Jul 2024 16:35:03 GMT
server: nginx
etag: W/"66857db7-c699"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jul 2024 11:29:16 GMT

GET
H2 200 site-compressed.1720621146.js Show response
www.guestreservations.com/boost/ 422 KB
109 KB 45ms
44ms Script
application/javascript 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/boost/site-compressed.1720621146.js
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 235bc135bee5a4fc16aee750f091133ee81846cc6cc7f00eb75e59922ea06e61

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 10 Jul 2024 14:19:06 GMT
server: cloudflare
age: 288238
cf-polished: origSize=747955
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 8a312c8c8e7d7145-YUL
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2

200

main.js Show response
www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame 4447
Redirect Chain

https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

8 KB
4 KB

28ms
28ms

Script
application/javascript

2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

Requested by

Protocol

Server

2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89e00f7b24193342f0465d7b9dcbb5db531a3e44e6fc3e216c71677a0a1ff0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a312c8caede7145-YUL

Redirect headers

date: Sun, 14 Jul 2024 11:29:16 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a312c8c8e807145-YUL
content-length: 0

GET
H2 200 Simple.1710365423.js Show response
www.guestreservations.com/js/pages/layouts/ Frame 2580 605 B
354 B 34ms
32ms Script
application/javascript 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/js/pages/layouts/Simple.1710365423.js
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eacea22637ee8d18242a2377c05ad5c30eb650020bf3cb00b47c0319fe77a11

Request headers

Referer: https://www.guestreservations.com/site/searchloading
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 13 Mar 2024 21:30:23 GMT
server: cloudflare
age: 198360
cf-polished: origSize=833
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 8a312c8c9ea17145-YUL
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 Common.1720470000.js Show response
www.guestreservations.com/js/ Frame 2580 5 KB
2 KB 32ms
31ms Script
application/javascript 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/js/Common.1720470000.js
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d11c681f24a1e6d5d4bc7a663e679e59c9febe72a37119d62f07b9c3f135d38

Request headers

Referer: https://www.guestreservations.com/site/searchloading
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 08 Jul 2024 20:20:00 GMT
server: cloudflare
age: 288238
cf-polished: origSize=8474
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 8a312c8c9ea77145-YUL
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 GR.1711487088.js Show response
www.guestreservations.com/js/ Frame 2580 1 KB
652 B 35ms
34ms Script
application/javascript 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/js/GR.1711487088.js
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84b01cf41d74e1053e57cdad09e7778c7a9b1478aea43d551a48caf3f6cd27e7

Request headers

Referer: https://www.guestreservations.com/site/searchloading
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 Mar 2024 21:04:48 GMT
server: cloudflare
age: 288238
cf-polished: origSize=2340
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 8a312c8c9ea87145-YUL
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2 200 site-compressed.1720621146.js Show response
www.guestreservations.com/boost/ Frame 2580 422 KB
0 36ms
35ms Script
application/javascript 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/boost/site-compressed.1720621146.js
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 235bc135bee5a4fc16aee750f091133ee81846cc6cc7f00eb75e59922ea06e61

Request headers

Referer: https://www.guestreservations.com/site/searchloading
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 10 Jul 2024 14:19:06 GMT
server: cloudflare
age: 288238
cf-polished: origSize=747955
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 8a312c8c8e7d7145-YUL
expires: Tue, 13 Aug 2024 11:29:16 GMT

GET
H2

200

main.js Show response
www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame 6EA6
Redirect Chain

https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

8 KB
0

1ms
1ms

Script
application/javascript

2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

Requested by

Protocol

Server

2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89e00f7b24193342f0465d7b9dcbb5db531a3e44e6fc3e216c71677a0a1ff0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a312c8caede7145-YUL

Redirect headers

date: Sun, 14 Jul 2024 11:29:16 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a312c8caedb7145-YUL
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 302 KB
104 KB 106ms
43ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPMZ2WN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

787dac9144c25930e15c5709559e659b18352e0d6794ce88720b1f7490463fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105979
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 11:29:16 GMT

POST
H2 200 8a312c89b9bc7145 Show response
www.guestreservations.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4447 0
365 B 61ms
56ms XHR
text/plain 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/jsd/r/8a312c89b9bc7145
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
server: cloudflare
cf-ray: 8a312c8e29367145-YUL
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 8a312c8aebb27145 Show response
www.guestreservations.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6EA6 0
253 B 47ms
43ms XHR
text/plain 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/jsd/r/8a312c8aebb27145
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
server: cloudflare
cf-ray: 8a312c8eeaa07145-YUL
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 55 KB
19 KB 83ms
17ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60f5f911fd8f366f29390166716a1977430d5472b02b6a1298c818096d7d2aac

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:20:53 GMT
content-encoding: gzip
age: 503
x-guploader-uploadid: ACJd0NoCOsj1Yt8-GA8bu8J7_5ZPgK1F_KS843_xHDHQpo3YeeMVdAhDFy_-4EgLpIE_RisBGaY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18820
last-modified: Fri, 21 Jun 2024 22:06:07 GMT
server: UploadServer
etag: "264255e7eaaa8cfa38c236557516b1d2"
vary: Accept-Encoding
x-goog-generation: 1719007567436070
x-goog-hash: crc32c=lF4D6Q==, md5=JkJV5+qqjPo4wjZVdRax0g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=600
x-goog-stored-content-length: 18820
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 14 Jul 2024 11:30:53 GMT

GET
H2

200

main.js Show response
www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame 4447
Redirect Chain

https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

8 KB
0

0ms
0ms

Script
application/javascript

2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

Protocol

Server

2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89e00f7b24193342f0465d7b9dcbb5db531a3e44e6fc3e216c71677a0a1ff0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a312c8caede7145-YUL

Redirect headers

date: Sun, 14 Jul 2024 11:29:16 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a312c8f2afb7145-YUL
content-length: 0

GET
H2 200 favicon.ico
www.guestreservations.com/favicons/ 15 KB
2 KB 32ms
32ms Other
image/x-icon 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/favicons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90d45cfe965c1cd046dbab4bcc8636542e3796c063085e68c103c1cc01c1ba7

Request headers

Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 30 Sep 2022 19:46:02 GMT
server: cloudflare
age: 1151242
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=2592000
cf-ray: 8a312c8f3b197145-YUL
expires: Tue, 13 Aug 2024 11:29:16 GMT

POST
H2 200 attribution Show response
www.guestreservations.com/site/ 682 B
2 KB 71ms
69ms XHR
application/json 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/site/attribution
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/boost/site-compressed.1720621146.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3455757c5b19f9a7d1344b537f7ac9dc125d2b165c678fd92fac62316a804688

Request headers

Accept: */*
Referer: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
X-Requested-With: XMLHttpRequest
X-CSRF-Token: rvlNWl335tBd77y_635BcVv_WwbK-vvA6175bLQnHknisiArM7Wut2uH8vOyIXgeaYh2Q_rOyYqoN7o05FFYfw==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8a312c8f4b297145-YUL
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 104ms
41ms XHR
application/json 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCGyzSMOtzEO7yuVY1c_XrQqOxKdZ6NZTU&libraries=places&callback=initAutocomplete&language=en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.guestreservations.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/8b/ 255 KB
56 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/8b/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCGyzSMOtzEO7yuVY1c_XrQqOxKdZ6NZTU&libraries=places&callback=initAutocomplete&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f60252a22cba461f4734f1791814e380a93de6302c1f00f8bb2ca01f5f6ed008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57087
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:20:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jul 2025 11:23:53 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/8b/ 185 KB
57 KB 44ms
43ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/8b/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCGyzSMOtzEO7yuVY1c_XrQqOxKdZ6NZTU&libraries=places&callback=initAutocomplete&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

542f11e269ce7433a539d7e0c12342f8a98978cca08046ea0abd703ffb9a7c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57778
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:20:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jul 2025 11:09:11 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/8b/ 95 KB
25 KB 63ms
62ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/8b/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCGyzSMOtzEO7yuVY1c_XrQqOxKdZ6NZTU&libraries=places&callback=initAutocomplete&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63692357ab70c4f1b1750238d5b65c3569efb9fc2e581ade236eccbee4f67e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25385
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:20:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jul 2025 06:02:12 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/8b/ 47 KB
14 KB 39ms
38ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/8b/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCGyzSMOtzEO7yuVY1c_XrQqOxKdZ6NZTU&libraries=places&callback=initAutocomplete&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7925dd2ac2e11a41dc121b5177c9a7d50c6084f375e9d30ef2ba58fe36f501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 07:02:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:20:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jul 2025 07:02:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 2580 302 KB
0 106ms
43ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPMZ2WN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

787dac9144c25930e15c5709559e659b18352e0d6794ce88720b1f7490463fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105979
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 11:29:16 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ Frame 2580 55 KB
0 0ms
0ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60f5f911fd8f366f29390166716a1977430d5472b02b6a1298c818096d7d2aac

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:20:53 GMT
content-encoding: gzip
age: 503
x-guploader-uploadid: ACJd0NoCOsj1Yt8-GA8bu8J7_5ZPgK1F_KS843_xHDHQpo3YeeMVdAhDFy_-4EgLpIE_RisBGaY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18820
last-modified: Fri, 21 Jun 2024 22:06:07 GMT
server: UploadServer
etag: "264255e7eaaa8cfa38c236557516b1d2"
vary: Accept-Encoding
x-goog-generation: 1719007567436070
x-goog-hash: crc32c=lF4D6Q==, md5=JkJV5+qqjPo4wjZVdRax0g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=600
x-goog-stored-content-length: 18820
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 14 Jul 2024 11:30:53 GMT

GET
H2

200

main.js Show response
www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame 6EA6
Redirect Chain

https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

8 KB
0

0ms
0ms

Script
application/javascript

2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

Protocol

Server

2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89e00f7b24193342f0465d7b9dcbb5db531a3e44e6fc3e216c71677a0a1ff0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a312c8caede7145-YUL

Redirect headers

date: Sun, 14 Jul 2024 11:29:16 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a312c8fcbf67145-YUL
content-length: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame 2A74 0
0 95ms
32ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.guestreservations.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.guestreservations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jul 2024 11:29:16 GMT
server: Kestrel
server-processing-duration-in-ticks: 340440
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 123ms
29ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jul 2024 11:29:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=12, mss=1297, tbw=2801, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 7ZRQjuIr6HqiJo+IFr5/R1IQfmLdTt7wVnjJ8Bu8NQPwXes47mg96VI3uFv/sSL+RzBaCxbPxgAllTqTCkAJfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
103 KB 49ms
47ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WF186HV3S4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPMZ2WN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1aa9571d35b6cc7e086c487f5dfc09aca517394b97ad931e6bb9a0a551938b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105072
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 11:29:16 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 58ms
56ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-932451100&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPMZ2WN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6b66f00e52a75c6b0644d8b587cf8a0b35c5c63cfcdef465cbf764a20bbfe66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83655
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 11:29:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 101ms
31ms Script
text/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPMZ2WN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jul 2024 10:01:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5293
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 14 Jul 2024 12:01:03 GMT

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 5 KB
2 KB 134ms
16ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPMZ2WN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

279d4b267a20f959b80f18538f40c5f0a28625cc13d48f7350e97f04b8b3639c

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:16 GMT
age: 128416
x-cache: HIT, HIT
content-length: 1129
x-served-by: cache-lga21921-LGA, cache-yul1970025-YUL
server: nginx
x-timer: S1720956557.923319,VS0,VE0
etag: "e97823afa50dc14edd06285737b99b93"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
content-type: application/javascript
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 4, 320

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 126ms
40ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 14 Jul 2024 11:29:16 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B855750EDD241D2ADF57EDBEF846B27 Ref B: YMQ01EDGE0518 Ref C: 2024-07-14T11:29:16Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2580 223 KB
0 69ms
69ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jul 2024 11:29:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=12, mss=1297, tbw=2801, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 7ZRQjuIr6HqiJo+IFr5/R1IQfmLdTt7wVnjJ8Bu8NQPwXes47mg96VI3uFv/sSL+RzBaCxbPxgAllTqTCkAJfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 2580 307 KB
0 2ms
2ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WF186HV3S4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPMZ2WN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1aa9571d35b6cc7e086c487f5dfc09aca517394b97ad931e6bb9a0a551938b6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105072
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 11:29:16 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame 2580 226 KB
0 11ms
11ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-932451100&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPMZ2WN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6b66f00e52a75c6b0644d8b587cf8a0b35c5c63cfcdef465cbf764a20bbfe66

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: br
last-modified: Sun, 14 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83655
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 11:29:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2580 52 KB
0 56ms
56ms Script
text/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPMZ2WN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5293
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 14 Jul 2024 12:01:03 GMT

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ Frame 2580 5 KB
82 B 106ms
17ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPMZ2WN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

