www.gatewayames.com Open in urlscan Pro
104.17.185.58 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gatewayames.com/
Submission: On November 21 via automatic, source certstream-suspicious (November 21st 2024, 3:57:56 am UTC) — Scanned from DE

Summary HTTP 103 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 20 domains to perform 103 HTTP transactions. The main IP is 104.17.185.58, located in and belongs to CLOUDFLARENET, US. The main domain is www.gatewayames.com.
TLS certificate: Issued by WE1 on November 21st 2024. Valid for: 3 months.

This is the only time www.gatewayames.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	104.17.185.58 104.17.185.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
14	2a02:26f0:350... 2a02:26f0:3500:3::b818:4d2f	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
4	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
3	35.244.188.9 35.244.188.9	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.82.108.229 35.82.108.229	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2 3	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:3::b818:4d40	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	195.244.31.25 195.244.31.25	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
6	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
2 6	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.228 37.157.2.228	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	37.157.2.250 37.157.2.250	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	185.167.164.39 185.167.164.39	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	37.157.2.229 37.157.2.229	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	37.157.6.237 37.157.6.237	198622 (ADFORM Ad...) (ADFORM Adform A/S)
2	2600:9000:215... 2600:9000:2156:9a00:1d:9bf3:2e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
2	13.225.78.114 13.225.78.114	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:214... 2600:9000:214f:e00:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	143.204.215.69 143.204.215.69	16509 (AMAZON-02) (AMAZON-02)
103	32

14 104.17.185.58 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.gatewayames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:3500:3::b818:4d2f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

image-tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.188.9 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.82.108.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-108-229.us-west-2.compute.amazonaws.com

theguestbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

3038431.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:3::b818:4d40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net

dynamic.travelclick-websolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.228 (Denmark) 2 redirects

ASN198622 (ADFORM Adform A/S, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.250 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.39 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.229 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.237 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:9a00:1d:9bf3:2e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.theguestbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-114.fra2.r.cloudfront.net

api.rudderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:e00:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-69.fra53.r.cloudfront.net

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	galaxy.tf image-tc.galaxy.tf — Cisco Umbrella Rank: 94415 tc.galaxy.tf — Cisco Umbrella Rank: 123577 cdn.galaxy.tf — Cisco Umbrella Rank: 119011	724 KB
14	gatewayames.com 1 redirects www.gatewayames.com	599 KB
9	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 9872	20 KB
9	doubleclick.net 3 redirects 3038431.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 145 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	2 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	680 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	6 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	630 B
6	sojern.com static.sojern.com — Cisco Umbrella Rank: 14170 pixel.sojern.com — Cisco Umbrella Rank: 10501 beacon.sojern.com — Cisco Umbrella Rank: 6716	54 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
5	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 611 s2.adform.net — Cisco Umbrella Rank: 6873 a2.adform.net — Cisco Umbrella Rank: 6726	34 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
4	theguestbook.com theguestbook.com — Cisco Umbrella Rank: 149435 assets.theguestbook.com — Cisco Umbrella Rank: 234988	3 MB
4	gstatic.com fonts.gstatic.com	101 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	80 KB
2	rudderstack.com api.rudderstack.com — Cisco Umbrella Rank: 8301	1 KB
2	travelclick-websolutions.com dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 166087	8 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 518	63 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	32 KB
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 23490	462 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 377	149 B
103	20

	Domain	Requested by
14	www.gatewayames.com	1 redirects www.gatewayames.com
13	image-tc.galaxy.tf	www.gatewayames.com
9	cdn.rudderlabs.com	assets.theguestbook.com cdn.rudderlabs.com www.gatewayames.com
8	www.googletagmanager.com	www.gatewayames.com www.googletagmanager.com
6	ib.adnxs.com	2 redirects www.gatewayames.com
6	www.facebook.com	www.gatewayames.com
6	fonts.googleapis.com	www.gatewayames.com client
4	cm.g.doubleclick.net	www.gatewayames.com
4	fonts.gstatic.com	fonts.googleapis.com
4	connect.facebook.net	www.gatewayames.com connect.facebook.net
3	c1.adform.net	2 redirects a2.adform.net
3	ad.doubleclick.net	2 redirects www.gatewayames.com
3	static.sojern.com	www.googletagmanager.com www.gatewayames.com static.sojern.com
2	api.rudderstack.com	assets.theguestbook.com
2	assets.theguestbook.com	theguestbook.com assets.theguestbook.com
2	pixel.sojern.com	static.sojern.com www.gatewayames.com
2	region1.google-analytics.com	www.googletagmanager.com
2	dynamic.travelclick-websolutions.com	www.gatewayames.com
2	tc.galaxy.tf	www.gatewayames.com
2	3038431.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	theguestbook.com	www.googletagmanager.com
1	cdn.galaxy.tf
1	code.jquery.com	theguestbook.com
1	a1.seadform.net	www.gatewayames.com
1	a2.adform.net	s2.adform.net
1	adservice.google.com	www.gatewayames.com
1	s2.adform.net	beacon.sojern.com
1	match.adsrvr.org	www.gatewayames.com
1	beacon.sojern.com	static.sojern.com
1	www.google.com	www.googletagmanager.com
103	31

This site contains links to these domains. Also see Links.

Domain
reservations.travelclick.com
image-tc.galaxy.tf
www.facebook.com
www.instagram.com
www.pinterest.com
www.linkedin.com
www.amadeus-hospitality.com

Subject Issuer	Validity	Valid
www.gatewayames.com WE1	`2024-11-21` - `2025-02-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
image-tc.galaxy.tf R11	`2024-09-29` - `2024-12-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-21`	5 months	crt.sh
*.theguestbook.com Amazon RSA 2048 M02	`2024-06-18` - `2025-07-18`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
tc.galaxy.tf R11	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.travelclick-websolutions.com Gandi RSA Domain Validation Secure Server CA 3	`2024-06-24` - `2025-07-08`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-24`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-22` - `2025-11-12`	a year	crt.sh
assets.theguestbook.com Amazon RSA 2048 M03	`2024-06-16` - `2025-07-14`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.rudderstack.com Amazon RSA 2048 M02	`2024-09-21` - `2025-10-18`	a year	crt.sh
*.rudderlabs.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.gatewayames.com/
Frame ID: 6E36FE8E9ECBE90EC6707E34C0E93F8A
Requests: 96 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.gatewayames.com
Frame ID: 2C1024756F3424FE2AD9D8C8787C4086
Requests: 1 HTTP requests in this frame

Frame: https://www.gatewayames.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: FBC93BD2B133DDC91CAD848740B16304
Requests: 2 HTTP requests in this frame

Frame: https://3038431.fls.doubleclick.net/activityi;dc_pre=CPLHn6nE7IkDFeiTgwcdVAUR8g;src=3038431;type=websi197;cat=gatew123;ord=1;num=5095928247258;npa=1;auiddc=29362981.1732161470;ps=1;pcor=1424284111;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189051270z8830727906za201zb830727906;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.gatewayames.com%2F
Frame ID: E439C67D0B9EC7F7FCECB215FDAB0263
Requests: 1 HTTP requests in this frame

Frame: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.gatewayames.com%2F&auto_ccid=xs6b6-sy3sa-2gdz8-yv1m6-7f1ah&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&hpr=Gateway%20Hotel%20and%20Conference%20Center&hpid=2958&sha256_eml=&sha1_eml=&md5_eml=&ccid=&pt=HOME_PAGE&et=
Frame ID: BA3F004CFC34B6252856FC05D2861D7E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=4253672801637572396&agencyId=8579&advertiserId=2162313&src=tp&rnd=693270
Frame ID: FC403B43AF5DE1450F37748F00391137
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gateway Hotel & Conference Center - Hotel in Ames Near ISU

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

94 %
HTTPS

28 %
IPv6

20
Domains

31
Subdomains

32
IPs

4
Countries

4958 kB
Transfer

10794 kB
Size

51
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://reservations.travelclick.com/2958?HotelId=2958&languageid=1&rooms=1&adults=1
Title: Best rates from $ 89.00

Search URL Search Domain Scan URL

URL: https://image-tc.galaxy.tf/wipng-3txmw08xer1epvpmf0x8xc4xh/file.png
Title: walking paths

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/2958?HotelId=2958&languageid=1&rooms=1&adults=1&roomtypeid=3980
Title: Book now

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/2958?HotelId=2958&languageid=1&rooms=1&adults=1&roomtypeid=488085
Title: Book now

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/2958?HotelId=2958&languageid=1&rooms=1&adults=1&roomtypeid=473803
Title: Book now

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/2958
Title: BOOK THIS OFFER opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GatewayHotel/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gatewayhotelames/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/weddingsatgateway/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gateway-hotel-&-conference-center

Search URL Search Domain Scan URL

URL: https://www.amadeus-hospitality.com/
Title: Amadeus Hospitality

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.gatewayames.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.gatewayames.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

Request Chain 41

https://3038431.fls.doubleclick.net/activityi;src=3038431;type=websi197;cat=gatew123;ord=1;num=5095928247258;npa=1;auiddc=29362981.1732161470;ps=1;pcor=1424284111;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189051270z8830727906za201zb830727906;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.gatewayames.com%2F HTTP 302
https://3038431.fls.doubleclick.net/activityi;dc_pre=CPLHn6nE7IkDFeiTgwcdVAUR8g;src=3038431;type=websi197;cat=gatew123;ord=1;num=5095928247258;npa=1;auiddc=29362981.1732161470;ps=1;pcor=1424284111;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189051270z8830727906za201zb830727906;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.gatewayames.com%2F

Request Chain 75

https://c1.adform.net/serving/cookie/match?cid=273d865f-7896-4423-815a-73154c62748d&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=273d865f-7896-4423-815a-73154c62748d&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=4253672801637572396&cid=273d865f-7896-4423-815a-73154c62748d

Request Chain 77

https://ad.doubleclick.net/ddm/activity/src=12935265;type=homep0;cat=gatew0;qty=1;cost=0;u1=;u2=UNKNOWN;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=2958;u20=Gateway%20Hotel%20and%20Conference%20Center;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN HTTP 302
https://ad.doubleclick.net/ddm/activity/src=12935265;dc_pre=CILxvqnE7IkDFUFqkQUdOQQ5yQ;type=homep0;cat=gatew0;qty=1;cost=0;u1=;u2=UNKNOWN;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=2958;u20=Gateway%20Hotel%20and%20Conference%20Center;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN HTTP 302
https://adservice.google.com/ddm/fls/z/src=12935265;dc_pre=CILxvqnE7IkDFUFqkQUdOQQ5yQ;type=homep0;cat=gatew0;qty=1;cost=0;u1=;u2=UNKNOWN;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=2958;u20=Gateway%20Hotel%20and%20Conference%20Center;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN

Request Chain 78

https://ib.adnxs.com/px?id=1683467&t=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1683467%26t%3D1

Request Chain 79

https://ib.adnxs.com/seg?add=33623417&t=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D33623417%26t%3D1

103 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
www.gatewayames.com/ 68 KB
18 KB 222ms
120ms Document
text/html 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

280852e862be648a5b7a13c42bb214ed4c41a9f8ef18ef3d73ec6ee4834f3af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1200
cf-cache-status: HIT
cf-ray: 8e5dc202788f6a74-TXL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Nov 2024 03:57:49 GMT
expires: Thu, 21 Nov 2024 04:17:49 GMT
last-modified: Thu, 07 Nov 2024 21:35:40 GMT
priority: u=0,i
referrer-policy: no-referrer-when-downgrade
server: cloudflare
server-timing: cfExtPri
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-id: wbaP4Omx_wGByFtl-a6zq-s_J72I-j3rQhH4dIRtVLAph5I7Lb-SqQ==
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H3 200 speculation
www.gatewayames.com/cdn-cgi/ 128 B
352 B 47ms
47ms Other
application/speculationrules+json 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gatewayames.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://www.gatewayames.com/

Response headers

speculation-rules: "/cdn-cgi/speculation"
cf-ray: 8e5dc20349096a74-TXL
access-control-allow-origin: https://www.gatewayames.com
alt-svc: h3=":443"; ma=86400
content-length: 128
server-timing: cfExtPri
date: Thu, 21 Nov 2024 03:57:49 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare
priority: u=4,i

GET
H2 200 css
fonts.googleapis.com/ 2 KB
443 B 143ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Slab:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

576f2ec5eda3b3f0908fe29f2f8598e56ad02011dcab1d0edaaf26888e8ce812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 03:57:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 3 KB
561 B 143ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

638e0a9696a1287622b2881fce4aa2450101d9f7e29cb7811fb4c737a4e7e8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 03:57:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 141ms
48ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afb59214ba30577a4fb8b82fb4f290c799fcc694371621cef74f8af010e73746

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 03:15:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 18 KB
2 KB 177ms
84ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2bc02dd24f459e76f5b12d9d059d9115e6877092757d52b47af03bdb78eb1bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 03:57:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 main.css
www.gatewayames.com/css/custom/3021/1/main/ac5655dc133fb6a1a6f631a241dba497/ 827 KB
108 KB 86ms
86ms Stylesheet
text/css 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gatewayames.com/css/custom/3021/1/main/ac5655dc133fb6a1a6f631a241dba497/main.css

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5617ae219101a9b9bee8a71d26bc2a048ba21f1b3b02d9faf4ed90f817bdbda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"8a400fdf5ce2008c1f987bbb72341567"
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 03:57:50 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: EL4Ak1FNTTcvIzpJ5-TizGpJxrYUrciBhcAJuJ7qqtHchZtNePrz8A==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: text/css
last-modified: Thu, 07 Nov 2024 21:36:01 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubdomains; preload
server-timing: cfExtPri
cache-control: public, max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer-when-downgrade
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
cf-ray: 8e5dc20369246a74-TXL
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P3
server: cloudflare

GET
H2 200 003-pool.svg
image-tc.galaxy.tf/wisvg-2v13tmca2voquiwzb856fd2wi/ 5 KB
2 KB 641ms
500ms Image
image/svg+xml 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-2v13tmca2voquiwzb856fd2wi/003-pool.svg?width=116&height=116

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

10cf4a1d0f1985478d568fef7fac509a8a63d9e8c76f1a36dad7dd7bd440469f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
etag: W/"30578eb309c93cdbe3401df3230de6f2"
x-amz-version-id: Bw0xfAZcYf9G4iwO6GN2ZoZ1Hi4_WzUf
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: 081crlOJ57SRkyX02_mnmcDGjXhOy08aQfE85xOKlctZLZDrQ8k8hg==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 23:12:46 GMT
vary: Accept-Encoding
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-replication-status: REPLICA
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
content-length: 1694
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 004-gym.svg
image-tc.galaxy.tf/wisvg-4yuetdhst8m7pqeawcqrzkgwt/ 2 KB
2 KB 690ms
550ms Image
image/svg+xml 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-4yuetdhst8m7pqeawcqrzkgwt/004-gym.svg?width=116&height=116

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

a402f0c865d07d4e339e3da02c25105967440f9f4043fa373ff356c92c458db6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
etag: W/"53e9f9fa2dbdaf90a81b99d4b699819d"
x-amz-version-id: kInviP6g6GF5Fp.82zwR1CKlYz9ZDdeu
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-amz-cf-id: r0iKB8R4tx7051wfRhzqnytcOzqGzmqO9m5m77IocPoEhRDEwMKPwg==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 23:12:46 GMT
vary: Accept-Encoding
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-replication-status: REPLICA
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
content-length: 838
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 005-parking.svg
image-tc.galaxy.tf/wisvg-b5flx1anxv9yqsdpfsaasea9q/ 3 KB
2 KB 580ms
578ms Image
image/svg+xml 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-b5flx1anxv9yqsdpfsaasea9q/005-parking.svg?width=116&height=116

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

f8d694298bbc98c3c17908263f1fdd465e309dc7c42e80d0699f10dc5baec905

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
etag: W/"bc5a4744e821e53f6e9300717ccacf7e"
x-amz-version-id: VMa1TdPdrxCyyLJd.bBppwEZVhrlf2OS
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: xFE2crCnkVnMBNKg4BbDalCnh8VBmlQL4ucAemI7Jv9vBErw-GE7PA==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 23:12:46 GMT
vary: Accept-Encoding
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-replication-status: REPLICA
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31535966
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
content-length: 1232
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 edited-exkg4_standard.jpg
image-tc.galaxy.tf/wijpeg-cjkarsa2nxft5w6fkwweczg61/ 13 KB
14 KB 504ms
502ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-cjkarsa2nxft5w6fkwweczg61/edited-exkg4_standard.jpg?crop=112%2C0%2C1777%2C1333&width=372

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

63464d2301608bcda6ec17bbe0890e724daa93d2a15e245f49aadae16e1c1e1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

etag: "f3ddf0b2687475b1d6553686f961d2ec"
x-amz-version-id: KrevhtujCvAuw94xezAJ5b.dRH9iJVIy
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: IXs66e2mRuKAChmUNi6uXoel7snPLNbnRdMAstEgFCf31Mciep06uQ==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/jpeg
last-modified: Mon, 08 May 2023 18:44:36 GMT
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13553
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 suite10_standard.jpg
image-tc.galaxy.tf/wijpeg-bnp1qd5x1l5pv83ey1k36hmxa/ 12 KB
13 KB 566ms
564ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-bnp1qd5x1l5pv83ey1k36hmxa/suite10_standard.jpg?crop=112%2C0%2C1777%2C1333&width=372

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

f25dfa0f0040a357ef455eeb0304b58054dfb464b24a7d9b158ec13d33cd0f2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

etag: "36c741bda3daed7338cc0c8d249dab6f"
x-amz-version-id: bfac86K5qBeD7O2RVvl4qdiVTe2MQpeM
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: yq2m4nUAn5fsm0E_tb5D-ZkE40fnf4aqhbtFH7eMPGFLS2H--ufoXQ==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/jpeg
last-modified: Mon, 08 May 2023 18:44:35 GMT
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31535941
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12760
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 edited-plakg1_standard.jpg
image-tc.galaxy.tf/wijpeg-1nfbqz4bfjyxuluhvscwebg3b/ 17 KB
17 KB 568ms
566ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-1nfbqz4bfjyxuluhvscwebg3b/edited-plakg1_standard.jpg?crop=112%2C0%2C1777%2C1333&width=372

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

f135b40e45ec524c4eb24be2b727436b6e7b6ba8a8ab3e2be0b5bf7de8a01e12

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

etag: "9885a6023c98e1bbe971c4cee3f08e6c"
x-amz-version-id: Nb.m.KQOpNc0zW3xhR86KXY0MS4PnruY
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: xD_12-N21vc85-gPKjqkjRqb1d4uqsjP5x8AGBwaNDm7epMvdy8bYQ==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/jpeg
last-modified: Mon, 08 May 2023 18:44:35 GMT
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31535956
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17010
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 edited-suite7.jpg
image-tc.galaxy.tf/wijpeg-e57i9zgkir915ykbw0045gze4/ 193 KB
194 KB 87ms
86ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-e57i9zgkir915ykbw0045gze4/edited-suite7.jpg?width=1920