279d4b267a20f959b80f18538f40c5f0a28625cc13d48f7350e97f04b8b3639c

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
via: 1.1 varnish
content-encoding: br
content-security-policy: object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
age: 128416
x-cache: HIT
content-length: 1129
x-served-by: cache-yul1970025-YUL
server: nginx
x-timer: S1720956557.940101,VS0,VE0
etag: "e97823afa50dc14edd06285737b99b93"
vary: Accept-Encoding
access-control-allow-methods: GET
content-language: en-us
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
access-control-max-age: 86400
accept-ranges: bytes
access-control-allow-headers
allow: OPTIONS, GET
x-cache-hits: 321

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 2580 49 KB
0 81ms
81ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/?membercode=d6da3783cc1e8a110ad4bbfedf5c93e3&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20%28Insiders%29&utm_term=sms_popup&_kx=8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B855750EDD241D2ADF57EDBEF846B27 Ref B: YMQ01EDGE0518 Ref C: 2024-07-14T11:29:16Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

POST
H2 200 8a312c89b9bc7145 Show response
www.guestreservations.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4447 0
277 B 46ms
41ms XHR
text/plain 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/jsd/r/8a312c89b9bc7145
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
server: cloudflare
cf-ray: 8a312c90ed927145-YUL
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 101ms
31ms Image
image/png 2607:f8b0:4004:c0b::78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::78 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Sun, 14 Jul 2024 11:29:17 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 100ms
32ms Image
image/png 2607:f8b0:4004:c0b::78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::78 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Sun, 14 Jul 2024 11:29:17 GMT

POST
H2 200 8a312c8aebb27145 Show response
www.guestreservations.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6EA6 0
386 B 40ms
35ms XHR
text/plain 2606:4700::6812:924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guestreservations.com/cdn-cgi/challenge-platform/h/g/jsd/r/8a312c8aebb27145
Requested by: Host: www.guestreservations.com
URL: https://www.guestreservations.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
server: cloudflare
cf-ray: 8a312c91ef027145-YUL
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 fender_analytics.f692ee00c71150d7db91.js Show response
static-tracking.klaviyo.com/onsite/js/ 31 KB
13 KB 115ms
16ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: 41Y2RTP149KA3F25
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12748
x-amz-id-2: mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by: cache-lga21947-LGA, cache-yul1970050-YUL
last-modified: Thu, 11 Apr 2024 15:48:20 GMT
server: AmazonS3
etag: "cb6418619f08d5e582cf68f2d2432438"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f762585ddd3a013913c4e420e75aa2819d1084f2
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 31, 66472

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
1 KB 118ms
19ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: pOOHfwEpxidpf1C5y5x2xTnzSKHLx9Qw
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: ENY9D5YSSWTZMA0V
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 1029
x-amz-id-2: 7YTZXjqkIvOweXIi7oeSA0xceDuWnmsMjEiNKqUFwDsP8LixUujiplLZJYiO/I8qfIFeO9cu6W1SD2AsFigCFg==
x-served-by: cache-lga21976-LGA, cache-yul1970050-YUL
last-modified: Wed, 03 Apr 2024 02:24:08 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a2a09d2f114724cda111ccd8470493362b1982e3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 29, 68364

GET
H2 200 runtime.765ff78e9894f774c2b4.js Show response
static.klaviyo.com/onsite/js/ 20 KB
8 KB 50ms
16ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.765ff78e9894f774c2b4.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8f8c0775cc2ea1769238d75afb9f2af2108e115eadd7e26bdace4e48de9b19b

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 08T5eBkGgVEwE7Dlo2aL9lUWz2jOTXjT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: C6TPXJF0XZ0PW9PA
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7694
x-amz-id-2: jA9nmQ6C+ZMPLNY0GP61q6ts3NqdiTzQROPFJG6o4nTvNKPqlQ2Q0oZLtVUUpB0LlbuUC+B7kNE=
x-served-by: cache-lga21947-LGA, cache-yul1970037-YUL
last-modified: Fri, 12 Jul 2024 18:29:33 GMT
server: AmazonS3
etag: "9a28566b6cf85f3a7f7c50956b1a4c51"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 5951a217769c58abb4323a4ac993e2aaaacfdc16
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 76, 78879

GET
H2 200 sharedUtils.58c71a5d906c1c27c8e6.js Show response
static.klaviyo.com/onsite/js/ 48 KB
18 KB 55ms
21ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.58c71a5d906c1c27c8e6.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: o9Gxi82ssAY3LmtpboI_VmbWr6MYr.Qk
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: G2MHZSBE7Q3NBPST
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 17916
x-amz-id-2: hhHuk5iXl472L1KBl30N17+3CN3zzL2h6SMZr8TGiTqPNVkW5u+BxLB0D7cl5x1qOa69YXELbV0=
x-served-by: cache-lga21941-LGA, cache-yul1970037-YUL
last-modified: Wed, 03 Jul 2024 09:05:31 GMT
server: AmazonS3
etag: "6cc01be3baf017cfa85878bcac0f9e8f"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 5e2dfa1baa2ac2516067bb4cb997bfddff5620ed
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 467051, 72160

GET
H2 200 vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js Show response
static.klaviyo.com/onsite/js/ 12 KB
4 KB 50ms
17ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: vGozH.9bNMyrGJQ5qG7mtod421iljxvE
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: FP39ZZ7DD4PBTZXP
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4100
x-amz-id-2: wqnyc/DHh3rEXu9J/18NoNPCTNXgRDNZ31RNRUK+TKtxfZ5irM2YF6isQBAT3S6mbr8fq0bLn9oCUUR0es6whI2obfb2GCpj4VjKZIauHnI=
x-served-by: cache-lga21980-LGA, cache-yul1970037-YUL
last-modified: Wed, 26 Jun 2024 03:30:09 GMT
server: AmazonS3
etag: "9ffe3c33ee0912112ebffc1673dcb79e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 3f0055c9d229453efee4852b630cdd0f12e6375e
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 835065, 57013

GET
H2 200 vendors~signup_forms.02363fe5acd5fa75cb6b.js Show response
static.klaviyo.com/onsite/js/ 21 KB
7 KB 53ms
20ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Mekwof6XjI4q2BHYhTSsMqFmFe4SDBfo
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: RC1EAVJFCYCYTEDW
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 6996
x-amz-id-2: hXz2idQOMfvufPQKWZX9zk3PUt+OZnC/NjRGF7CqBFcdHgDlBey9v48kAMOPi/ieP96Pmm9RUjHnRiSsZxSO8IqTE5wpOq6A
x-served-by: cache-lga21949-LGA, cache-yul1970037-YUL
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "61ccc2011600d4f458768ffe94ddb555"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 1, 56419

GET
H2 200 default~signup_forms~onsite-triggering.880bde204b8ee5a4bc37.js Show response
static.klaviyo.com/onsite/js/ 32 KB
9 KB 51ms
18ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.880bde204b8ee5a4bc37.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 914f159ab6f0a08a1cec049c6ed2b02c6dce9a3c6a5d7103c1028baf5c6ddfcd

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: TCLdJkL8Iy0EL9kJPG2XU3Ulc0EcHiYO
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: CPRP7MF7AHSYEWER
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9251
x-amz-id-2: l0ozQ6LhzI0QJ2qQ8NlubwXKpVFMEIUuoPByJZARCUQQstPH1mf16K7R9fasrlb/iNTN3TvJjF/eidQgRixc35EZNsNmmsKcBHPQS18HQKo=
x-served-by: cache-lga21940-LGA, cache-yul1970037-YUL
last-modified: Tue, 02 Jul 2024 18:50:16 GMT
server: AmazonS3
etag: "d6b76df89ecf86204b5fe867d284de34"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: c4f147782cde260d619a1c566ff3b2560e3ad660
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 422786, 57198

GET
H2 200 signup_forms.6a972a58c16254a9f1c7.js Show response
static.klaviyo.com/onsite/js/ 14 KB
6 KB 51ms
18ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.6a972a58c16254a9f1c7.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4f459599d92979623b52c45d6b3775486f92cb00db55621b43799cfd91bf98f

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: bQ2zCRyZKHh.rDJ1xI_V0BLETa9p9yAu
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: XB5KNB0S4CZMK3XP
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5138
x-amz-id-2: Fu134mf2p8y4q4ahgn0Dld8hhdu6CEIgNaRdH8F5QSURuwehsLpLtLCbR5Sgu2uU4nzuUbMdQI4=
x-served-by: cache-lga21931-LGA, cache-yul1970037-YUL
last-modified: Thu, 27 Jun 2024 16:31:42 GMT
server: AmazonS3
etag: "eed975187f707457bafc3d36797f3ab1"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: dab50ba5f2ff41d14ab217987084867b2749f75b
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 68, 57135

GET
H2 200 vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js Show response
static-tracking.klaviyo.com/onsite/js/ 12 KB
4 KB 117ms
20ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Ez16MoxhPquxXdlhYF9sWgpH9m1QDXhm
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: RC1EZRKKZWTXDW24
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4100
x-amz-id-2: MqhXEwKiXe6X1bphLEN6vMIIWM4vaKqWPMirlu2SOxo7AUNF6VpDi3rnIjq1A7oSrVGmSnW3pZyvbfsTVB3cfCkxjN+deUn8
x-served-by: cache-lga21953-LGA, cache-yul1970050-YUL
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "9ffe3c33ee0912112ebffc1673dcb79e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 20, 17869

GET
H2 200 post_identification_sync.80a9838e5269fa405bb8.js Show response
static-tracking.klaviyo.com/onsite/js/ 7 KB
3 KB 115ms
19ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/post_identification_sync.80a9838e5269fa405bb8.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96d715821d79f29e15ed8399d28692157edd63f1a966c84a2316acc0da1619a0

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: _roiCG8wE3ZGGDTdwT0MUHk.uQpTeGs8
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: RC16GQ80K31MP7S6
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 2769
x-amz-id-2: X9oMqXSPn8AXqhPS7mrJwK0tzuWGLxSq7Kgs9VyGbKJno52sQbQFaZI0Cd6XM/1Qu507OWv7Ieo=
x-served-by: cache-lga21943-LGA, cache-yul1970050-YUL
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "580450955a7b959e14e1797859dce4cc"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 19, 17823

GET
H2 200 5267870.js Show response
bat.bing.com/p/action/ 334 B
407 B 40ms
40ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5267870.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 14 Jul 2024 11:29:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15494797B4E6448AA398D3909B9D8EE5 Ref B: YMQ01EDGE0518 Ref C: 2024-07-14T11:29:17Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
228 B 40ms
39ms XHR
text/plain 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=480257362&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&ul=en-ca&de=UTF-8&dt=Guest%20Reservations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=641929096&gjid=211693677&cid=1256669138.1720956557&tid=UA-77275451-1&_gid=2125105091.1720956557&_r=1&_slc=1&gtm=45He4790n81NPMZ2WNv810202438za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=608281021

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8bf4d7107e7a11d6bf6902d0961ec298c8c01955c24d8217c37ba13078226d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guestreservations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 99ms
38ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WF186HV3S4&gtm=45je4790v9123625958z8810202438za200zb810202438&_p=1720956556360&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1256669138.1720956557&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720956557&sct=1&seg=0&dl=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&dt=Guest%20Reservations&en=page_view&_fv=1&_ss=1&tfd=1591&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WF186HV3S4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guestreservations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
261 B 106ms
39ms Ping
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WF186HV3S4&cid=1256669138.1720956557&gtm=45je4790v9123625958z8810202438za200zb810202438&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WF186HV3S4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guestreservations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 76ms
42ms Image
image/gif 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WF186HV3S4&cid=1256669138.1720956557&gtm=45je4790v9123625958z8810202438za200zb810202438&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1980501031

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 256876330774315 Show response
connect.facebook.net/signals/config/ Frame 2580 60 KB
12 KB 31ms
30ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/256876330774315?v=2.9.161&r=stable&domain=www.guestreservations.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa22f8d5db95e69e351372a1c253992ae45749007a451992c9e9f0fb946d9870

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jul 2024 11:29:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12295
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=65, mss=1297, tbw=64186, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: ZYtGJdf5h+vmeHT1Kr3L/Z6LQl8voSO9NT9VnwXTFFP5vZkYIlD9I1L5CkFsArw0hRYnYcPysV76bfpKRZH2kA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 256876330774315 Show response
connect.facebook.net/signals/config/ 60 KB
0 29ms
29ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa22f8d5db95e69e351372a1c253992ae45749007a451992c9e9f0fb946d9870

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jul 2024 11:29:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12295
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=65, mss=1297, tbw=64186, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: ZYtGJdf5h+vmeHT1Kr3L/Z6LQl8voSO9NT9VnwXTFFP5vZkYIlD9I1L5CkFsArw0hRYnYcPysV76bfpKRZH2kA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/932451100/ 4 KB
2 KB 110ms
49ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932451100/?random=1720956557185&cv=11&fst=1720956557185&bg=ffffff&guid=ON&async=1&gtm=45be4790z8810202438za201zb810202438&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&hn=www.googleadservices.com&frm=0&tiba=Guest%20Reservations&npa=0&pscdl=noapi&auid=1976860967.1720956557&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-932451100&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