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

c83c5b32626f86c5fe3925cea93f6e3bf3dea4ab063737abf3784a74016f9798

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

etag: "caf25a511a03dd247347e0b5ac7fe5e0"
x-amz-version-id: u3iWDbIwWOs4Z1XRa.5grd3CuNcQyOBo
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: 40-K_btBSa6JAAETMaGvPyRIa2_dyul4baqgiYwgmWT56Z-hrR0ZbQ==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/jpeg
last-modified: Thu, 06 Jul 2023 17:54:11 GMT
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31395574
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 197823
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H3 200 galaxy-helpers.js Show response
www.gatewayames.com/frontend/galaxy-helpers/public/ 58 KB
21 KB 328ms
327ms Script
application/javascript 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gatewayames.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-aa222c74-fce0-4d79-a382-cfa2f27cd576

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0deeac40ee53899291070a45e4c900277d2358ece0fdb020d4b221be87691f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"844662330996d07258be745a6bb96203"
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 03:57:50 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 3ocwnhfZ7q_T-A5h8rZN0_MO55ltIWfXAZqeCeUnY3XsPqiwQ8okCg==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 16:24:27 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubdomains; preload
server-timing: cfExtPri
cache-control: public, max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer-when-downgrade
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
cf-ray: 8e5dc20479cc6a74-TXL
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-C2
server: cloudflare

GET
H3 200 bundle.js Show response
www.gatewayames.com/integration/tc-theme/public/js/ 1 MB
408 KB 65ms
64ms Script
application/javascript 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gatewayames.com/integration/tc-theme/public/js/bundle.js?v8fe2f4d38562fbdb5e7ac1673fe67960

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9dc2008af61c5e70a2870c55f6ec77bbf51607cd41f82f453c3c3a2d6ff3306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d8503bd991b3f615fd12e19e8d40664"
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 03:57:50 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: RYHNq9J0GmfRM01Eo4NoXjw1c-JIw4dly3ebA2vgEYieluYDtFFhMg==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 21:11:04 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubdomains; preload
server-timing: cfExtPri
cache-control: public, max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer-when-downgrade
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
cf-ray: 8e5dc20479cd6a74-TXL
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P3
server: cloudflare

GET
H3 200 bundle.js Show response
www.gatewayames.com/integration/tc-ext-integrated-datalayer/public/js/ 22 KB
6 KB 154ms
153ms Script
application/javascript 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gatewayames.com/integration/tc-ext-integrated-datalayer/public/js/bundle.js?v8fe2f4d38562fbdb5e7ac1673fe67960

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b36b38f0287c8af05304dbaf0ce6d159c86f44c9a4dc16b0c218601ea24cfbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"0f16a83aa74f02c48bf86c40867b6d00"
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 03:57:50 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: d-nCTmza1CVaU3PX88U_qUhbecrlRf2rbKMFZd_Qf7rIYtfJIX1JIQ==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 15:45:38 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubdomains; preload
server-timing: cfExtPri
cache-control: public, max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer-when-downgrade
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
cf-ray: 8e5dc20479ce6a74-TXL
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P3
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 108ms
42ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-LMDyhaMd' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LMDyhaMd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4424, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: NFOMAaRsQDLAuaf+hku2fwr2Nl7SI0iLewxwHC+0IEGZKofIlrMK1tyJKtJHoFrkSb+EMmedPOgcC1V++dUoBw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 306 KB
94 KB 142ms
49ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96d93e723ff685743d9fba61bf34d015a96caf67de800920d6b7766cba9c417e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 21 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95107
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 369 KB
120 KB 234ms
140ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb680221c5cea1c062a385fb84f7bd71bbae5681471d586e9eaae7e15002b7b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 21 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 123227
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 svg-icons.svg
www.gatewayames.com/integration/tc-theme/public/svg/ 82 KB
23 KB 299ms
299ms Image
image/svg+xml 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gatewayames.com/integration/tc-theme/public/svg/svg-icons.svg

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebfd0494493275cc3cfa7d640f1be08115243660b0cbdee028a946f080ab14cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"dbd70a64474c73523169afc49022b267"
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 03:57:50 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: NhuxIbsG_uWL39mwINPNIlAGkoNIYEm4FBA2lrPztAtLXGQrraXNuA==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/svg+xml
last-modified: Wed, 11 Sep 2024 16:24:22 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubdomains; preload
server-timing: cfExtPri
cache-control: public, max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer-when-downgrade
via: 1.1 6449162c284baa1c52c1f1c7caefcae6.cloudfront.net (CloudFront)
cf-ray: 8e5dc20479d06a74-TXL
x-xss-protection: 1; mode=block
x-amz-cf-pop: TXL50-P6
server: cloudflare

GET
H3 200 cookieconsent.min.js Show response
www.gatewayames.com/integration/tc-theme/public/vendor/ 19 KB
7 KB 215ms
214ms Script
application/javascript 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gatewayames.com/integration/tc-theme/public/vendor/cookieconsent.min.js

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"f2bc0804920974cdb94feca2936b668c"
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 03:57:50 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: RaUaSBzA0Jt_Q5wMT-o_3SXkb8cWAg8ESAOFfkQB3ju3j_t0mnrBgg==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript
last-modified: Tue, 13 Dec 2022 20:04:07 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubdomains; preload
server-timing: cfExtPri
cache-control: public, max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer-when-downgrade
via: 1.1 6449162c284baa1c52c1f1c7caefcae6.cloudfront.net (CloudFront)
cf-ray: 8e5dc20479d36a74-TXL
x-xss-protection: 1; mode=block
x-amz-cf-pop: TXL50-P6
server: cloudflare

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 001-wifi.svg
image-tc.galaxy.tf/wisvg-cdm3qinemlolu1d8u1zfqbwmj/ 3 KB
2 KB 516ms
516ms Image
image/svg+xml 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-cdm3qinemlolu1d8u1zfqbwmj/001-wifi.svg?width=116&height=116

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

d43b472e41b7d180c853a75d32626dbf0bff5e845da7686457e981c599881707

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
etag: W/"d11504af87b2f0de81fcc1d9957ddfeb"
x-amz-version-id: rB1O0oeax6Bp2n9RAoaOBkyKqW2ERyh.
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: 9wOt47URXJj1F7v4G_YsTHtswXhFC39Up2fqFwMRJQ4e7LP5BIFuGQ==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 23:12:47 GMT
vary: Accept-Encoding
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-replication-status: REPLICA
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
content-length: 1265
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 002-clean-clothes.svg
image-tc.galaxy.tf/wisvg-d8c966f8kzdbsbdfahoh1wbeq/ 3 KB
2 KB 565ms
565ms Image
image/svg+xml 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-d8c966f8kzdbsbdfahoh1wbeq/002-clean-clothes.svg?width=116&height=116

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

4af494692bddee8a0fc7dc6f1e33927091309bd504920af6bd5fe8d5695517ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
etag: W/"df7fba6a8b74550b794b82f4ec5746c2"
x-amz-version-id: Vp9TCyuUq.x4AZFOyKT1d9cWhBx4hQb.
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: xENfVGoMdbMl2ejEA0OcxJo4UmzUj-Y8sVJongOvTPY5hZ0Jc2dGbw==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 23:12:46 GMT
vary: Accept-Encoding
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-replication-status: REPLICA
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
content-length: 1676
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 106ms
57ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://fonts.googleapis.com/

Response headers

age: 45216
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:24:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:24:14 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 lW-5wjwOK3Ps5GSJlNNkMalnqg6v.woff2
fonts.gstatic.com/s/josefinslab/v26/ 18 KB
18 KB 120ms
71ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinslab/v26/lW-5wjwOK3Ps5GSJlNNkMalnqg6v.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Slab:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

edb17da91985be0f1fb60028389b28f911291c5b30c1d4e06c90e56e3e5bcc37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://fonts.googleapis.com/

Response headers

age: 103995
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 23:04:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 23:04:35 GMT
last-modified: Thu, 24 Aug 2023 21:40:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18780
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 89ms
40ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://fonts.googleapis.com/

Response headers

age: 47898
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 14:39:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 14:39:32 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 5514495235264856 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 237ms
236ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/5514495235264856?v=2.9.176&r=stable&domain=www.gatewayames.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

0aa6ece9157ab0e493dc9f8835f4ac5d61d43ecf45bc258d034cb59e7dc3239f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-z4ao4LIv' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-z4ao4LIv' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=77, mss=1232, tbw=70876, tp=67, tpl=0, uplat=195, ullat=0
pragma: public
x-fb-debug: zMlkZTMgF7jhhz+jsJ92+z0Tx+oqaxyDIQEcdcIOh9meIR8hEAr2uDqex4/0iZne/cCnGdyvWZL4/WZlFhSbjA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 collect
www.google.com/ccm/ 0
0 130ms
49ms Ping
text/plain 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.gatewayames.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=630992870.1732161470&auid=29362981.1732161470&npa=1&gtm=45He4bk0v830727906za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732161470440&tfd=719&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 228 KB
82 KB 63ms
61ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-3038431&l=dataLayer&cx=c&gtm=45He4bk0v830727906za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5542e6de31f8259ef53777d12839fa1a1befa183f312a2cd91ba6408d4795dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 21 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83740
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 248 KB
89 KB 59ms
57ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11220189881&l=dataLayer&cx=c&gtm=45He4bk0v830727906za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bcbf68c3ce7d2f248159bec9df5dff4ebb5adab05e9047c5ac39fb20454f8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 21 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90957
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 248 KB
89 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11220199499&l=dataLayer&cx=c&gtm=45He4bk0v830727906za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d72392d485fcd1f25b6ccdc5ba7df07c532a0b9b504d0f68150ccfc40480f811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 21 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90960
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ 27 KB
7 KB 143ms
42ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9ebeb0070916f00d35da5bd027541d6bd9911942cd460b2c442ad069b9ef1d68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=E9cRqA==, md5=/0GrzyvGnxQa4OGcR2QfgQ==
content-encoding: br
etag: W/"ff41abcf2bc69f141ae0e19c47641f81"
age: 106
x-goog-stored-content-encoding: identity
expires: Thu, 21 Nov 2024 04:56:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 27246
date: Thu, 21 Nov 2024 03:56:04 GMT
last-modified: Wed, 04 Sep 2024 10:10:53 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC4My7j3s-fIqTZ2s1xGCXVTFukbOKsbdCTv1HkyBbI5gSLq5yAqD116_83PXC5Omg0hvCAmd-TSGA
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1725444653471389
content-length: 6200
server: UploadServer