41cdfd8938196e10e2bfb0968a7b3a2714173110dd8d14ba9a2cf2f64086db2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1549
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5267870.js Show response
bat.bing.com/p/action/ Frame 2580 334 B
0 0ms
0ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5267870.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15494797B4E6448AA398D3909B9D8EE5 Ref B: YMQ01EDGE0518 Ref C: 2024-07-14T11:29:17Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 2580 15 B
35 B 40ms
39ms XHR
text/plain 142.251.163.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1285503282&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guestreservations.com%2Fsite%2Fsearchloading&ul=en-ca&de=UTF-8&dt=Searching%20-%20Rooms%20And%20Rates%20-%20Guest%20Reservations&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAEABAAAAACAAI~&jid=&gjid=&cid=1256669138.1720956557&tid=UA-77275451-1&_gid=2125105091.1720956557&_slc=1&gtm=45He4790n81NPMZ2WNv810202438za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=741737476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8bf4d7107e7a11d6bf6902d0961ec298c8c01955c24d8217c37ba13078226d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guestreservations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 9 KB
4 KB 130ms
50ms Script
application/x-javascript 74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=57373&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd%26ui_target%3Dyes&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=LtMF419JdGV1V2VrRmp5QlFNYlcxVjZ2RFBsUHNsMmxVMmR4M2hPUEFmM0tuR09LTWhPVVpPUzRGWW1GVDZTdnlXOTNGR01tZTJUdUtRNVVic2QwdTJ4NVFqRHVBYjhJM0l1cDVqNlJ2S1BaUVhBM1dMb0tkdSUyRnZxQWlVSzZ0QWdLUWx4c1FONHZsOUQybFRmTDhxVGF5UXpraVQzYmxEMlNCdkp1RTFXbmlKTjB4ZyUzRA&tld=guestreservations.com&fu=https%253A%252F%252Fwww.guestreservations.com%252F%253Fmembercode%253Dd6da3783cc1e8a110ad4bbfedf5c93e3%2526utm_source%253DKlaviyo%2526utm_medium%253Dcampaign%2526utm_campaign%253DPDM%2525206%25252F26%25252F24%252520Paris%252520Stays%252520for%2525202024%252520Olympics%252520-%252520Previous%252520International%252520Bookers%252520%252528Insiders%252529%2526utm_term%253Dsms_popup%2526_kx%253D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&ceid=4fbd0af6-30cf-4ff4-bfbd-fcfa6e42d785

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8746d73f137aff56ff961d3c1c716dfb4d9d81509e3bb7d8c2a3927d3e191cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 20783829
timing-allow-origin: *
expires: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/932451100/ Frame 2580 5 KB
2 KB 74ms
62ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932451100/?random=1720956557239&cv=11&fst=1720956557239&bg=ffffff&guid=ON&async=1&gtm=45be4790z8810202438za201zb810202438&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&ref=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&hn=www.googleadservices.com&frm=1&tiba=Searching%20-%20Rooms%20And%20Rates%20-%20Guest%20Reservations&npa=0&pscdl=noapi&auid=1976860967.1720956557&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-932451100&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

09267582c342f0338e98938713268014ede54f4f51691fd3e7db7bdd48896577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1577
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fender_analytics.f692ee00c71150d7db91.js Show response
static-tracking.klaviyo.com/onsite/js/ Frame 2580 31 KB
0 0ms
0ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: 41Y2RTP149KA3F25
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12748
x-amz-id-2: mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by: cache-lga21947-LGA, cache-yul1970050-YUL
last-modified: Thu, 11 Apr 2024 15:48:20 GMT
server: AmazonS3
etag: "cb6418619f08d5e582cf68f2d2432438"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f762585ddd3a013913c4e420e75aa2819d1084f2
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 31, 66472

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ Frame 2580 2 KB
0 2ms
2ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: pOOHfwEpxidpf1C5y5x2xTnzSKHLx9Qw
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: ENY9D5YSSWTZMA0V
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 1029
x-amz-id-2: 7YTZXjqkIvOweXIi7oeSA0xceDuWnmsMjEiNKqUFwDsP8LixUujiplLZJYiO/I8qfIFeO9cu6W1SD2AsFigCFg==
x-served-by: cache-lga21976-LGA, cache-yul1970050-YUL
last-modified: Wed, 03 Apr 2024 02:24:08 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a2a09d2f114724cda111ccd8470493362b1982e3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 29, 68364

GET
H2 200 runtime.765ff78e9894f774c2b4.js Show response
static.klaviyo.com/onsite/js/ Frame 2580 20 KB
0 2ms
2ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.765ff78e9894f774c2b4.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8f8c0775cc2ea1769238d75afb9f2af2108e115eadd7e26bdace4e48de9b19b

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 08T5eBkGgVEwE7Dlo2aL9lUWz2jOTXjT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: C6TPXJF0XZ0PW9PA
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7694
x-amz-id-2: jA9nmQ6C+ZMPLNY0GP61q6ts3NqdiTzQROPFJG6o4nTvNKPqlQ2Q0oZLtVUUpB0LlbuUC+B7kNE=
x-served-by: cache-lga21947-LGA, cache-yul1970037-YUL
last-modified: Fri, 12 Jul 2024 18:29:33 GMT
server: AmazonS3
etag: "9a28566b6cf85f3a7f7c50956b1a4c51"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 5951a217769c58abb4323a4ac993e2aaaacfdc16
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 76, 78879

GET
H2 200 sharedUtils.58c71a5d906c1c27c8e6.js Show response
static.klaviyo.com/onsite/js/ Frame 2580 48 KB
0 2ms
2ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.58c71a5d906c1c27c8e6.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: o9Gxi82ssAY3LmtpboI_VmbWr6MYr.Qk
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: G2MHZSBE7Q3NBPST
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 17916
x-amz-id-2: hhHuk5iXl472L1KBl30N17+3CN3zzL2h6SMZr8TGiTqPNVkW5u+BxLB0D7cl5x1qOa69YXELbV0=
x-served-by: cache-lga21941-LGA, cache-yul1970037-YUL
last-modified: Wed, 03 Jul 2024 09:05:31 GMT
server: AmazonS3
etag: "6cc01be3baf017cfa85878bcac0f9e8f"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 5e2dfa1baa2ac2516067bb4cb997bfddff5620ed
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 467051, 72160

GET
H2 200 vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js Show response
static.klaviyo.com/onsite/js/ Frame 2580 12 KB
0 2ms
2ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: vGozH.9bNMyrGJQ5qG7mtod421iljxvE
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: FP39ZZ7DD4PBTZXP
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4100
x-amz-id-2: wqnyc/DHh3rEXu9J/18NoNPCTNXgRDNZ31RNRUK+TKtxfZ5irM2YF6isQBAT3S6mbr8fq0bLn9oCUUR0es6whI2obfb2GCpj4VjKZIauHnI=
x-served-by: cache-lga21980-LGA, cache-yul1970037-YUL
last-modified: Wed, 26 Jun 2024 03:30:09 GMT
server: AmazonS3
etag: "9ffe3c33ee0912112ebffc1673dcb79e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 3f0055c9d229453efee4852b630cdd0f12e6375e
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 835065, 57013

GET
H2 200 vendors~signup_forms.02363fe5acd5fa75cb6b.js Show response
static.klaviyo.com/onsite/js/ Frame 2580 21 KB
0 3ms
3ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Mekwof6XjI4q2BHYhTSsMqFmFe4SDBfo
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: RC1EAVJFCYCYTEDW
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 6996
x-amz-id-2: hXz2idQOMfvufPQKWZX9zk3PUt+OZnC/NjRGF7CqBFcdHgDlBey9v48kAMOPi/ieP96Pmm9RUjHnRiSsZxSO8IqTE5wpOq6A
x-served-by: cache-lga21949-LGA, cache-yul1970037-YUL
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "61ccc2011600d4f458768ffe94ddb555"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 1, 56419

GET
H2 200 default~signup_forms~onsite-triggering.880bde204b8ee5a4bc37.js Show response
static.klaviyo.com/onsite/js/ Frame 2580 32 KB
0 3ms
3ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.880bde204b8ee5a4bc37.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 914f159ab6f0a08a1cec049c6ed2b02c6dce9a3c6a5d7103c1028baf5c6ddfcd

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: TCLdJkL8Iy0EL9kJPG2XU3Ulc0EcHiYO
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: CPRP7MF7AHSYEWER
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9251
x-amz-id-2: l0ozQ6LhzI0QJ2qQ8NlubwXKpVFMEIUuoPByJZARCUQQstPH1mf16K7R9fasrlb/iNTN3TvJjF/eidQgRixc35EZNsNmmsKcBHPQS18HQKo=
x-served-by: cache-lga21940-LGA, cache-yul1970037-YUL
last-modified: Tue, 02 Jul 2024 18:50:16 GMT
server: AmazonS3
etag: "d6b76df89ecf86204b5fe867d284de34"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: c4f147782cde260d619a1c566ff3b2560e3ad660
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 422786, 57198

GET
H2 200 signup_forms.6a972a58c16254a9f1c7.js Show response
static.klaviyo.com/onsite/js/ Frame 2580 14 KB
0 3ms
3ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.6a972a58c16254a9f1c7.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4f459599d92979623b52c45d6b3775486f92cb00db55621b43799cfd91bf98f

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: bQ2zCRyZKHh.rDJ1xI_V0BLETa9p9yAu
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: XB5KNB0S4CZMK3XP
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5138
x-amz-id-2: Fu134mf2p8y4q4ahgn0Dld8hhdu6CEIgNaRdH8F5QSURuwehsLpLtLCbR5Sgu2uU4nzuUbMdQI4=
x-served-by: cache-lga21931-LGA, cache-yul1970037-YUL
last-modified: Thu, 27 Jun 2024 16:31:42 GMT
server: AmazonS3
etag: "eed975187f707457bafc3d36797f3ab1"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: dab50ba5f2ff41d14ab217987084867b2749f75b
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 68, 57135

GET
H2 200 vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js Show response
static-tracking.klaviyo.com/onsite/js/ Frame 2580 12 KB
0 3ms
3ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Ez16MoxhPquxXdlhYF9sWgpH9m1QDXhm
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: RC1EZRKKZWTXDW24
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4100
x-amz-id-2: MqhXEwKiXe6X1bphLEN6vMIIWM4vaKqWPMirlu2SOxo7AUNF6VpDi3rnIjq1A7oSrVGmSnW3pZyvbfsTVB3cfCkxjN+deUn8
x-served-by: cache-lga21953-LGA, cache-yul1970050-YUL
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "9ffe3c33ee0912112ebffc1673dcb79e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 20, 17869

GET
H2 200 post_identification_sync.80a9838e5269fa405bb8.js Show response
static-tracking.klaviyo.com/onsite/js/ Frame 2580 7 KB
0 3ms
3ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/post_identification_sync.80a9838e5269fa405bb8.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VHVDfn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96d715821d79f29e15ed8399d28692157edd63f1a966c84a2316acc0da1619a0

Request headers

Referer: https://www.guestreservations.com/
Origin: https://www.guestreservations.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: _roiCG8wE3ZGGDTdwT0MUHk.uQpTeGs8
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: RC16GQ80K31MP7S6
age: 128416
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 2769
x-amz-id-2: X9oMqXSPn8AXqhPS7mrJwK0tzuWGLxSq7Kgs9VyGbKJno52sQbQFaZI0Cd6XM/1Qu507OWv7Ieo=
x-served-by: cache-lga21943-LGA, cache-yul1970050-YUL
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "580450955a7b959e14e1797859dce4cc"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 19, 17823

POST
H2 204 collect
analytics.google.com/g/ Frame 2580 0
0 40ms
39ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WF186HV3S4&gtm=45je4790v9123625958z8810202438za200zb810202438&_p=1720956556755&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1256669138.1720956557&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_s=1&sid=1720956557&sct=1&seg=1&dl=https%3A%2F%2Fwww.guestreservations.com%2Fsite%2Fsearchloading&dr=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&dt=Searching%20-%20Rooms%20And%20Rates%20-%20Guest%20Reservations&en=page_view&tfd=1308&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WF186HV3S4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guestreservations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
94 KB 52ms
52ms Script
application/javascript 172.253.122.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L69JFWQLLZ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b9197061279dd713e755d7aced49bd5932b2411f9c7a5e4e362b07060479a4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96377
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 11:29:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2580 267 KB
0 50ms
50ms Script
application/javascript 172.253.122.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L69JFWQLLZ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b9197061279dd713e755d7aced49bd5932b2411f9c7a5e4e362b07060479a4fd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96377
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 11:29:17 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 2580 0
274 B 121ms
29ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=256876330774315&ev=PageView&dl=https%3A%2F%2Fwww.guestreservations.com%2Fsite%2Fsearchloading&rl=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&if=true&ts=1720956557304&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720956557302.383576939162348090&cdl=API_unavailable&it=1720956557168&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=2854, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jul 2024 11:29:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 2580 67 B
1019 B 218ms
126ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=256876330774315&ev=PageView&dl=https%3A%2F%2Fwww.guestreservations.com%2Fsite%2Fsearchloading&rl=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&if=true&ts=1720956557304&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720956557302.383576939162348090&cdl=API_unavailable&it=1720956557168&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xcccc3cca34aceddc","source_keys":["1","2"]},{"key_piece":"0x55a39d3b9bdc73a3","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 14 Jul 2024 11:29:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391452131917870632", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=16, mss=1297, tbw=7008, tp=-1, tpl=-1, uplat=95, ullat=0
pragma: no-cache
x-fb-debug: I6UuHGK3ejeciZtjrnnmtZTdZXq8q+AzqlCkuyiYvjZ5CyTTI6pvpWjk7pbwmLvR7aaATsQzxSTU4lbymVsLlQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391452131917870632"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
362 B 41ms
40ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5267870&Ver=2&mid=4c25bedc-778f-4554-8231-41e4955b3126&sid=4e3a33c041d411ef82ec0b1b0bfe78ff&vid=4e3a6b1041d411efb51c15bc1d2891fc&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Guest%20Reservations&p=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&r=&lt=802&evt=pageLoad&sv=1&cdb=AQAQ&rn=539803

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 Jul 2024 11:29:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F9D7FDDFAD794A9C9CBD6E96965652F1 Ref B: YMQ01EDGE0518 Ref C: 2024-07-14T11:29:17Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 2 KB
1 KB 94ms
16ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=VHVDfn

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5a9335ada7bf1f825312acc02f9301b384e92ae20b5c0342341b2df3955f7ca8

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
strict-transport-security: max-age=900
age: 12280165
x-cache: HIT, HIT
content-length: 457
x-served-by: cache-bos4671-BOS, cache-yul1970042-YUL
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=10
access-control-allow-credentials: true
vary: Accept-Encoding, Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 2773, 1414

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/VHVDfn/ 31 KB
5 KB 93ms
17ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/VHVDfn/full-forms
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce741c03d00df9d5db30346c8cde89321e66ebc1f27d7e8b54566dd68ae4b8ce

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2jAiv43HMVTAGYqV7kN91JQIQPZd5tL3
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
x-amz-request-id: D5QQJHWAH0VNMM99
age: 296318
x-amz-server-side-encryption: AES256
x-cache: HIT
client-geo-continent: NA
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/VHVDfn custom-fonts/VHVDfn
content-length: 4614
x-amz-id-2: 8LgzP6eV+Y/cKGyd7Yd/5aU18kRGwWKKoYa6YOSdWRthyTo3wEOtnSXTVjxk8LF/CPnf+MST6tQ=
x-served-by: cache-yul1970026-YUL
client-geo-country: CA
last-modified: Thu, 11 Jul 2024 01:10:38 GMT
server: AmazonS3
x-timer: S1720956557.413395,VS0,VE0
etag: "b8f4f177e2b8644d92e37e793e7b4c83"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 839

GET
H2 204 0
bat.bing.com/action/ Frame 2580 0
232 B 41ms
41ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5267870&Ver=2&mid=2b077a05-6067-4f60-8963-fea2407521ac&sid=4e3a33c041d411ef82ec0b1b0bfe78ff&vid=4e3a6b1041d411efb51c15bc1d2891fc&vids=0&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Searching%20-%20Rooms%20And%20Rates%20-%20Guest%20Reservations&p=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&r=&lt=276&evt=pageLoad&ifm=1&sv=1&cdb=AQAQ&rn=191758

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 Jul 2024 11:29:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 38D709EBFEAC42CDA04FC7FEBFB8A2DD Ref B: YMQ01EDGE0518 Ref C: 2024-07-14T11:29:17Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 91ms
31ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=256876330774315&ev=PageView&dl=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&rl=&if=false&ts=1720956557336&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720956557302.383576939162348090&ler=empty&cdl=API_unavailable&it=1720956557174&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=3141, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jul 2024 11:29:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 185ms
125ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=256876330774315&ev=PageView&dl=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&rl=&if=false&ts=1720956557336&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720956557302.383576939162348090&ler=empty&cdl=API_unavailable&it=1720956557174&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xcccc3cca34aceddc","source_keys":["1","2"]},{"key_piece":"0x55a39d3b9bdc73a3","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 14 Jul 2024 11:29:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391452130354636638", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=16, mss=1297, tbw=3297, tp=-1, tpl=-1, uplat=94, ullat=0
pragma: no-cache
x-fb-debug: +uDUpZvFEiKhlJ3vugJ5cjikMlbomgiSwbMWwdde/JSMcBlTw61g/3q0P2eqITKydWsqBCX30o4jStE5k7ySPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391452130354636638"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ Frame 2580 2 KB
512 B 98ms
17ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=VHVDfn

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5a9335ada7bf1f825312acc02f9301b384e92ae20b5c0342341b2df3955f7ca8

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 11:29:17 GMT
strict-transport-security: max-age=900
age: 12280165
x-cache: HIT, HIT
content-length: 457
x-served-by: cache-bos4671-BOS, cache-yul1970042-YUL
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=10
access-control-allow-credentials: true
vary: Accept-Encoding, Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 2773, 1415

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/VHVDfn/ Frame 2580 31 KB
51 B 99ms
18ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/VHVDfn/full-forms
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce741c03d00df9d5db30346c8cde89321e66ebc1f27d7e8b54566dd68ae4b8ce

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
via: 1.1 varnish
content-encoding: gzip
x-amz-version-id: 2jAiv43HMVTAGYqV7kN91JQIQPZd5tL3
age: 296318
x-amz-request-id: D5QQJHWAH0VNMM99
x-amz-server-side-encryption: AES256
x-cache: HIT
client-geo-continent: NA
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/VHVDfn custom-fonts/VHVDfn
content-length: 4614
x-amz-id-2: 8LgzP6eV+Y/cKGyd7Yd/5aU18kRGwWKKoYa6YOSdWRthyTo3wEOtnSXTVjxk8LF/CPnf+MST6tQ=
x-served-by: cache-yul1970026-YUL
client-geo-country: CA
last-modified: Thu, 11 Jul 2024 01:10:38 GMT
server: AmazonS3
x-timer: S1720956557.432050,VS0,VE0
etag: "b8f4f177e2b8644d92e37e793e7b4c83"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 840

GET
H3 200 /
www.google.com/pagead/1p-user-list/932451100/ 42 B
64 B 109ms
43ms Image
image/gif 172.253.63.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/932451100/?random=1720956557185&cv=11&fst=1720954800000&bg=ffffff&guid=ON&async=1&gtm=45be4790z8810202438za201zb810202438&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&hn=www.googleadservices.com&frm=0&tiba=Guest%20Reservations&npa=0&pscdl=noapi&auid=1976860967.1720956557&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLjBFSV_mdmednknjFuEWQsStuUoBWrg&random=922634624&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/932451100/ 42 B
64 B 46ms
44ms Image
image/gif 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/932451100/?random=1720956557185&cv=11&fst=1720954800000&bg=ffffff&guid=ON&async=1&gtm=45be4790z8810202438za201zb810202438&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&hn=www.googleadservices.com&frm=0&tiba=Guest%20Reservations&npa=0&pscdl=noapi&auid=1976860967.1720956557&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLjBFSV_mdmednknjFuEWQsStuUoBWrg&random=922634624&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/932451100/ Frame 2580 42 B
64 B 109ms
45ms Image
image/gif 172.253.63.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/932451100/?random=1720956557239&cv=11&fst=1720954800000&bg=ffffff&guid=ON&async=1&gtm=45be4790z8810202438za201zb810202438&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&ref=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&hn=www.googleadservices.com&frm=1&tiba=Searching%20-%20Rooms%20And%20Rates%20-%20Guest%20Reservations&npa=0&pscdl=noapi&auid=1976860967.1720956557&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLMP8b9rb9RzCuK36j1Dhfv9OGMOv4nA&random=135555867&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/932451100/ Frame 2580 42 B
64 B 46ms
45ms Image
image/gif 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/932451100/?random=1720956557239&cv=11&fst=1720954800000&bg=ffffff&guid=ON&async=1&gtm=45be4790z8810202438za201zb810202438&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&ref=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&hn=www.googleadservices.com&frm=1&tiba=Searching%20-%20Rooms%20And%20Rates%20-%20Guest%20Reservations&npa=0&pscdl=noapi&auid=1976860967.1720956557&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLMP8b9rb9RzCuK36j1Dhfv9OGMOv4nA&random=135555867&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 8261
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&google_cm&google_hm=ay1YT1dXVlF3dHJwYnlUQTZSWUNBMG5fX19uc2E4cFVrc...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&google_gid=CAESEJYGm7zX23FOqBoA-S2DyS0&google_cver=1&google_ula=913071,0

43 B
370 B

31ms
30ms

Image
image/gif

74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&google_gid=CAESEJYGm7zX23FOqBoA-S2DyS0&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1208085
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&google_gid=CAESEJYGm7zX23FOqBoA-S2DyS0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 8261
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-48dWBwwtrpbyTA6RYCA0n___nsa4KM07o73IDg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-48dWBwwtrpbyTA6RYCA0n___nsa4KM07o73IDg&expires=30

43 B
510 B

42ms
42ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-48dWBwwtrpbyTA6RYCA0n___nsa4KM07o73IDg&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 11:29:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-48dWBwwtrpbyTA6RYCA0n___nsa4KM07o73IDg&expires=30
Date: Sun, 14 Jul 2024 11:29:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 8261
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1010634846103465533

43 B
370 B

33ms
32ms

Image
image/gif

74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1010634846103465533

Protocol

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1307761
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
an-x-request-uuid: e758df58-c4bb-45a7-9b5e-c097cd17569b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1010634846103465533
x-proxy-origin: 167.114.209.103; 167.114.209.103; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
partner.mediawallahscript.com/ Frame 8261
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&custom=&tag_format=img&tag_action=sync&custom=&cb=03916f2a-2b6e-49a6-bd5a-fc94a0c...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-XOWWVQwtrpbyTA6RYCA0n___nsa8pUkqGMzvHg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=03916f2a-2b6e-49a...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=1010634846103465533&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=4e57e4f0-41d4-11ef-abdc-5944c6fe0e03?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=4e57e4f0-41d4-11ef-abdc-5944c6fe0e03?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=717aa5bff70cf83f0992bc905c0bc609&tag_format=img&tag_action=sync&cb=903249758
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=e1c5bea8-1987-426a-a0ec-9294aa310367&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=4e57e4f0-41d4-11ef-abdc-5944c6fe0e03&cb=1720956557978&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=cc27f9f5-5623-40e7-9e0b-f51d0cff5075&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1720956557978
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=4ecdd840-41d4-11ef-ac62-4d5969f4be60

0
406 B

32ms
32ms

Image
text/plain

54.227.40.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=4ecdd840-41d4-11ef-ac62-4d5969f4be60
Protocol: H2
Server: 54.227.40.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-40-53.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 14 Jul 2024 11:29:18 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=4ecdd840-41d4-11ef-ac62-4d5969f4be60
date: Sun, 14 Jul 2024 11:29:18 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 8261 43 B
688 B 318ms
31ms Image
image/gif 23.105.12.150
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-jB0v3wwtrpbyTA6RYCA0n___nsaI_6OAO2OO9Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8261 0
375 B 163ms
31ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-cp030QwtrpbyTA6RYCA0n___nsYjs8JwDTPW4w
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27907

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 8261 49 B
341 B 148ms
25ms Image
image/gif 195.244.31.10
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-U_4mYQwtrpbyTA6RYCA0n___nsZR41gM0eWuRg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 8261
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=VaIjdbXYwp6xImfhWT1CvNA4M8PhxiVj

62 B
581 B

247ms
105ms

Image
image/gif

23.55.200.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=VaIjdbXYwp6xImfhWT1CvNA4M8PhxiVj
Protocol: H2
Server: 23.55.200.222 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-200-222.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
bk-server: ef8f
date: Sun, 14 Jul 2024 11:29:17 GMT
content-length: 62
x-request-id: b9f1a2fbaa2e1fc0d9917dd6b6ac3835
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=VaIjdbXYwp6xImfhWT1CvNA4M8PhxiVj
date: Sun, 14 Jul 2024 11:29:16 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 846634
content-length: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 8261
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TZG0wwwtrpbyTA6RYCA0n___nsa3GYYHHLYObQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TZG0wwwtrpbyTA6RYCA0n___nsa3GYYHHLYObQ&C=1