GET
H2 200 travelclick_enrollment.js Show response
theguestbook.com/ 2 MB
2 MB 860ms
449ms Script
text/javascript 35.82.108.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://theguestbook.com/travelclick_enrollment.js?w=gatewayhotel

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.108.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-108-229.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

796f14aaf38509678dba70fb73abf50c3e51abb545fa432c0119ec231f3d1f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

x-request-id: b43495d0-5817-41f5-aff7-8b5a6610e835
etag: W/"796f14aaf38509678dba70fb73abf50c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-runtime: 0.217088
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
content-length: 1903706
x-xss-protection: 1; mode=block
server: nginx

GET
H2 200 slider.js Show response
theguestbook.com/ 16 KB
17 KB 847ms
437ms Script
application/javascript 35.82.108.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://theguestbook.com/slider.js?w=gatewayhotel

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.108.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-108-229.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

87cbd745e61caae9c785e7774a5181561f0826ae477fc3d9a646e9d67a40980b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

access-control-max-age: 1728000
x-request-id: cd041574-f63b-48b2-866a-7ec5d96fec13
etag: W/"87cbd745e61caae9c785e7774a518156"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: application/javascript; charset=utf-8
vary: Origin
x-runtime: 0.015125
access-control-allow-headers: X-Requested-With, X-Prototype-Version, Origin, Accept, Content-Type, X-CSRF-Token
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
content-length: 16473
x-xss-protection: 1; mode=block
server: nginx

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 2C10 0
0 137ms
48ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.gatewayames.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 03:57:50 GMT
expires: Fri, 21 Nov 2025 03:57:50 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2471-f18ab49b3a59aae4a06f.js Show response
www.gatewayames.com/integration/tc-theme/public/js/chunk/ 5 KB
3 KB 199ms
199ms Script
application/javascript 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gatewayames.com/integration/tc-theme/public/js/chunk/2471-f18ab49b3a59aae4a06f.js

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/integration/tc-theme/public/js/bundle.js?v8fe2f4d38562fbdb5e7ac1673fe67960

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c510954a0d8959f49cd869166c391a0b133ce83dfa747faad43f6f55d4d03c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"a8a66580c87e67ee43c62f1f22b96cf9"
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 03:57:50 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: pD5Uhk37cfqdLKAf2zFhRXyDoPiDyT6ifm_WMSCqWzSv3XkhCSVLaA==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 15:45:46 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubdomains; preload
server-timing: cfExtPri
cache-control: public, max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer-when-downgrade
via: 1.1 db3cc869e0dda88ce4fa37dee230e06e.cloudfront.net (CloudFront)
cf-ray: 8e5dc206bbc86a74-TXL
x-xss-protection: 1; mode=block
x-amz-cf-pop: TXL50-P6
server: cloudflare

GET
H3 200 svg-icons.svg Show response
www.gatewayames.com/integration/tc-theme/public/svg/ 82 KB
0 0ms
0ms XHR
image/svg+xml 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gatewayames.com/integration/tc-theme/public/svg/svg-icons.svg

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/integration/tc-theme/public/js/bundle.js?v8fe2f4d38562fbdb5e7ac1673fe67960

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebfd0494493275cc3cfa7d640f1be08115243660b0cbdee028a946f080ab14cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"dbd70a64474c73523169afc49022b267"
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 03:57:50 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: NhuxIbsG_uWL39mwINPNIlAGkoNIYEm4FBA2lrPztAtLXGQrraXNuA==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/svg+xml
last-modified: Wed, 11 Sep 2024 16:24:22 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: DENY
server-timing: cfExtPri
cache-control: public, max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer-when-downgrade
via: 1.1 6449162c284baa1c52c1f1c7caefcae6.cloudfront.net (CloudFront)
cf-ray: 8e5dc20479d06a74-TXL
x-xss-protection: 1; mode=block
x-amz-cf-pop: TXL50-P6
server: cloudflare

GET
H3

200

main.js Show response
www.gatewayames.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame FBC9
Redirect Chain

https://www.gatewayames.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.gatewayames.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

8 KB
4 KB

39ms
39ms

Script
application/javascript

104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gatewayames.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0423c9cae691cd3cae5a6cc5e1396cfce67a6fabb9e3b0ff2c755e312e143b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
cf-ray: 8e5dc207ac836a74-TXL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 8e5dc206fc086a74-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Thu, 21 Nov 2024 03:57:50 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 303 KB
103 KB 58ms
58ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MDD3JDJ1MK&l=dataLayer&cx=c&gtm=45He4bk0v830727906za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f02ed428fbedb8e913cb1e5a98922c0c1aa080308c203b102c74e42a2ba2bb26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105075
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 151ms
44ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTB733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
age: 1664
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 05:30:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:30:06 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2

200

activityi;dc_pre=CPLHn6nE7IkDFeiTgwcdVAUR8g;src=3038431;type=websi197;cat=gatew123;ord=1;num=5095928247258;npa=1;auiddc=29362981.1732161470;ps=1;pcor=1424284111;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
3038431.fls.doubleclick.net/ Frame E439
Redirect Chain

https://3038431.fls.doubleclick.net/activityi;src=3038431;type=websi197;cat=gatew123;ord=1;num=5095928247258;npa=1;auiddc=29362981.1732161470;ps=1;pcor=1424284111;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
https://3038431.fls.doubleclick.net/activityi;dc_pre=CPLHn6nE7IkDFeiTgwcdVAUR8g;src=3038431;type=websi197;cat=gatew123;ord=1;num=5095928247258;npa=1;auiddc=29362981.1732161470;ps=1;pcor=1424284111;...

0
0

58ms
58ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3038431.fls.doubleclick.net/activityi;dc_pre=CPLHn6nE7IkDFeiTgwcdVAUR8g;src=3038431;type=websi197;cat=gatew123;ord=1;num=5095928247258;npa=1;auiddc=29362981.1732161470;ps=1;pcor=1424284111;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189051270z8830727906za201zb830727906;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.gatewayames.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-3038431&l=dataLayer&cx=c&gtm=45He4bk0v830727906za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gatewayames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 383
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 03:57:50 GMT
expires: Thu, 21 Nov 2024 03:57:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 03:57:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://3038431.fls.doubleclick.net/activityi;dc_pre=CPLHn6nE7IkDFeiTgwcdVAUR8g;src=3038431;type=websi197;cat=gatew123;ord=1;num=5095928247258;npa=1;auiddc=29362981.1732161470;ps=1;pcor=1424284111;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189051270z8830727906za201zb830727906;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.gatewayames.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=3038431;type=websi197;cat=gatew123;ord=1;num=5095928247258;npa=1;auiddc=29362981.1732161470;ps=1;pcor=1424284111;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;psc...
ad.doubleclick.net/ 0
23 B 106ms
51ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=3038431;type=websi197;cat=gatew123;ord=1;num=5095928247258;npa=1;auiddc=29362981.1732161470;ps=1;pcor=1424284111;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189051270z8830727906za201zb830727906;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.gatewayames.com%2F?

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 21 Nov 2024 03:57:50 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"3213577982180318082"}],"aggregatable_trigger_data":[{"filters":[{"14":["14491908"]}],"key_piece":"0xc66c145058f72a11","source_keys":["12","13","14","15","16","17","18","19","20","21","19157696","19157697","19157698","19157699","24765976","24765977","24765978","24765979","24787512","24787513","24787514","24787515","27796820","27796821","27796822","27796823","27816120","27816121","27816122","27816123","638541864","638541865","638541866","638541867","900053788","900053789","900053790","900053791","900132856","900132857","900132858","900132859"]},{"key_piece":"0x3422d81c4b37b307","not_filters":{"14":["14491908"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","19157696","19157697","19157698","19157699","24765976","24765977","24765978","24765979","24787512","24787513","24787514","24787515","27796820","27796821","27796822","27796823","27816120","27816121","27816122","27816123","638541864","638541865","638541866","638541867","900053788","900053789","900053790","900053791","900132856","900132857","900132858","900132859"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"19157696":655,"19157697":655,"19157698":655,"19157699":63569,"20":65,"21":6356,"24765976":327,"24765977":327,"24765978":327,"24765979":31784,"24787512":327,"24787513":327,"24787514":327,"24787515":31784,"27796820":65,"27796821":65,"27796822":65,"27796823":6356,"27816120":218,"27816121":218,"27816122":218,"27816123":21189,"638541864":65,"638541865":65,"638541866":65,"638541867":6356,"900053788":218,"900053789":218,"900053790":218,"900053791":21189,"900132856":218,"900132857":218,"900132858":218,"900132859":21189},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"8721850391298231527","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"3213577982180318082","filters":[{"14":["14491908"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"3213577982180318082","filters":[{"14":["14491908"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"3213577982180318082","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"3213577982180318082","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["3038431"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