43 B
326 B

50ms
49ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TZG0wwwtrpbyTA6RYCA0n___nsa3GYYHHLYObQ&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=76lnyUtGSihHGL7BfPpoKDE7fA%2B9Ktj9FKYjrFixNBmFZf2vALQ9EWsuByrFLQoE9U5x7Ea9VNIm2FDHFeM5VxnZal%2BoTEWrvNtK3%2F6hULFaTazRrW9EGuPfqCf1w1J%2FYmEO"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8a312c94f966ab90-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2aVig54SokRy%2B886L4TVvXqTLmcKjt87mE1q%2Fvrw7LxIuHiDSEBoHEsiETfsoECpK%2By9BKpYyiGJHfNnDaaUSbLmLrG2h%2FOD6xNUnCOz9n%2Bvp52162vN2rW%2BBVwsYz%2FCwRR"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-TZG0wwwtrpbyTA6RYCA0n___nsa3GYYHHLYObQ&C=1
cache-control: no-cache
cf-ray: 8a312c94994dab90-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 8261 43 B
662 B 299ms
31ms Image
image/gif 63.251.28.231
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-RZj1twwtrpbyTA6RYCA0n___nsY5eTItAnv4lA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.231 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Jul 2024 11:29:17 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1720956557790028-303

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 8261
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-BkH5mgwtrpbyTA6RYCA0n___nsYVLiAguHYvsw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-BkH5mgwtrpbyTA6RYCA0n___nsYVLiAguHYvsw

43 B
445 B

33ms
33ms

Image
image/gif

54.161.215.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-BkH5mgwtrpbyTA6RYCA0n___nsYVLiAguHYvsw
Protocol: H2
Server: 54.161.215.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-215-88.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 14 Jul 2024 11:29:17 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-BkH5mgwtrpbyTA6RYCA0n___nsYVLiAguHYvsw
access-control-allow-origin: *
date: Sun, 14 Jul 2024 11:29:17 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 8261
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Dy9JPwwtrpbyTA6RYCA0n___nsaKPMBCjp2GYw
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Dy9JPwwtrpbyTA6RYCA0n___nsaKPMBCjp2GYw&_li_chk=true&previous_uuid=e8a1c3d98cf84f7aa7eb9938a03fa830
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e8a1c3d9-8cf8-4f7a-a7eb-9938a03fa830
https://p.rfihub.com/cm?pub=39342&in=1&userid=f58b6dab-92d0-4afc-97bc-7382a9c060e5%3A1720956557.9011648&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Df58b6dab-92d0-4afc-97bc-7382a9c...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2018245974248784082&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Df58b6dab-92d0-4afc-97...
https://idsync.rlcdn.com/501709.gif?partner_uid=f58b6dab-92d0-4afc-97bc-7382a9c060e5%3A1720956557.9011648&_=1720956557.9035916
https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdmNThiNmRhYi05MmQwLTRhZmMtOTdiYy03MzgyYTljMDYwZTU6MTcyMDk1NjU1Ny45MDExNjQ4EAAaDQiO7c60BhIFCOgHEABCAEoA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOXrrYHLwQLwjbO8pHlzvPE&google_cver=1

42 B
60 B

49ms
49ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOXrrYHLwQLwjbO8pHlzvPE&google_cver=1
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:18 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOXrrYHLwQLwjbO8pHlzvPE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 8261 60 B
816 B 272ms
136ms Image
image/gif 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-5V9HpgwtrpbyTA6RYCA0n___nsZqjD2HWNhaXA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 11:29:17 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 60
x-mnet-hl2: E
expires: Sun, 14 Jul 2024 11:29:17 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 8261 0
966 B 133ms
32ms Image
text/html 52.202.32.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-uE21BQwtrpbyTA6RYCA0n___nsYhhbwwMqatlg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.32.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-32-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame 8261 42 B
396 B 41ms
40ms Image
image/gif 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-hxx7mQwtrpbyTA6RYCA0n___nsalMraZ3igz0w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:16 GMT
last-modified: Tue, 25 Jun 2024 19:54:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF7293A56DD7429E9C98C72FBC4BF0B4 Ref B: YMQ01EDGE0518 Ref C: 2024-07-14T11:29:17Z
etag: "df9747e39c7da1:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 8261 43 B
534 B 156ms
31ms Image
image/gif 54.84.32.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-YwcwmwwtrpbyTA6RYCA0n___nsbV2Zd6kgLp-A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.32.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-32-3.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 8261 0
360 B 149ms
29ms Image
text/plain 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-zdMmSQwtrpbyTA6RYCA0n___nsbzHUSLeI9JPw&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 251a23bfcea2d2c181de21191fc1e9b0
content-length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 8261 42 B
574 B 134ms
31ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-eAJRegwtrpbyTA6RYCA0n___nsaaAok6YvqedA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 14 Jul 2024 11:29:17 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET pixel_sync
trends.revcontent.com/cm/ Frame 8261 0
0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 8261 42 B
1 KB 263ms
33ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-DRdZEQwtrpbyTA6RYCA0n___nsYx9iui01HWOA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 8261 68 B
280 B 159ms
30ms Image
image/png 52.203.132.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-gqHNqQwtrpbyTA6RYCA0n___nsYX4Qtz9LS7ug
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.132.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-132-170.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H2 204 /
s.ad.smaato.net/c/ Frame 8261 0
308 B 143ms
42ms Image
text/plain 2600:9000:2209:6200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-fLlq0QwtrpbyTA6RYCA0n___nsbcugaZk9KwaQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:6200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
cache-control: no-cache, must-revalidate
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: WHaR8XtfO307_K_BbPIQrLO6b6h5BhUVG78G5rgXyqYFYo-MRYd9rw==
x-cache: Miss from cloudfront

GET
H2 200 um
criteo-sync.teads.tv/ Frame 8261 23 B
277 B 203ms
35ms Image
image/gif 23.50.125.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-HUIYEQwtrpbyTA6RYCA0n___nsZTP20k9RlWWQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-47.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sun, 14 Jul 2024 11:29:17 GMT
pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.1
content-length: 23
content-type: image/gif

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 8261 43 B
398 B 170ms
36ms Image
image/gif 2600:1f18:612b:4216:6ee6:2773:bd8f:e13f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-ewzfTwwtrpbyTA6RYCA0n___nsaVkiks85Aufw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:6ee6:2773:bd8f:e13f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 14 Jul 2024 11:29:17 GMT
server: nginx
content-type: image/gif

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame 8261 68 B
259 B 386ms
215ms Image
image/jpeg 2600:1408:c400:16::17d4:f81b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-YztWcAwtrpbyTA6RYCA0n___nsaXd3Vu3YdFTg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:16::17d4:f81b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sun, 14 Jul 2024 11:29:18 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.17.241:80
content-length: 68
x-xss-protection: 1; mode=block

GET
H2

200

xuid
eb2.3lift.com/ Frame 8261
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-JV0g5gwtrpbyTA6RYCA0n___nsa_sWGg-58l-g&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-JV0g5gwtrpbyTA6RYCA0n___nsa_sWGg-58l-g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
474 B

33ms
32ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-JV0g5gwtrpbyTA6RYCA0n___nsa_sWGg-58l-g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 14 Jul 2024 11:29:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-JV0g5gwtrpbyTA6RYCA0n___nsa_sWGg-58l-g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Sun, 14 Jul 2024 11:29:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 8261 43 B
620 B 221ms
33ms Image
image/gif 3.215.196.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-a40DDQwtrpbyTA6RYCA0n___nsaYcs_pezeAGg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.196.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-196-212.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:18 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 200 put
e1.emxdgt.com/ Frame 8261 43 B
120 B 164ms
30ms Image
image/gif 3.210.56.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-6p234gwtrpbyTA6RYCA0n___nsZEaD8jVQNJPA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.56.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-56-21.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 39ms
39ms Fetch
text/plain 142.251.163.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-L69JFWQLLZ&gtm=45je4790v9136064750za200&_p=1720956556360&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=1256669138.1720956557&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&dt=Guest%20Reservations&sid=1720956557&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1859&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L69JFWQLLZ&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.163.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guestreservations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
1 KB 99ms
98ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff3b68ac5cd8524e0c6b06d82f2747dea9b1d17fd18620052f928b020d34abd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 11:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 11:29:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 11:29:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2580 22 KB
0 81ms
81ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff3b68ac5cd8524e0c6b06d82f2747dea9b1d17fd18620052f928b020d34abd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 11:29:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 11:29:17 GMT

GET
H2 200 setuid
ib.adnxs.com/ Frame 8261 43 B
1 KB 30ms
30ms Image
image/gif 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-1VLKfgwtrpbyTA6RYCA0n___nsYY2F0UJvlX7Q

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
an-x-request-uuid: 078a75a2-3d8e-4e4f-82cd-179377877914
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 167.114.209.103; 167.114.209.103; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 /
a.klaviyo.com/client/profiles/ Frame 0
0 174ms
92ms Preflight
text/html 2606:4700::6812:df0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/profiles/?company_id=VHVDfn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,revision,x-klaviyo-onsite
Access-Control-Request-Method: POST
Origin: https://www.guestreservations.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, revision, x-klaviyo-onsite
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, POST, HEAD, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8a312c969de64bb9-YUL
cid: VHVDfn
content-encoding: gzip
content-language: en-us
content-security-policy: base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 11:29:17 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

POST
H2 202 / Show response
a.klaviyo.com/client/profiles/ 105 B
494 B 117ms
116ms XHR
application/vnd.api+json 2606:4700::6812:df0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/profiles/?company_id=VHVDfn

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

406f5752ec5a0772609486ec72f8451e5ae00a5ac70fe089421da97e1829c2d4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
revision: 2023-06-15
Referer: https://www.guestreservations.com/
X-Klaviyo-Onsite: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 11:29:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-klaviyo-api-revision: 2023-06-15
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-length: 105
cid: VHVDfn
server: cloudflare
allow: GET, POST, HEAD, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
x-klaviyo-api-retirement-date: 2025-06-15
content-type: application/vnd.api+json
cf-ray: 8a312c973ef04bb9-YUL
x-robots-tag: noindex, nofollow

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 8261
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=WS-6Gq7ATcEF4pYvCwGVmUWW2qzrZV0h
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=WS-6Gq7ATcEF4pYvCwGVmUWW2qzrZV0h

42 B
716 B

33ms
33ms

Image
image/gif

34.200.95.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=WS-6Gq7ATcEF4pYvCwGVmUWW2qzrZV0h

Protocol

Server

34.200.95.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-95-207.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v061-0ace9b117.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: kUfuIeqSQyw=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v061-0833f5e77.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sun, 14 Jul 2024 11:29:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: kq6g2c+DTZs=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=WS-6Gq7ATcEF4pYvCwGVmUWW2qzrZV0h
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 groups-targeting Show response
a.klaviyo.com/forms/api/v3/ 10 B
342 B 140ms
140ms XHR
application/json 2606:4700::6812:df0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/forms/api/v3/groups-targeting?data=eyJjb21wYW55X2lkIjoiVkhWRGZuIiwiZXhjaGFuZ2VfaWQiOiI4WWpHUzhLVnpTdTlkUy03dlJjbVFiQmswc1pwY3dGc3RJVEh3WHRlOXo4LlZIVkRmbiJ9

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20b66317300a824eca3cf07fa42f20f48e61091ff2d4c9619ac9fc45b669795e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 11:29:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-length: 10
server: cloudflare
allow: GET, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 8a312c97f8404bb9-YUL
access-control-allow-headers
x-robots-tag: noindex, nofollow

POST
H2 202 /
a.klaviyo.com/client/event-bulk-create/ 0
0 131ms
129ms Fetch 2606:4700::6812:df0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/event-bulk-create/?company_id=VHVDfn

Requested by

Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/post_identification_sync.80a9838e5269fa405bb8.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

revision: 2023-10-15
Referer: https://www.guestreservations.com/
X-Klaviyo-Onsite: 1
Access-Control-Allow-Headers: *
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 11:29:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-klaviyo-api-revision: 2023-10-15
content-security-policy: object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
server: cloudflare
allow: GET, POST, HEAD, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
cf-ray: 8a312c9899494bb9-YUL
x-robots-tag: noindex, nofollow
content-length: 0
cid: VHVDfn

OPTIONS
H2 200 /
a.klaviyo.com/client/event-bulk-create/ Frame 0
0 89ms
88ms Preflight
text/html 2606:4700::6812:df0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/event-bulk-create/?company_id=VHVDfn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,content-type,revision,x-klaviyo-onsite
Access-Control-Request-Method: POST
Origin: https://www.guestreservations.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers, content-type, revision, x-klaviyo-onsite
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, POST, HEAD, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8a312c9808504bb9-YUL
cid: VHVDfn
content-encoding: gzip
content-language: en-us
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 11:29:18 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

POST
H2 202 / Show response
a.klaviyo.com/client/profiles/ 105 B
391 B 127ms
125ms XHR
application/vnd.api+json 2606:4700::6812:df0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/profiles/?company_id=VHVDfn