OPTIONS
H2 200 info
tc.galaxy.tf/tc/entity/v1/hotel/2958/ Frame 0
0 222ms
75ms Preflight 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://tc.galaxy.tf/tc/entity/v1/hotel/2958/info

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-galaxy-key
Access-Control-Request-Method: GET
Origin: https://www.gatewayames.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Galaxy-Key
access-control-allow-origin: https://www.gatewayames.com
access-control-max-age: 600
apigw-requestid: BlBl4i99liAEMlA=
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Thu, 21 Nov 2024 03:57:50 GMT
expires: Thu, 21 Nov 2024 03:57:50 GMT
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

POST
H/1.1 200
OK 3021 Show response
dynamic.travelclick-websolutions.com/list/ 20 KB
5 KB 584ms
297ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/list/3021

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/integration/tc-theme/public/js/bundle.js?v8fe2f4d38562fbdb5e7ac1673fe67960

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

8b8c05911f07734e5a531b792ad3d40cb7aa4c8687039ff16c4e0586729065d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gatewayames.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-request-id: 45516cb2
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS
expires: Thu, 19 Nov 1981 08:52:00 GMT
server-timing: 1-bootstrap;dur=3.4840, 2-routing;dur=8.4751, b-time-l-sql;dur=15.8, b-time-unit;dur=72.08, b-time-partial;dur=0, b-time;dur=178.17497253418, d-mem-cur;desc="d-mem-cur: 44.03 MB", d-req-unit;desc="d-req-unit: 2 call - 4 cached", d-req-partial;desc="d-req-partial: 0", d-req-l-sql;desc="d-req-l-sql: 17", g-sql-all-time;dur=24.78, g-sql-all-req;desc="g-sql-all-req: 46"
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/json
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate
x-real-hostname: xo7-web-09
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
content-length: 3533
x-xss-protection: 1; mode=block
server: Apache

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 39ms
39ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://fonts.googleapis.com/

Response headers

age: 134177
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 14:41:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 14:41:33 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H2 200 logo-horizontal.png
image-tc.galaxy.tf/wipng-2746bl101tq71bc4djlqercwa/ 6 KB
7 KB 538ms
537ms Image
image/webp 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-2746bl101tq71bc4djlqercwa/logo-horizontal.png?width=500

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

85019de481108723e6f8095497454b1b93d2a96c16792d7d6b998e6a95dbd4d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

etag: "92a713c800c10fda54472e12ee9916af"
x-amz-version-id: p6NA30PV1uc4QkuubrFz1IvycIUdvh_D
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: QfjzPQLgAOr1V43Q10cZErX3zeTzk6oA7XkycNM68XBQOGcvuXFxbA==
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: image/webp
last-modified: Wed, 26 Jun 2024 10:10:42 GMT
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6404
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 gateway-hotel-logo-02-01.png
image-tc.galaxy.tf/wipng-22e63n4al2dfv72xx8uzlrfyl/ 67 KB
68 KB 634ms
633ms Image
image/webp 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-22e63n4al2dfv72xx8uzlrfyl/gateway-hotel-logo-02-01.png?width=500

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

496e31e6d30f4b94c915e9d3e4805492693689b1e8553f2ae5ab09bc3052bd66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

etag: "17d68e948a8672335dbc1bcb416d01ab"
x-amz-version-id: 7A953vCBuEg6u3vEkREUsEeNbg9GPo4X
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: mPhYvnnjFqRqRGLXlG16sh9cokPQze5EiEABkeup3at6HTH75hNk0w==
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: image/webp
last-modified: Wed, 26 Jun 2024 10:11:48 GMT
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 68962
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 edited-exft1.jpg
image-tc.galaxy.tf/wijpeg-cd2pavi2j7t17k3pj95zbvmu7/ 197 KB
198 KB 582ms
582ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-cd2pavi2j7t17k3pj95zbvmu7/edited-exft1.jpg?width=1920

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

057b7d201c4090e3d2f94f2f490b2426d448f58c572a25cd09e08cb5ee3d3a67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

etag: "de2d13f49aa2cb5d919de897da4ce093"
x-amz-version-id: l0CEdPKvaO3gV3QbqPYRoQfuccWCTBRc
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: 3ABEXecEHy8MAqwUO6bzKn13y6p76RcoUBpkNvBGR7TZxu_cPA4o8A==
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: image/jpeg
last-modified: Tue, 30 Jan 2024 10:23:07 GMT
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31535988
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 201786
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 gateway-664-016.jpg
image-tc.galaxy.tf/wijpeg-3d6pa1f9lsal3anxw8thvvuos/ 199 KB
199 KB 54ms
53ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-3d6pa1f9lsal3anxw8thvvuos/gateway-664-016.jpg?width=1920

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Wizard@Edge /

Resource Hash

dc111c24ece67a02c0fe49e4d2709247e7159bfa4a902bbdeac82846741c2e8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

etag: "e46f29aa1fd3aabba3888e57f2cde098"
x-amz-version-id: 1WetQIPfLdCN3.xCIyXXFY.UAbZ9Oupn
x-content-type-options: nosniff
access-control-allow-methods: GET, HEAD, OPTIONS
x-amz-cf-id: xAMrpdVcN43KzYTgMW1YQQponnUjiBWPv6ySbBBqXkptsjDotDEGpg==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/jpeg
last-modified: Thu, 28 Oct 2021 19:41:14 GMT
x-frame-options: DENY
x-galaxy-optimize: 1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-replication-status: REPLICA
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
cache-control: public, max-age=31304293
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 203349
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9
server: Wizard@Edge
x-amz-server-side-encryption: AES256

GET
H2 200 info Show response
tc.galaxy.tf/tc/entity/v1/hotel/2958/ 65 B
309 B 725ms
724ms XHR
application/json 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://tc.galaxy.tf/tc/entity/v1/hotel/2958/info

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/integration/tc-theme/public/js/bundle.js?v8fe2f4d38562fbdb5e7ac1673fe67960

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

02c8f2f242e8c60cc792ee4f1c936011652183460d2b305540fb632fc95ac78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.gatewayames.com/
X-Galaxy-Key: 6158f9be21e37826ce55aba1e00354e8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 21 Nov 2024 03:57:51 GMT
apigw-requestid: BlBl4gFqFiAEP6w=
access-control-allow-origin: https://www.gatewayames.com
content-length: 65
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: application/json

POST
H/1.1 200
OK 3021 Show response
dynamic.travelclick-websolutions.com/view/ 6 KB
3 KB 549ms
292ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/view/3021

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/integration/tc-theme/public/js/bundle.js?v8fe2f4d38562fbdb5e7ac1673fe67960

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

39638cf3af0c3bd48796800b6b5e29659f4db0bd238a8f686233a3c33f59a1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gatewayames.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-request-id: bc7fdbe0
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS
expires: Thu, 19 Nov 1981 08:52:00 GMT
server-timing: 1-bootstrap;dur=3.4711, 2-routing;dur=7.8459, b-time-l-sql;dur=14.85, b-time-unit;dur=71.67, b-time-partial;dur=0, b-time;dur=174.11184310913, d-mem-cur;desc="d-mem-cur: 43.49 MB", d-req-unit;desc="d-req-unit: 2 call - 2 cached", d-req-partial;desc="d-req-partial: 0", d-req-l-sql;desc="d-req-l-sql: 17", g-sql-all-time;dur=23.5, g-sql-all-req;desc="g-sql-all-req: 36"
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/json
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate
x-real-hostname: xo7-web-07
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
content-length: 2090
x-xss-protection: 1; mode=block
server: Apache

GET
H3 200 chunk-tc-hotel-dropdown-765fb40e4c9fd585a009.js Show response
www.gatewayames.com/integration/tc-theme/public/js/chunk/ 368 B
760 B 251ms
250ms Script
application/javascript 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gatewayames.com/integration/tc-theme/public/js/chunk/chunk-tc-hotel-dropdown-765fb40e4c9fd585a009.js

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/integration/tc-theme/public/js/bundle.js?v8fe2f4d38562fbdb5e7ac1673fe67960

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c961b29531f353ba0031756f0fd674bbe41bd32d638360287dc4805658868b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"e58e1750b0c3b14e2aecf6496a7b83b0"
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 03:57:50 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: FcFfcvNTwjTXayoohKjnmve1o4saCbY4zQYD7fUUqe2OPkVjKd3RMw==
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 15:45:36 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubdomains; preload
server-timing: cfExtPri
cache-control: public, max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer-when-downgrade
via: 1.1 9fdf43157f1a2a932e4a439c0af3dcd2.cloudfront.net (CloudFront)
cf-ray: 8e5dc2079c7b6a74-TXL
x-xss-protection: 1; mode=block
x-amz-cf-pop: TXL50-P6
server: cloudflare

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
103 KB 55ms
55ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3R5SJEDWK4&l=dataLayer&cx=c&gtm=45He4bk0v830021505za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fcec1d254e1e5e167a2de8f7a72cd1b7029e9aab723e77a22f184c7c83773484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 21 Nov 2024 03:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105549
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 25038873845760714 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 202ms
202ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/25038873845760714?v=2.9.176&r=stable&domain=www.gatewayames.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

41faed8a25b7286377977612816b6a2f6d09714a3d5e375070ba1ac810d730eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-0CwUpPT3' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-0CwUpPT3' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=89, mss=1232, tbw=85386, tp=83, tpl=0, uplat=155, ullat=0
pragma: public
x-fb-debug: sV44XQDdqc6y/DDEJdMJVxMav+2zpJqhboswC6f/vDDL3Xmsz9RL9kt6nEFaLnJcvjbWl3ZLUDuCJdMUxoaLbA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 92ms
42ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5514495235264856&ev=PageView&dl=https%3A%2F%2Fwww.gatewayames.com%2F&rl=&if=false&ts=1732161470675&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732161470675.722761163101143424&ler=empty&cdl=API_unavailable&it=1732161470330&coo=false&rqm=GET

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4506, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 313ms
263ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=5514495235264856&ev=PageView&dl=https%3A%2F%2Fwww.gatewayames.com%2F&rl=&if=false&ts=1732161470675&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732161470675.722761163101143424&ler=empty&cdl=API_unavailable&it=1732161470330&coo=false&rqm=FGET

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439576866432622992"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: WCFtT6bg+jySnaO22ydE2ROc8o4uhxIijcuOUlYD5KOgf1N9vuigBswIPpJCEKUqNKA4yeyVPTJ+yEht842rwA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439576866432622992", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=24, mss=1232, tbw=5210, tp=18, tpl=0, uplat=221, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET 43.html
static.sojern.com/cip/c/ Frame BA3F 0
0

GET
H2 200 sojern.min.js Show response
static.sojern.com/sdk/latest/ 136 KB
43 KB 43ms
41ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/sdk/latest/sojern.min.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/utils/sjrn_autocx.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6ad260946fa1a69b7fb46b5a83ab04258d43c5556cf1663428c9f6160bcdcee1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=aG6ptQ==, md5=gXyH6RwgmYflAhkHPkV+Xg==
content-encoding: br
etag: W/"817c87e91c209987e50219073e457e5e"
age: 1054
x-goog-stored-content-encoding: identity
expires: Thu, 21 Nov 2024 04:40:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 139612
date: Thu, 21 Nov 2024 03:40:16 GMT
last-modified: Wed, 20 Nov 2024 11:45:02 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7edE93K2wgAH5A0lOuj9W7iym0s-cywgLVKYO2sWKk7_cf2ErFZL896H1okO7Slm57ny0
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1732103102641590
content-length: 43544
server: UploadServer

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 168ms
51ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MDD3JDJ1MK&gtm=45je4bk0v874345924z8830727906za200zb830727906&_p=1732161470141&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1967054360.1732161471&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fwww.gatewayames.com%2F&sid=1732161470&sct=1&seg=0&dt=Gateway%20Hotel%20%26%20Conference%20Center%20-%20Hotel%20in%20Ames%20Near%20ISU&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_subsection=not_applicable&ep.page_language=en&ep.hotel_city=Ames&ep.hotel_country=United%20States&ep.hotel_brand_name=The%20Gateway%20Hotel%20%26%20Conference%20Centre&ep.hotel_id=2958&ep.hotel_name=THE%20GATEWAY%20HOTEL%20%26%20CONFERENCE%20CENTER&up.user_logged_in_session=no&tfd=1030
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MDD3JDJ1MK&l=dataLayer&cx=c&gtm=45He4bk0v830727906za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.gatewayames.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 8e5dc202788f6a74 Show response
www.gatewayames.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame FBC9 0
707 B 48ms
41ms XHR
text/plain 104.17.185.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gatewayames.com/cdn-cgi/challenge-platform/h/g/jsd/r/8e5dc202788f6a74
Requested by: Host: www.gatewayames.com
URL: https://www.gatewayames.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.185.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8e5dc2089d6c6a74-TXL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
424 B 47ms
46ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1938097080&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gatewayames.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Gateway%20Hotel%20%26%20Conference%20Center%20-%20Hotel%20in%20Ames%20Near%20ISU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=643454494&gjid=551104234&cid=1967054360.1732161471&tid=UA-198062568-1&_gid=1487477553.1732161471&_r=1&_slc=1&gtm=45He4bk0n81WXTB733v830727906za200&cg1=group_property-&cd1=not_set&cd2=group_property-&cd3=not_applicable&cd4=not_applicable&cd5=https%3A%2F%2Fwww.gatewayames.com%2F&cd7=no&cd9=no&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=343465759

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.gatewayames.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.gatewayames.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 74ms
51ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3R5SJEDWK4&gtm=45je4bk0v888369804z8830021505za200zb830021505&_p=1732161470141&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1967054360.1732161471&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.gatewayames.com%2F&sid=1732161470&sct=1&seg=0&dt=Gateway%20Hotel%20%26%20Conference%20Center%20-%20Hotel%20in%20Ames%20Near%20ISU&en=page_view&_fv=1&_ss=1&ep.hotel_name=THE%20GATEWAY%20HOTEL%20%26%20CONFERENCE%20CENTER&ep.hotel_id=2958&ep.hotel_bid=12197&ep.hotel_brand_name=The%20Gateway%20Hotel%20%26%20Conference%20Center%20MB&ep.hotel_chain_id=not_applicable&ep.hotel_city=Ames&ep.hotel_continent=North%20America&ep.hotel_country=United%20States&ep.hotel_state=Iowa&ep.hotel_sub_brand_name=The%20Gateway%20Hotel%20%26%20Conference%20Centre&ep.hotel_tc_region=north_america-midwest&ep.hotel_booking_engine=iHotelier%20(BE5)&ep.page_has_tvs=no&ep.page_footer=ft3&ep.page_language=en&ep.page_section=group_property-&ep.page_subsection=not_applicable&ep.site_cms=galaxy&ep.site_galaxy_product=essentials&ep.page_template=th1&ep.site_booking_mask_type=bmco&ep.site_mobile_booking_mask_type=bmco2&ep.site_tvs=tvs_no&ep.hotel_property_type=group_property&ep.hotel_star_rating=3&epn.hotel_room_types_count=10&epn.site_number_of_languages=7&ep.site_global_product=web&ep.page_content_group=not_applicable&ep.site_be_version=be5&epn.hotel_brands_count=2&ep.hotel_gms_type=not_applicable&ep.hotel_has_gms=no&epn.page_tvs_videos_count=0&ep.site_be_config_enhancements=enabled-not_mandatory&epn.site_be_design_features_desktop_calendar=2&ep.site_be_design_features_enhancements_layout=four_columns&ep.site_be_design_features_lead_rate=enabled&ep.site_be_design_features_prices_by=avg_per_night&ep.site_be_design_features_results_filter=enabled-2%2C3%2C9%2C7%2C4%2C6%2C8&ep.site_be_design_features_results_grid_type=rooms-list&ep.item_type=hotel&up.user_logged_in=no&tfd=1125
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3R5SJEDWK4&l=dataLayer&cx=c&gtm=45He4bk0v830021505za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.gatewayames.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 config Show response
pixel.sojern.com/sdk/container/id/43/ 1004 B
1 KB 147ms
49ms Fetch
application/json 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/sdk/container/id/43/config
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/sdk/latest/sojern.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 94a396fcc06471591a4bc65174c264e6375b30a94054921b6ca08ce38041305b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.gatewayames.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1004
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: application/json
vary: Accept-Encoding
x-accel-expires: 0

GET
H3 200 1447399319392904 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 148ms
148ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1447399319392904?v=2.9.176&r=stable&domain=www.gatewayames.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

36e72f03a9980795c41bb761beadb5eca6f16b8ef81c96d958194b1e9d1a1ede

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-4HPwIA18' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-4HPwIA18' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=92, mss=1232, tbw=89242, tp=88, tpl=0, uplat=107, ullat=0
pragma: public
x-fb-debug: EwfkF9kFrOMdujYR0sMAzWCdxHdWJ+i+LDU09mcrgg4Xn9em9ZWshCk7nie8/2GvLrQMKYT1PWED6vg1UH5yZQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 41ms
41ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=25038873845760714&ev=PageView&dl=https%3A%2F%2Fwww.gatewayames.com%2F&rl=&if=false&ts=1732161470883&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732161470675.722761163101143424&ler=empty&cdl=API_unavailable&it=1732161470330&coo=false&rqm=GET

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4970, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 114ms
113ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=25038873845760714&ev=PageView&dl=https%3A%2F%2Fwww.gatewayames.com%2F&rl=&if=false&ts=1732161470883&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732161470675.722761163101143424&ler=empty&cdl=API_unavailable&it=1732161470330&coo=false&rqm=FGET

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439576866460344723"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 03:57:50 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Cf2mD1smLLLyz7pGrAd2roQaJ617n7jScSbT+Yso/O/0cnyzcyCGBZOJzeM0JtybhMNJAjLY3SvQFXDAKeO7+w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439576866460344723", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=24, mss=1232, tbw=7978, tp=21, tpl=0, uplat=72, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 config Show response
static.sojern.com/sdk/config/container/43/ 3 KB
1 KB 93ms
43ms Fetch
application/json 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/sdk/config/container/43/config
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/sdk/latest/sojern.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c4a286bbc67ff5ace19c8b24a0114a440543ff542cbe0776d3c2b2aeee5c7460

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=AoT7SA==, md5=XoOOPlAvFLNYIfAbzvKcLg==
content-encoding: br
etag: W/"5e838e3e502f14b35821f01bcef29c2e"
age: 2482
x-goog-stored-content-encoding: identity
expires: Thu, 21 Nov 2024 04:16:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2763
date: Thu, 21 Nov 2024 03:16:29 GMT
last-modified: Thu, 10 Oct 2024 18:28:38 GMT
content-type: application/json
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7d_g02E-6kVPoOuegD1UI4GCGx9TiQZdspuTBsL1PI3DNkjlit2lklsuzS_4Q1Lob2mrBI5KP-Pg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1728584918863060
content-length: 1247
server: UploadServer