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

406f5752ec5a0772609486ec72f8451e5ae00a5ac70fe089421da97e1829c2d4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
revision: 2023-06-15
Referer: https://www.guestreservations.com/
X-Klaviyo-Onsite: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 11:29:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-klaviyo-api-revision: 2023-06-15
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; report-uri /csp/
content-length: 105
cid: VHVDfn
server: cloudflare
allow: GET, POST, HEAD, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
x-klaviyo-api-retirement-date: 2025-06-15
content-type: application/vnd.api+json
cf-ray: 8a312c99db2a4bb9-YUL
x-robots-tag: noindex, nofollow

POST
H2 202 / Show response
a.klaviyo.com/client/events/ 0
332 B 101ms
99ms XHR
text/plain 2606:4700::6812:df0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/events/?company_id=VHVDfn

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
revision: 2023-02-22
Referer: https://www.guestreservations.com/
X-Klaviyo-Onsite: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 11:29:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-klaviyo-api-revision: 2023-02-22
content-security-policy: base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-length: 0
cid: VHVDfn
server: cloudflare
allow: GET, POST, HEAD, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
x-klaviyo-api-retirement-date: 2025-02-22
cf-ray: 8a312c9b3d7a4bb9-YUL
x-robots-tag: noindex, nofollow

OPTIONS
H2 200 /
a.klaviyo.com/client/events/ Frame 0
0 88ms
88ms Preflight
text/html 2606:4700::6812:df0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/events/?company_id=VHVDfn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,revision,x-klaviyo-onsite
Access-Control-Request-Method: POST
Origin: https://www.guestreservations.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, revision, x-klaviyo-onsite
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, POST, HEAD, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8a312c9aac854bb9-YUL
cid: VHVDfn
content-encoding: gzip
content-language: en-us
content-security-policy: object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 11:29:18 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

POST
H2 202 / Show response
a.klaviyo.com/client/profiles/ 105 B
431 B 94ms
93ms XHR
application/vnd.api+json 2606:4700::6812:df0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/profiles/?company_id=VHVDfn

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

406f5752ec5a0772609486ec72f8451e5ae00a5ac70fe089421da97e1829c2d4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
revision: 2023-06-15
Referer: https://www.guestreservations.com/
X-Klaviyo-Onsite: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 11:29:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-klaviyo-api-revision: 2023-06-15
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-length: 105
cid: VHVDfn
server: cloudflare
allow: GET, POST, HEAD, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
x-klaviyo-api-retirement-date: 2025-06-15
content-type: application/vnd.api+json
cf-ray: 8a312c9c8f8a4bb9-YUL
x-robots-tag: noindex, nofollow

POST
H2 202 / Show response
a.klaviyo.com/client/events/ 0
267 B 103ms
102ms XHR
text/plain 2606:4700::6812:df0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/events/?company_id=VHVDfn

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
revision: 2023-02-22
Referer: https://www.guestreservations.com/
X-Klaviyo-Onsite: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 11:29:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-klaviyo-api-revision: 2023-02-22
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-length: 0
cid: VHVDfn
server: cloudflare
allow: GET, POST, HEAD, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
x-klaviyo-api-retirement-date: 2025-02-22
cf-ray: 8a312c9d28c04bb9-YUL
x-robots-tag: noindex, nofollow

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
380 B 268ms
80ms XHR
application/json 35.186.241.51

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1720956561936

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Sun, 14 Jul 2024 11:29:22 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.guestreservations.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 29
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25
alt-svc: clear

POST
H3 204 collect
analytics.google.com/g/ Frame 2580 0
0 45ms
44ms Fetch
text/plain 216.239.32.181

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WF186HV3S4&gtm=45je4790v9123625958za200zb810202438&_p=1720956556755&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1256669138.1720956557&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_eu=AEA&_s=2&sid=1720956557&sct=1&seg=1&dl=https%3A%2F%2Fwww.guestreservations.com%2Fsite%2Fsearchloading&dr=https%3A%2F%2Fwww.guestreservations.com%2F%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&dt=Searching%20-%20Rooms%20And%20Rates%20-%20Guest%20Reservations&en=scroll&epn.percent_scrolled=90&tfd=6308&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WF186HV3S4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.181 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guestreservations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ Frame 2580 0
0 40ms
39ms Fetch
text/plain 142.251.163.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-L69JFWQLLZ&gtm=45je4790v9136064750za200&_p=1720956556755&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=1256669138.1720956557&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.guestreservations.com%2Fsite%2Fsearchloading&dt=Searching%20-%20Rooms%20And%20Rates%20-%20Guest%20Reservations&sid=1720956557&sct=1&seg=1&en=page_view&_ee=1&tfd=6477&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L69JFWQLLZ&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.163.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.guestreservations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 11:29:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guestreservations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trends.revcontent.com
URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-3hzmvwwtrpbyTA6RYCA0n___nsYRG5t3RyxvXw