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 41ms
40ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1447399319392904&ev=PageView&dl=https%3A%2F%2Fwww.gatewayames.com%2F&rl=&if=false&ts=1732161471036&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732161470675.722761163101143424&ler=empty&cdl=API_unavailable&it=1732161470330&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=27, mss=1232, tbw=9098, tp=25, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 83ms
83ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1447399319392904&ev=PageView&dl=https%3A%2F%2Fwww.gatewayames.com%2F&rl=&if=false&ts=1732161471036&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732161470675.722761163101143424&ler=empty&cdl=API_unavailable&it=1732161470330&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439576870132300908"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: BKBLUa6fvlgRT9L6JGnepGuif8qO/W9DrQY7BZLrfZAOog0lwjzXxO6EI13mPF1K/kK6O7/jveWCXW5p5GzSQw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439576870132300908", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=27, mss=1232, tbw=9290, tp=27, tpl=0, uplat=43, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 43 Show response
beacon.sojern.com/pixel/cp/ 7 KB
2 KB 90ms
49ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/43?f_v=v6_js&p_v=6&et=home_page&vid=hotel&hpr=Gateway%20Hotel%20and%20Conference%20Center&hpid=2958&domain=https%3A%2F%2Fwww.gatewayames.com%2F&ccid=xs6b6-sy3sa-2gdz8-yv1m6-7f1ah%7C1967054360.1732161471&s=sdk%7Cccid_auto%7Cccid_ga%7Ciframe%3Dfalse&pt=HOME_PAGE
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/sdk/latest/sojern.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 8c18627c7bc5e0391816b2f0fa0725b7f6131313dd1bd5054ec330e0725c75ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2010
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-expires: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 154ms
53ms Image
image/png 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=MjczZDg2NWYtNzg5Ni00NDIzLTgxNWEtNzMxNTRjNjI3NDhk&google_nid=sojern__adx_open_bidder_seat&sjrn_id=G1s4mDd_HwoRKzjxepctFJJ11KOT_jEy5amPpIlU72aloS9Dq6yNsa1HG_BAk2Y6&sjrn_lbid=3f1f2df8b1cd102c4880b70343d8dacc&sjrn_ts=1732161470

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 156ms
55ms Image
image/png 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=MjczZDg2NWYtNzg5Ni00NDIzLTgxNWEtNzMxNTRjNjI3NDhk&google_nid=sojern_adh&sjrn_lbid=3f1f2df8b1cd102c4880b70343d8dacc&sjrn_ts=1732161470

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 getuidnb
ib.adnxs.com/ 43 B
698 B 151ms
60ms Image
image/gif 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=G1s4mDd_HwoRKzjxepctFJJ11KOT_jEy5amPpIlU72aloS9Dq6yNsa1HG_BAk2Y6&sjrn_lbid=3f1f2df8b1cd102c4880b70343d8dacc&sjrn_ts=1732161470

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 4b2c276e-a004-40c1-a051-29d195f4527c
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 174ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=G1s4mDd_HwoRKzjxepctFJJ11KOT_jEy5amPpIlU72aloS9Dq6yNsa1HG_BAk2Y6&ttd_tpi=1
Requested by: Host: www.gatewayames.com
URL: https://www.gatewayames.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-length: 70
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: image/gif
server: Kestrel

GET
H2

202

adf
pixel.sojern.com/idsync/
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=273d865f-7896-4423-815a-73154c62748d&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=273d865f-7896-4423-815a-73154c62748d&party=1296
https://pixel.sojern.com/idsync/adf?adfid=4253672801637572396&cid=273d865f-7896-4423-815a-73154c62748d

0
327 B

49ms
49ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=4253672801637572396&cid=273d865f-7896-4423-815a-73154c62748d
Requested by: Host: www.gatewayames.com
URL: https://www.gatewayames.com/
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-accel-expires: 0

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://pixel.sojern.com/idsync/adf?adfid=4253672801637572396&cid=273d865f-7896-4423-815a-73154c62748d
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Thu, 21 Nov 2024 03:57:51 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 80 KB
31 KB 175ms
46ms Script
application/javascript 37.157.2.250
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/cp/43?f_v=v6_js&p_v=6&et=home_page&vid=hotel&hpr=Gateway%20Hotel%20and%20Conference%20Center&hpid=2958&domain=https%3A%2F%2Fwww.gatewayames.com%2F&ccid=xs6b6-sy3sa-2gdz8-yv1m6-7f1ah%7C1967054360.1732161471&s=sdk%7Cccid_auto%7Cccid_ga%7Ciframe%3Dfalse&pt=HOME_PAGE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"1c188eabf1f0749a0cffb2c108473370"
x-amz-request-id: tx00000f5c0946b15a17624-0066c347d3-32993cbc-default
access-control-allow-origin: *
date: Thu, 21 Nov 2024 03:57:51 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Fri, 08 Mar 2024 07:02:31 GMT

GET
H3

200

src=12935265;dc_pre=CILxvqnE7IkDFUFqkQUdOQQ5yQ;type=homep0;cat=gatew0;qty=1;cost=0;u1=;u2=UNKNOWN;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=2958;u20=Gateway%20Hotel%20and%20Conference%...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=12935265;type=homep0;cat=gatew0;qty=1;cost=0;u1=;u2=UNKNOWN;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=2958;u20=Gateway%20Hotel%20and%20Confe...
https://ad.doubleclick.net/ddm/activity/src=12935265;dc_pre=CILxvqnE7IkDFUFqkQUdOQQ5yQ;type=homep0;cat=gatew0;qty=1;cost=0;u1=;u2=UNKNOWN;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=2958...
https://adservice.google.com/ddm/fls/z/src=12935265;dc_pre=CILxvqnE7IkDFUFqkQUdOQQ5yQ;type=homep0;cat=gatew0;qty=1;cost=0;u1=;u2=UNKNOWN;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=2958;...

42 B
63 B

153ms
75ms

Image
image/gif

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=12935265;dc_pre=CILxvqnE7IkDFUFqkQUdOQQ5yQ;type=homep0;cat=gatew0;qty=1;cost=0;u1=;u2=UNKNOWN;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=2958;u20=Gateway%20Hotel%20and%20Conference%20Center;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 21 Nov 2024 03:57:51 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"5771825215436976388"}],"aggregatable_trigger_data":[{"filters":[{"14":["13908564"]}],"key_piece":"0x6f3cd718e33584a4","source_keys":["12","13","14","15","16","17","18","19","20","21","19870016","19870017","19870018","19870019","22987416","22987417","22987418","22987419","24797412","24797413","24797414","24797415","27155188","27155189","27155190","27155191","27824960","27824961","27824962","27824963","640971212","640971213","640971214","640971215","642877780","642877781","642877782","642877783","642892936","642892937","642892938","642892939"]},{"key_piece":"0xa55780fe8a0e4cc4","not_filters":{"14":["13908564"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","19870016","19870017","19870018","19870019","22987416","22987417","22987418","22987419","24797412","24797413","24797414","24797415","27155188","27155189","27155190","27155191","27824960","27824961","27824962","27824963","640971212","640971213","640971214","640971215","642877780","642877781","642877782","642877783","642892936","642892937","642892938","642892939"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"19870016":65,"19870017":65,"19870018":65,"19870019":6356,"20":65,"21":6356,"22987416":131,"22987417":131,"22987418":131,"22987419":12713,"24797412":655,"24797413":655,"24797414":655,"24797415":63569,"27155188":131,"27155189":131,"27155190":131,"27155191":12713,"27824960":65,"27824961":65,"27824962":65,"27824963":6356,"640971212":163,"640971213":163,"640971214":163,"640971215":15892,"642877780":655,"642877781":655,"642877782":655,"642877783":63569,"642892936":218,"642892937":218,"642892938":218,"642892939":21189},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"3428659175301799990","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5771825215436976388","filters":[{"14":["13908564"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5771825215436976388","filters":[{"14":["13908564"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5771825215436976388","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5771825215436976388","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12935265"]}}
content-type: image/png
cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=12935265;dc_pre=CILxvqnE7IkDFUFqkQUdOQQ5yQ;type=homep0;cat=gatew0;qty=1;cost=0;u1=;u2=UNKNOWN;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=2958;u20=Gateway%20Hotel%20and%20Conference%20Center;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/px?id=1683467&t=1
https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1683467%26t%3D1

0
1 KB

44ms
44ms

Image
application/javascript

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1683467%26t%3D1

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 4f48e9a2-e3ed-4595-bdfe-a30c01c7b471
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1683467%26t%3D1
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: b251acca-063f-4311-8804-a6e3c728a5bb
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?add=33623417&t=1
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D33623417%26t%3D1

0
1 KB

48ms
48ms

Image
application/javascript

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D33623417%26t%3D1

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 832762a5-7afb-4ecc-bcce-74ec09c394c3
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D33623417%26t%3D1
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 45de2ed9-55bb-4127-96a6-1667d1cf3700
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 59ms
54ms Image
image/png 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=MjczZDg2NWYtNzg5Ni00NDIzLTgxNWEtNzMxNTRjNjI3NDhk&google_nid=sojern__adx_open_bidder_seat&sjrn_id=G1s4mDd_HwoRKzjxepctFJJ11KOT_jEy5amPpIlU72aloS9Dq6yNsa1HG_BAk2Y6&sjrn_lbid=8d5414ab8d12ad761e77b6f8f140dbaf&sjrn_pid=352229&sjrn_ts=1732161471

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 57ms
52ms Image
image/png 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=MjczZDg2NWYtNzg5Ni00NDIzLTgxNWEtNzMxNTRjNjI3NDhk&google_nid=sojern_adh&sjrn_lbid=8d5414ab8d12ad761e77b6f8f140dbaf&sjrn_ts=1732161471

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 getuidnb
ib.adnxs.com/ 43 B
699 B 47ms
47ms Image
image/gif 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=G1s4mDd_HwoRKzjxepctFJJ11KOT_jEy5amPpIlU72aloS9Dq6yNsa1HG_BAk2Y6&sjrn_lbid=8d5414ab8d12ad761e77b6f8f140dbaf&sjrn_ts=1732161471