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 22:45:48	Name: _li_ss Value: CggKBgiiARCyGA
www.guestreservations.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 71fd1dd00f50a7091fa1ec189e8bb73c
www.guestreservations.com/	1970-01-20 22:45:48	Name: cug_member_code Value: a6b2490174b07feb7c49c49207379ad889e295ef52c3226f81b9ec5b41fc27d2a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22cug_member_code%22%3Bi%3A1%3Bs%3A32%3A%22d6da3783cc1e8a110ad4bbfedf5c93e3%22%3B%7D
.guestreservations.com/	1970-01-20 22:45:48	Name: ab_site_atr_2 Value: 1ed08748c9af8c6e3173ff5bfab6ee0ad8196248e33e09ecb81412f70db80481a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22ab_site_atr_2%22%3Bi%3A1%3Bs%3A1%3A%22B%22%3B%7D
www.guestreservations.com/	1970-01-21 06:48:12	Name: home_page_visited Value: cf55b3cf971d6fcbd9a1524f8587bbe240a9bdc2d1d94c3c800df268c3a2ad22a%3A2%3A%7Bi%3A0%3Bs%3A17%3A%22home_page_visited%22%3Bi%3A1%3Bs%3A3%3A%22yes%22%3B%7D
www.guestreservations.com/	1969-12-31 23:59:59	Name: _csrf Value: e38fa971fb6f1f0982ea05c7d658cb7032b39f559e8a9d61800a69d773334961a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22LKmqnBHg6hNLY_9o2w-E042JCiCXPvF6%22%3B%7D
.guestreservations.com/	1970-01-20 22:02:38	Name: __cf_bm Value: Bl8hjUejrvPmAGWqnowhEQpZIgEzE7HfuIWsnv7Ysl8-1720956555-1.0.1.1-BsSfIA72QKfALnFMlCAUEMIM3NgNl0e1aVk9cJDXrc6csGDDBpjT7uL1KqZoEsp3.gekTtuLHz4sAy9z0kyxLw
www.guestreservations.com/	1970-01-20 22:02:40	Name: __cflb Value: 0H28uvqsNa848rRard5NnKS6eMinV1uq98t1a58n6vo
.guestreservations.com/	1970-01-21 06:48:12	Name: attributionData Value: df34a42108e474d2a1fd4c58929fbd22d9f8b86196d011d7e0b7fabe0feaaa99a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22attributionData%22%3Bi%3A1%3Ba%3A13%3A%7Bs%3A6%3A%22userId%22%3Bs%3A36%3A%220190b101-157b-72fe-8cc5-a130ebb8310d%22%3Bs%3A9%3A%22sessionId%22%3Bs%3A36%3A%220190b101-157c-7840-9f5a-bdcf4feffee2%22%3Bs%3A5%3A%22gclid%22%3Bs%3A0%3A%22%22%3Bs%3A9%3A%22gadSource%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22fbclid%22%3Bs%3A0%3A%22%22%3Bs%3A7%3A%22msclkid%22%3Bs%3A0%3A%22%22%3Bs%3A8%3A%22referrer%22%3Bs%3A0%3A%22%22%3Bs%3A9%3A%22createdAt%22%3Bs%3A19%3A%222024-07-14%2004%3A29%3A16%22%3Bs%3A2%3A%22ip%22%3Bs%3A21%3A%222607%3A5300%3A60%3A7867%3A%3A11%22%3Bs%3A10%3A%22deviceType%22%3Bs%3A8%3A%22computer%22%3Bs%3A9%3A%22userAgent%22%3Bs%3A101%3A%22Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%3Bs%3A4%3A%22path%22%3Bs%3A1%3A%22%2F%22%3Bs%3A11%3A%22queryParams%22%3Bs%3A286%3A%22%3Fmembercode%3Dd6da3783cc1e8a110ad4bbfedf5c93e3%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DPDM%25206%252F26%252F24%2520Paris%2520Stays%2520for%25202024%2520Olympics%2520-%2520Previous%2520International%2520Bookers%2520%2528Insiders%2529%26utm_term%3Dsms_popup%26_kx%3D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn%22%3B%7D%7D
.guestreservations.com/	1970-01-21 00:12:12	Name: _gcl_au Value: 1.1.1976860967.1720956557
.criteo.com/	1970-01-21 07:24:12	Name: uid Value: bca905cc-89c0-46ea-a7cb-7e1311d71f96
.criteo.com/	1970-01-21 07:24:12	Name: receive-cookie-deprecation Value: 1
.guestreservations.com/	1970-01-21 06:48:12	Name: mp_c5491a995ed9e9ee29ba488d355afed9_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A190b1011688560-0bf96690f020d7-11462c6f-1d4c00-190b1011688560%22%2C%22%24device_id%22%3A%20%22190b1011688560-0bf96690f020d7-11462c6f-1d4c00-190b1011688560%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22initial_utm_source%22%3A%20%22Klaviyo%22%2C%22initial_utm_medium%22%3A%20%22campaign%22%2C%22initial_utm_campaign%22%3A%20%22PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20(Insiders)%22%2C%22initial_utm_content%22%3A%20null%2C%22initial_utm_term%22%3A%20%22sms_popup%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22utm_source%22%3A%20%22Klaviyo%22%2C%22utm_medium%22%3A%20%22campaign%22%2C%22utm_campaign%22%3A%20%22PDM%206%2F26%2F24%20Paris%20Stays%20for%202024%20Olympics%20-%20Previous%20International%20Bookers%20(Insiders)%22%2C%22utm_term%22%3A%20%22sms_popup%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.guestreservations.com/	1970-01-20 22:04:02	Name: _gid Value: GA1.2.2125105091.1720956557
.guestreservations.com/	1970-01-20 22:02:36	Name: _gat_UA-77275451-1 Value: 1
.guestreservations.com/	1970-01-21 06:48:12	Name: cf_clearance Value: x6bCIUqnnzqm9AGQv7AiE.fdmEF2u1EbVTStOb0sBk8-1720956557-1.0.1.1-w5aG1pQhVzDJ_Fhu7Kq3nmFmp6fjR.mDoHkhqmlm24ewEr5uWtI0_.O7.LNmIqvvnJwo6VKlN5aTE2OIHHXRsg
.guestreservations.com/	1970-01-21 07:32:00	Name: cto_bundle Value: LtMF419JdGV1V2VrRmp5QlFNYlcxVjZ2RFBsUHNsMmxVMmR4M2hPUEFmM0tuR09LTWhPVVpPUzRGWW1GVDZTdnlXOTNGR01tZTJUdUtRNVVic2QwdTJ4NVFqRHVBYjhJM0l1cDVqNlJ2S1BaUVhBM1dMb0tkdSUyRnZxQWlVSzZ0QWdLUWx4c1FONHZsOUQybFRmTDhxVGF5UXpraVQzYmxEMlNCdkp1RTFXbmlKTjB4ZyUzRA
.guestreservations.com/	1970-01-21 07:38:36	Name: _ga Value: GA1.1.1256669138.1720956557
.guestreservations.com/	1970-01-21 07:38:36	Name: _ga_WF186HV3S4 Value: GS1.1.1720956557.1.1.1720956557.60.0.0
.guestreservations.com/	1970-01-21 00:12:12	Name: _fbp Value: fb.1.1720956557302.383576939162348090
.guestreservations.com/	1970-01-20 22:04:02	Name: _uetsid Value: 4e3a33c041d411ef82ec0b1b0bfe78ff
.guestreservations.com/	1970-01-21 07:24:12	Name: _uetvid Value: 4e3a6b1041d411efb51c15bc1d2891fc
.bat.bing.com/	1970-01-20 22:12:41	Name: MR Value: 0
.bing.com/	1970-01-21 07:24:12	Name: MUID Value: 1F2570AFC2586AB216596413C3636B99
.guestreservations.com/	1970-01-21 07:38:36	Name: _ga_L69JFWQLLZ Value: GS1.2.1720956557.1.1.1720956557.0.0.0
.adnxs.com/	1970-01-21 00:12:12	Name: XANDR_PANID Value: Pw2ZnJ111AiSO2vkrRlC21ieYgBdU_TsmwxwCw5y2bhVS4dIZJ-ZwievUlbOW3_5xJ4BpFmXJTjN_TxX1AjG-BXdpzBNSn9490XL-jACdQ8.
.adnxs.com/	1970-01-21 07:38:36	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:12:12	Name: uuid2 Value: 1010634846103465533
.doubleclick.net/	1970-01-21 07:38:36	Name: IDE Value: AHWqTUkldvG10HbLfiTMKwlSzfD0dEx5vQLBmmdDqkSZnANP97wzrFzHL-vp8ICZJ5U
.omnitagjs.com/	1970-01-20 22:45:48	Name: ayl_visitor Value: e9958064e10a1d17a2b4f9cc0f371343
.mediawallahscript.com/	1970-01-21 07:38:36	Name: mCookie Value: 4e57e4f0-41d4-11ef-abdc-5944c6fe0e03
.mediawallahscript.com/	1970-01-21 07:38:36	Name: mUserCookie Value: %7B%7D
.taboola.com/	1970-01-21 06:48:12	Name: t_gid Value: 5eccb9ba-44d7-428b-8696-e2143c4b8cd3-tuctd8d3c0d
.taboola.com/	1970-01-21 06:48:12	Name: t_pt_gid Value: 5eccb9ba-44d7-428b-8696-e2143c4b8cd3-tuctd8d3c0d
.bidswitch.net/	1970-01-21 06:48:12	Name: tuuid Value: 6a4989da-516a-4b5b-b18f-ff46dda49e57
.bidswitch.net/	1970-01-21 06:48:12	Name: c Value: 1720956557
.bidswitch.net/	1970-01-21 06:48:12	Name: tuuid_lu Value: 1720956557
.casalemedia.com/	1970-01-21 06:48:12	Name: CMID Value: ZpO2jdHM6doAABnYABBUlAAA
.casalemedia.com/	1970-01-21 00:12:12	Name: CMPS Value: 3646
.casalemedia.com/	1970-01-21 00:12:12	Name: CMPRO Value: 3646
.adnxs.com/	1970-01-21 00:12:12	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C'$k'hXW!]tbPl@/D!9hy6]/CwgVgk?ixbyG2B.O:0:i7Cbtl!Ptv8!H396(<v)gtpR>24<>x>s`VQaPmZ4%nugO%v4VB%nqIz+^f>7
.c.bing.com/	1970-01-20 22:12:41	Name: MR Value: 0
.smartadserver.com/	1970-01-21 07:32:50	Name: pid Value: 3056663757714731366
.smartadserver.com/	1970-01-21 07:32:50	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 06:48:12	Name: csync Value: 79:k-jB0v3wwtrpbyTA6RYCA0n___nsaI_6OAO2OO9Q
.360yield.com/	1970-01-21 00:12:12	Name: tuuid Value: 64facd8b-6da9-45d0-bc86-f7d3fa7489ae
.360yield.com/	1970-01-21 00:12:12	Name: tuuid_lu Value: 1720956557
exchange.mediavine.com/	1970-01-20 22:22:46	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%224e713950-41d4-11ef-b5a8-e5762297c7b2%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 22:22:46	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%224e713950-41d4-11ef-b5a8-e5762297c7b2%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 22:22:46	Name: am_tokens Value: %7B%22mv_uuid%22%3A%224e713950-41d4-11ef-b5a8-e5762297c7b2%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 22:22:46	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%224e713950-41d4-11ef-b5a8-e5762297c7b2%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 22:22:46	Name: criteo Value: %7B%22id%22%3A%22k-uE21BQwtrpbyTA6RYCA0n___nsYhhbwwMqatlg%22%2C%22version%22%3A%22criteo%22%7D
.liadm.com/	1970-01-21 07:38:36	Name: lidid Value: e8a1c3d9-8cf8-4f7a-a7eb-9938a03fa830
.360yield.com/	1970-01-21 00:12:12	Name: um Value: !38,Xbir7OetqjC-HwtUrMhN71tYOj-lu-oaWsoqpUNSa3.GY8gciMLLGUNAc5RVf3B5RLoPAqeY,1728732557
.360yield.com/	1970-01-21 00:12:12	Name: umeh Value: !38,0,1783164557,-1
.bluekai.com/	1970-01-21 02:21:48	Name: bkdc Value: phx
.bluekai.com/	1970-01-21 02:21:48	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LxNn21hvuR3/nYXy3de1EzL/epa6nFBpBwsNY1iG09pn9QexYhj+
.bluekai.com/	1970-01-21 02:21:48	Name: bku Value: uUW99/ttAtSN1hAZ
.postrelease.com/	1970-01-21 06:48:12	Name: visitor Value: 9b4827b8-60bd-4ba5-869a-0fcaa8c3f22e
.postrelease.com/	1970-01-21 06:48:12	Name: status Value: 0
.crwdcntrl.net/	1970-01-21 04:31:23	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 04:31:23	Name: _cc_id Value: 717aa5bff70cf83f0992bc905c0bc609
.criteo.com/	1970-01-21 07:24:12	Name: cto_bundle Value: d341AV9DdXhkQTY2c3dhckFCeFZtdmEza2ltdXY4Y3JhclRHRzRmZXdYUExPdmo0RXgyRTJxQ0IxQjVzdXphdmIlMkZkNnQ
.media.net/	1970-01-21 06:48:12	Name: visitor-id Value: 3639581571978375000V10
.media.net/	1970-01-20 22:45:48	Name: data-c-ts Value: 1720956557
.media.net/	1970-01-20 22:45:48	Name: data-c Value: k-5V9HpgwtrpbyTA6RYCA0n___nsZqjD2HWNhaXA~~3
.ads.stickyadstv.com/	1970-01-20 22:45:48	Name: UID Value: 7ebdd94c91e4fcd4b51128471ce4476
.ads.stickyadstv.com/	1970-01-20 23:29:00	Name: uid-bp-11554 Value: k-RZj1twwtrpbyTA6RYCA0n___nsY5eTItAnv4lA
.pubmatic.com/	1970-01-20 22:45:48	Name: KRTBCOOKIE_97 Value: 3385-uid:k-eAJRegwtrpbyTA6RYCA0n___nsaaAok6YvqedA&KRTB&23037-uid:k-eAJRegwtrpbyTA6RYCA0n___nsaaAok6YvqedA&KRTB&23144-uid:k-eAJRegwtrpbyTA6RYCA0n___nsaaAok6YvqedA&KRTB&23286-uid:k-eAJRegwtrpbyTA6RYCA0n___nsaaAok6YvqedA
.pubmatic.com/	1970-01-20 22:45:48	Name: PugT Value: 1720956557
.smaato.net/	1970-01-20 22:32:50	Name: SCM Value: 502e72384b
.sharethrough.com/	1970-01-20 22:45:48	Name: stx_user_id Value: 471c934f-f394-4242-8d47-e1edc36ad690
.3lift.com/	1970-01-21 00:12:12	Name: tluidp Value: 2091473884897742188113
.3lift.com/	1970-01-21 00:12:12	Name: tluid Value: 2091473884897742188113
.adsrvr.org/	1970-01-21 06:48:12	Name: TDID Value: e1c5bea8-1987-426a-a0ec-9294aa310367
.rezync.com/	1970-01-21 07:24:12	Name: zync-uuid Value: f58b6dab-92d0-4afc-97bc-7382a9c060e5:1720956557.9011648
.adsrvr.org/	1970-01-21 06:48:12	Name: TDCPM Value: CAEYBSABKAIyCwiavqre3YCSPRAFOAE.
.demdex.net/	1970-01-21 02:21:48	Name: demdex Value: 75952843915920215351185995851393867006
.tremorhub.com/	1970-01-21 06:48:33	Name: tvid Value: c68b74cca5a5418a82e7de5fea75a6ae
.tremorhub.com/	1970-01-20 22:45:48	Name: tv_UICR Value: k-ewzfTwwtrpbyTA6RYCA0n___nsaVkiks85Aufw
.rubiconproject.com/	1970-01-21 06:48:12	Name: audit_p Value: 1\|ocedUViYoIgegcW04Ugli4t5CbnP87xUd78KH+qDolM3Sds8s51Nz+zu98yaPuSXwYcA8mnKjyWM1KxoLazIt+aleybw1oy9Ba0etFFpiE2MW6lJ/0EwnShdxuT0QEhJdnY7SvIcW6QKnySzLzsv4ztrmufCexVLZ44qUS4jeuPmQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg=
.rubiconproject.com/	1970-01-21 06:48:12	Name: khaos Value: LYLH3MOB-2-CGSJ
.rubiconproject.com/	1970-01-21 06:48:12	Name: khaos_p Value: LYLH3MOB-2-CGSJ
.rubiconproject.com/	1970-01-21 06:48:12	Name: audit Value: 1\|ocedUViYoIgegcW04Ugli4t5CbnP87xUd78KH+qDolM3Sds8s51Nz+zu98yaPuSXwYcA8mnKjyWM1KxoLazIt+aleybw1oy9Ba0etFFpiE2MW6lJ/0EwnShdxuT0QEhJdnY7SvIcW6QKnySzLzsv4ztrmufCexVLZ44qUS4jeuPmQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg=
.rubiconproject.com/	1970-01-21 00:12:12	Name: receive-cookie-deprecation Value: 1
.teads.tv/	1970-01-21 06:46:46	Name: tt_viewer Value: cd2dceed-a6fe-46de-9302-70410802eaca
.dpm.demdex.net/	1970-01-21 02:21:48	Name: dpm Value: 75952843915920215351185995851393867006
.yieldmo.com/	1970-01-21 06:48:12	Name: yieldmo_id Value: VaiJj3zTyJzarL7SLGOe%7C1720915200000%7C0
.ads.yieldmo.com/	1970-01-21 06:48:12	Name: ptrcriteo Value: k-a40DDQwtrpbyTA6RYCA0n___nsaYcs_pezeAGg
www.guestreservations.com/	1970-01-21 07:38:36	Name: __kla_id Value: eyJjaWQiOiJNV1V3TURGbVlqVXRaVEExTUMwME5XWXlMV0U1WXprdE9Ua3dObVU0TmpFd1lUSXgiLCIkcmVmZXJyZXIiOnsidHMiOjE3MjA5NTY1NTcsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lmd1ZXN0cmVzZXJ2YXRpb25zLmNvbS8/bWVtYmVyY29kZT1kNmRhMzc4M2NjMWU4YTExMGFkNGJiZmVkZjVjOTNlMyZ1dG1fc291cmNlPUtsYXZpeW8mdXRtX21lZGl1bT1jYW1wYWlnbiZ1dG1fY2FtcGFpZ249UERNJTIwNiUyRjI2JTJGMjQlMjBQYXJpcyUyMFN0YXlzJTIwZm9yJTIwMjAyNCUyME9seW1waWNzJTIwLSUyMFByZXZpb3VzJTIwSW50ZXJuYXRpb25hbCUyMEJvb2tlcnMlMjAlMjhJbnNpZGVycyUyOSZ1dG1fdGVybT1zbXNfcG9wdXAmX2t4PThZakdTOEtWelN1OWRTLTd2UmNtUWJCazBzWnBjd0ZzdElUSHdYdGU5ejguVkhWRGZuIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNzIwOTU2NTU4LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5ndWVzdHJlc2VydmF0aW9ucy5jb20vP21lbWJlcmNvZGU9ZDZkYTM3ODNjYzFlOGExMTBhZDRiYmZlZGY1YzkzZTMmdXRtX3NvdXJjZT1LbGF2aXlvJnV0bV9tZWRpdW09Y2FtcGFpZ24mdXRtX2NhbXBhaWduPVBETSUyMDYlMkYyNiUyRjI0JTIwUGFyaXMlMjBTdGF5cyUyMGZvciUyMDIwMjQlMjBPbHltcGljcyUyMC0lMjBQcmV2aW91cyUyMEludGVybmF0aW9uYWwlMjBCb29rZXJzJTIwJTI4SW5zaWRlcnMlMjkmdXRtX3Rlcm09c21zX3BvcHVwJl9reD04WWpHUzhLVnpTdTlkUy03dlJjbVFiQmswc1pwY3dGc3RJVEh3WHRlOXo4LlZIVkRmbiJ9LCIkZXhjaGFuZ2VfaWQiOiI4WWpHUzhLVnpTdTlkUy03dlJjbVFiQmswc1pwY3dGc3RJVEh3WHRlOXo4LlZIVkRmbiJ9
.rqtrk.eu/	1970-01-20 22:12:41	Name: browser_id Value: 1:cc27f9f5-5623-40e7-9e0b-f51d0cff5075
.mediawallahscript.com/	1970-01-20 22:04:02	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_07_2024 Value: %7B%221pVtae%22%3A1%7D
.rfihub.com/	1970-01-21 07:24:12	Name: eud Value: H4sIAAAAAAAA_13IuxWAIAwAwAmsmCO-JJCf20CQgSwtndTOwvLuKrbEh84-IHgitL4SwkaCVeceiYqnHGSMISpieyCRNr_L9qUzy_PzCwn7Z65aAAAA
.rfihub.com/	1970-01-21 07:24:12	Name: rud Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0NzEysTC3MDGwMBLiM9TNyTWMiiw1cy8wMEoEAKo1KRolAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0NzEysTC3MDGwMBLiM9TNyTWMiiw1cy8wMEoEAKo1KRolAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXByRHAIAgAwE_aIQMol90AaiGpPLvfY1e8dGdB8EaYeRvCqsGGc0aj4pFFxhiiIvYGEun0HyzFcUw6AAAA
live.rezync.com/	1970-01-21 07:24:12	Name: sd-session-id Value: .eJwNykkOgzAMAMC_-Ewqx81i5zMoG1LUklYELkX8vRxHmhPmb93W2GvfIezbUSfI73ZrQDhhtN9aXxCAUDMZK96QYc8GmeCaYNQx2qfPrdxnsZxciUkJFVQmLlmJT1n5J1OUjA6rDdoTinXW-oeg1s4wXH_IwiYJ.ZpO2jg.uvdztd4IbQPmZZTwxqa5frVwqqA
.rlcdn.com/	1970-01-21 06:48:12	Name: rlas3 Value: gNS5dSL1PWZ3p0db+44WEEbum1j73oTBxUkAWnEqqNA=
.rlcdn.com/	1970-01-20 23:29:00	Name: pxrc Value: CI7tzrQGEgUI6AcQABIGCLrqARAA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://sslwidget.criteo.com/event?a=57373&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd%26ui_target%3Dyes&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=LtMF419JdGV1V2VrRmp5QlFNYlcxVjZ2RFBsUHNsMmxVMmR4M2hPUEFmM0tuR09LTWhPVVpPUzRGWW1GVDZTdnlXOTNGR01tZTJUdUtRNVVic2QwdTJ4NVFqRHVBYjhJM0l1cDVqNlJ2S1BaUVhBM1dMb0tkdSUyRnZxQWlVSzZ0QWdLUWx4c1FONHZsOUQybFRmTDhxVGF5UXpraVQzYmxEMlNCdkp1RTFXbmlKTjB4ZyUzRA&tld=guestreservations.com&fu=https%253A%252F%252Fwww.guestreservations.com%252F%253Fmembercode%253Dd6da3783cc1e8a110ad4bbfedf5c93e3%2526utm_source%253DKlaviyo%2526utm_medium%253Dcampaign%2526utm_campaign%253DPDM%2525206%25252F26%25252F24%252520Paris%252520Stays%252520for%2525202024%252520Olympics%252520-%252520Previous%252520International%252520Bookers%252520%252528Insiders%252529%2526utm_term%253Dsms_popup%2526_kx%253D8YjGS8KVzSu9dS-7vRcmQbBk0sZpcwFstITHwXte9z8.VHVDfn&ceid=4fbd0af6-30cf-4ff4-bfbd-fcfa6e42d785 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
ad.360yield.com
ade.clmbtech.com
ads.stickyadstv.com
analytics.google.com
api-js.mixpanel.com
bat.bing.com
c.bing.com
cdn.mxpnl.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
ib.adnxs.com
idsync.rlcdn.com
jadserve.postrelease.com
live.rezync.com
maps.googleapis.com
maps.gstatic.com
match.adsrvr.org
match.sharethrough.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
p.rfihub.com
partner.mediawallahscript.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.criteo.net
static.klaviyo.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
tags.bluekai.com
trends.revcontent.com
trk.klclick.com
visitor.omnitagjs.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.guestreservations.com
x.bidswitch.net
trends.revcontent.com
104.18.36.155
107.21.205.162
108.156.91.29
141.226.224.48
142.251.163.102
151.101.130.133
151.101.194.133
151.101.66.133
172.253.122.156
172.253.122.97
172.253.63.105
172.253.63.154
172.253.63.95
195.244.31.10
198.8.71.131
2001:4860:4802:32::181
216.239.32.181
23.105.12.150
23.50.124.22
23.50.125.47
23.55.200.222
2600:1408:c400:16::17d4:f81b
2600:1901:0:bc29::
2600:1f18:612b:4216:6ee6:2773:bd8f:e13f
2600:9000:2209:6200:1b:5138:8a40:93a1
2600:9000:23cb:ec00:14:c8fd:7700:93a1
2606:4700::6812:924
2606:4700::6812:df0
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c0b::78
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::64
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::61
2607:f8b0:4004:c21::5e
2620:100:a00b::12
2620:100:a00b::4
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.210.56.21
3.215.196.212
34.192.166.88
34.200.95.207
35.186.241.51
35.211.178.172
35.244.154.8
35.71.139.29
51.222.241.100
52.202.32.213
52.203.132.170
52.223.40.198
52.87.98.237
54.161.215.88
54.227.40.53
54.84.32.3
63.251.28.231
64.202.112.31
64.233.180.94
68.67.181.211
69.173.151.100
74.119.117.16
8.28.7.83
05c7cba6c9f330e59e2f2a03345260cf399f8d586da6e739954d60d66adbb16f
07efcf822b1de3c7a9baac29df9d741f6974c13466960f990f3cd5739f27c53c
09267582c342f0338e98938713268014ede54f4f51691fd3e7db7bdd48896577
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
12bfc27c309e6157f56426265194dea3e3d8c585111466d7a538aa8d670a607b
13471b4283cd0eef752d70c2994923d831d67a5a1c840f2a76a9c05e23f9f72f
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56
19dafff03dcb32a85467ecd04cb78d54af93b6d2ba521de45f179eb307e988a7
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
20b66317300a824eca3cf07fa42f20f48e61091ff2d4c9619ac9fc45b669795e
2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59
235bc135bee5a4fc16aee750f091133ee81846cc6cc7f00eb75e59922ea06e61
25a1111f66d36d8603f76f16036f2bcfc31f3a8f0168abd86209a7055bc4f0c9
279d4b267a20f959b80f18538f40c5f0a28625cc13d48f7350e97f04b8b3639c
2904914988fb94f490eb7a21e5fba3de11b7bc1d12caefadb10923ea9c46c712
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e8de09bd822fd6556ce9acf5ca57830e1d862a81b14b384a44ce2d48f7cd72e
2ee6f78d10947b106171636ad321f3569e46c99ad0a33c88056820327ca23491
30bc8ba6fd8ea49b3aa785e81efdf9dd848c59166c7bed59d8b05093065fa976
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a7397d8e0ec390e0e7ac653f64be9cae1566e935795cb1c3a66b643b70ef6f
3455757c5b19f9a7d1344b537f7ac9dc125d2b165c678fd92fac62316a804688
406f5752ec5a0772609486ec72f8451e5ae00a5ac70fe089421da97e1829c2d4
41cdfd8938196e10e2bfb0968a7b3a2714173110dd8d14ba9a2cf2f64086db2d
43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30
45bb486b9e917d695991d2988c5f5a319b350621f155e2d8aa4fdf5a9456b89f
47cc11c19b25af7a989a96bdb2fb1a9b623a1815a5fae93d5b39ffd318a8b2f9
4808dc03604e09a22ca006f9d476502084a27beeaa1b3a81cf74c6b0dc0fa890
4b2656274b0bfc939a9e6ea0c136dbe3029b5172e7c27ff9a572f755b78054bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e470caf3954391b92617ab17fda724e9fa4f4f50b2802e21bebc99f3535a65d
542f11e269ce7433a539d7e0c12342f8a98978cca08046ea0abd703ffb9a7c12
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a9335ada7bf1f825312acc02f9301b384e92ae20b5c0342341b2df3955f7ca8
5bfc37ff880caeb229fffa577d4ba4286e6a58cf68af9d9818f0617715a365fc
5c78708b377c4481d55502b4fc6048936b2de587596f2ab5b02fef9a915ea8f7
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60ec1580f50298895fa128e675a6e816a172850abb751875978b5df5c59a1146
60f5f911fd8f366f29390166716a1977430d5472b02b6a1298c818096d7d2aac
6157eea255cb43f55015b8e3ad737c8dc5b461a0b4d952b193db3e7f6324a66c
63692357ab70c4f1b1750238d5b65c3569efb9fc2e581ade236eccbee4f67e1e
6eacea22637ee8d18242a2377c05ad5c30eb650020bf3cb00b47c0319fe77a11
72b06f24a2e59e15ddcd0d57bf6c274ded794e0df306ef374750b58c7534051d
769c0c15b0505b178f3a245cd21b058c38f1bb0a091ccdfb83ea159bf9da10a9
786c39f445a4b6fb5e65fe93fc56012a641bb150c6d9c3c89e6f91ee9ac75b83
787dac9144c25930e15c5709559e659b18352e0d6794ce88720b1f7490463fb3
81a738fe93926aa93523e2f3233a79e0f3072c5d0544883c7923a79650b2c8da
84b01cf41d74e1053e57cdad09e7778c7a9b1478aea43d551a48caf3f6cd27e7
8746d73f137aff56ff961d3c1c716dfb4d9d81509e3bb7d8c2a3927d3e191cf2
89d1cf21ac70da8a120e2452f1e4d161c6b12257e90a7e949b86c98d260d2f83
89e00f7b24193342f0465d7b9dcbb5db531a3e44e6fc3e216c71677a0a1ff0e0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8add2ea8a82e3f30ba20be47ef707c61e41ea7027e854c9c1797cc45cb2d4499
8bf4d7107e7a11d6bf6902d0961ec298c8c01955c24d8217c37ba13078226d73
8d11c681f24a1e6d5d4bc7a663e679e59c9febe72a37119d62f07b9c3f135d38
914f159ab6f0a08a1cec049c6ed2b02c6dce9a3c6a5d7103c1028baf5c6ddfcd
96201c3015f2927ea66e2fffb7754943ac5b5ee53584bce35f79a3f195d19535
96d715821d79f29e15ed8399d28692157edd63f1a966c84a2316acc0da1619a0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74
a6b66f00e52a75c6b0644d8b587cf8a0b35c5c63cfcdef465cbf764a20bbfe66
a8768a2ae84516bbbbbede1877afd7f1b8274b7b02c794f75cacfba685fcf296
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
aef47c1ad08d8fc6db195bf4a023aed27ba77b2f177de3364a312b7b4ff760ac
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4f459599d92979623b52c45d6b3775486f92cb00db55621b43799cfd91bf98f
b90d45cfe965c1cd046dbab4bcc8636542e3796c063085e68c103c1cc01c1ba7
b9197061279dd713e755d7aced49bd5932b2411f9c7a5e4e362b07060479a4fd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad
c2904bf65c98204b61d6bc88e39a22a0c77b5282c55a328997199cf5d419f8cc
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
c4da2635c9842212b0b48f05688407cc8818c8809bae86ec1a41d795309a30e4
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb7925dd2ac2e11a41dc121b5177c9a7d50c6084f375e9d30ef2ba58fe36f501
cb875ef064277c6f4be9e72a5a7afd4af72ec8339575ca48fc9648c1f8164aa6
cc561b37437447d9a162d2e7e4532070f046c145e2358dc503b8c6aadbfb21cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
ce2a3678699466fae8be896c8c5acc805907af4c4a4b9dd15c68ed391f10a180
ce741c03d00df9d5db30346c8cde89321e66ebc1f27d7e8b54566dd68ae4b8ce
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1aa9571d35b6cc7e086c487f5dfc09aca517394b97ad931e6bb9a0a551938b6
d3a207b905835387010dc53573b764c38cde958162f1af572dd710e56a364e2d
da097e694e53f1173022013d84222bbef8a0a22820574bfce016dd4994718266
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e502c55f3832d4f948a5b719a78821bc676b8165878de7384b32c801eb270381
e6dd9a20ebd46e799894e6295a7c2ff2694a6c33e71c41296e32ecd35f4576f3
e74f141dcaae1cdfca64cbb04a4249984fdfd92cd7bcb99c50abf5c37b65fe8b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51af69687876ee069f6c91befd54cbedf49a0b754fff0f0f510c4920f99fdae
f60252a22cba461f4734f1791814e380a93de6302c1f00f8bb2ca01f5f6ed008
f8f8c0775cc2ea1769238d75afb9f2af2108e115eadd7e26bdace4e48de9b19b
fa22f8d5db95e69e351372a1c253992ae45749007a451992c9e9f0fb946d9870
fec9ae6f7e857ead2ca0ccb0a67b878f44badafee0f8efd8552bc5adb7b0e553
ff3b68ac5cd8524e0c6b06d82f2747dea9b1d17fd18620052f928b020d34abd2

www.guestreservations.com Open in urlscan Pro 2606:4700::6812:924 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

92 %HTTPS

32 %IPv6

51 Domains

64 Subdomains

55 IPs

3 Countries

3701 kBTransfer

8774 kBSize

99 Cookies

8 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.guestreservations.com Open in urlscan Pro
2606:4700::6812:924 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

92 %
HTTPS

32 %
IPv6

51
Domains

64
Subdomains

55
IPs

3
Countries

3701 kB
Transfer

8774 kB
Size

99
Cookies

182 HTTP transactions
0 data transactions