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 4d1887fe-e7b1-44ca-9bfc-7d41bd4f0ec3
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 21 Nov 2024 03:57:51 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

GET
H2 200 / Show response
a2.adform.net/Serving/TrackPoint/ 883 B
1 KB 420ms
134ms Script
text/javascript 185.167.164.39
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?pm=3052914&ADFPageName=Gateway%20Hotel%20and%20Conference%20Center%20--%20HOME_PAGE%20352229&ADFdivider=%7C&ord=190019901775&ADFtpmode=2&loc=https%3A%2F%2Fwww.gatewayames.com%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

d07353b80312036916906439c35be03f0ea31b991691d7e4fc39342773e0218a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 728
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 21 Nov 2024 03:57:51 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 pixels
c1.adform.net/imatch/ Frame FC40 0
0 135ms
46ms Document
text/html 37.157.2.229
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?bt=0&uid=4253672801637572396&agencyId=8579&advertiserId=2162313&src=tp&rnd=693270

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3052914&ADFPageName=Gateway%20Hotel%20and%20Conference%20Center%20--%20HOME_PAGE%20352229&ADFdivider=%7C&ord=190019901775&ADFtpmode=2&loc=https%3A%2F%2Fwww.gatewayames.com%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gatewayames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Nov 2024 03:57:51 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 0
462 B 223ms
57ms Image
text/plain 37.157.6.237
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=4253672801637572396&stamp=Iqpz9F-7X18DvP-67D9Y4w2

Requested by

Host: www.gatewayames.com
URL: https://www.gatewayames.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: private
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 21 Nov 2024 03:57:52 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 travelclick-37af2fbdbcbb670bca29.js Show response
assets.theguestbook.com/packs/js/ 2 MB
713 KB 204ms
48ms Script
application/javascript 2600:9000:2156:9a00:1d:9bf3:2e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.theguestbook.com/packs/js/travelclick-37af2fbdbcbb670bca29.js

Requested by

Host: theguestbook.com
URL: https://theguestbook.com/travelclick_enrollment.js?w=gatewayhotel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9a00:1d:9bf3:2e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f487312f9c91114e24e5e16a68318789e29b07bba7a3edb3ac0ca0e9abec78a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: br
etag: W/"6735fad1-27a15e"
age: 570169
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: njWOoXGvDlGH0NoYrAqRnoDkD6dT_ZSzJyqEP5x8kgv86IE3hKeMJA==
date: Thu, 14 Nov 2024 13:35:03 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 13:27:45 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=315360000, public
referrer-policy: strict-origin-when-cross-origin
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA50-C1
server: nginx

GET
H2 200 jquery-1.10.2.min.js Show response
code.jquery.com/ 91 KB
32 KB 149ms
49ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.min.js
Requested by: Host: theguestbook.com
URL: https://theguestbook.com/slider.js?w=gatewayhotel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-16bb3"
age: 2133546
x-cache: HIT, HIT
date: Thu, 21 Nov 2024 03:57:52 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 7494, 4273
x-served-by: cache-lga21955-LGA, cache-mxp6927-MXP
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1732161473.575709,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32788
server: nginx

OPTIONS
H2 204 /
api.rudderstack.com/sourceConfig/ Frame 0
0 233ms
141ms Preflight 13.225.78.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderstack.com/sourceConfig/?p=npm&v=3.0.4&build=modern&writeKey=2T5HBwIVKeEOKhSlON42BQfQU2O&lockIntegrationsVersion=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-114.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.gatewayames.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 03:57:53 GMT
vary: Origin
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
x-amz-cf-id: CHsrWHp89QLmfTDHdCOou9TNUHfphwDPOnjFhiW5OuW-19LdwWxx5w==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-request-id: c877f650-a7bc-11ef-9bd6-0930d95a4f03

GET
H2 200 css
fonts.googleapis.com/ 5 KB
784 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3d0db90dad10a165500f94c5505307b2f8936272f7c6520fb799d3f634afaf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 03:57:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 03:57:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 4 KB
589 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:400,500,600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d3adff52119be1f7416b3924c9f3e6ee8841293628559b745afbe70952bc4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 03:57:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:57:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 03:57:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 / Show response
api.rudderstack.com/sourceConfig/ 559 B
1 KB 306ms
306ms XHR
application/json 13.225.78.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderstack.com/sourceConfig/?p=npm&v=3.0.4&build=modern&writeKey=2T5HBwIVKeEOKhSlON42BQfQU2O&lockIntegrationsVersion=false

Requested by

Host: assets.theguestbook.com
URL: https://assets.theguestbook.com/packs/js/travelclick-37af2fbdbcbb670bca29.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-114.fra2.r.cloudfront.net

Software

Resource Hash

52de4c840b04a6da206125088e442e2f427800bf5857e79c201ecf8607e70899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: Basic MlQ1SEJ3SVZLZUVPS2hTbE9ONDJCUWZRVTJPOg==
Referer: https://www.gatewayames.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json

Response headers

x-request-id: c8a68061-a7bc-11ef-aded-b35ddea57a1b
access-control-expose-headers: X-Request-ID
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: hiDdJ5ozZIqDUagAVABOuA9AoXJGeV6ayCYyeB50cVvHtiwEJnDUEQ==
date: Thu, 21 Nov 2024 03:57:53 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
access-control-allow-credentials: true
x-download-options: noopen
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 559
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA2-C2

GET
H2 200 base_website_widget-7d3ba211e1d50a0eeeb975440899c8a822d526581a04ae84921dc5d9e488d27c.css Show response
assets.theguestbook.com/assets/popups/ 8 KB
3 KB 131ms
41ms XHR
text/css 2600:9000:2156:9a00:1d:9bf3:2e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.theguestbook.com/assets/popups/base_website_widget-7d3ba211e1d50a0eeeb975440899c8a822d526581a04ae84921dc5d9e488d27c.css

Requested by

Host: assets.theguestbook.com
URL: https://assets.theguestbook.com/packs/js/travelclick-37af2fbdbcbb670bca29.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9a00:1d:9bf3:2e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7d3ba211e1d50a0eeeb975440899c8a822d526581a04ae84921dc5d9e488d27c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.gatewayames.com/

Response headers

access-control-expose-headers: *
content-encoding: gzip
etag: W/"66e82f12-218a"
age: 5618919
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: p_7heEb-aI0lsnU68pdMozu16z4eaOQQIlrWYUgRuwz_schJQgK33w==
date: Tue, 17 Sep 2024 03:09:14 GMT
content-type: text/css
last-modified: Mon, 16 Sep 2024 13:13:54 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=315360000, public
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA50-C1
server: nginx

GET
H2 200 1593439973_5ef9f6e58cbdb.png
cdn.galaxy.tf/uploads/3s/website/001/593/439/ 4 KB
4 KB 72ms
56ms Other
image/png 2a02:26f0:3500:3::b818:4d2f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.galaxy.tf/uploads/3s/website/001/593/439/1593439973_5ef9f6e58cbdb.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:3::b818:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: Apache /
Resource Hash: 8d8694c4f0ae2f62084bdcbdef92ac14acee7c911601002aa4116161da84867d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gatewayames.com/

Response headers

cache-control: max-age=31518817
etag: "eb7-5a939a2dd59b6"
expires: Thu, 20 Nov 2025 23:11:30 GMT
accept-ranges: bytes
content-length: 3767
date: Thu, 21 Nov 2024 03:57:53 GMT
last-modified: Mon, 29 Jun 2020 14:11:34 GMT
content-type: image/png
server: Apache

GET
H2 200 rsa-plugins.js Show response
cdn.rudderlabs.com/v3/modern/plugins/ 3 KB
1 KB 537ms
428ms Script
application/javascript 2600:9000:214f:e00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js
Requested by: Host: assets.theguestbook.com
URL: https://assets.theguestbook.com/packs/js/travelclick-37af2fbdbcbb670bca29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84dc2e7abb6799bf54a8248acedb4d17df945d5c3dab936021a1248c18c690d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer

Response headers

content-encoding: br
etag: W/"8339968a8ef45653fc5574e3ba02d233"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: aFbwYFY-sAhOvdjcxCY_Unc0RysI0gdScmosWrvX4xlnxyMbXyni_Q==
date: Thu, 21 Nov 2024 03:57:54 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Tue, 19 Nov 2024 09:40:11 GMT
cache-control: no-store
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 rsa-plugins-remote-StorageEncryption.min.js Show response
cdn.rudderlabs.com/v3/modern/plugins/ 339 B
840 B 425ms
424ms Script
application/javascript 2600:9000:214f:e00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-remote-StorageEncryption.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d9dae571d29319e5284206c040d4e39446f9ad2ee9a4612f51ee237f476a71c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js

Response headers

etag: "00f91a244d4832383dea79a06978190a"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: Iae4GFz9EXdq425Y75a0-yWsvvhNWOyDAAncCj_sMedv1ZaAryPJKQ==
date: Thu, 21 Nov 2024 03:57:55 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Tue, 19 Nov 2024 09:40:11 GMT
cache-control: no-store
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 339
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 rsa-plugins-remote-GoogleLinker.min.js Show response
cdn.rudderlabs.com/v3/modern/plugins/ 2 KB
1 KB 419ms
419ms Script
application/javascript 2600:9000:214f:e00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-remote-GoogleLinker.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09aea2bf56d7b244b9ca76103edd76493b6515b55f3c376383d93e44a3920c9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js

Response headers

content-encoding: br
etag: W/"ec81854b414a0d11333efd48902db150"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: uwD1FKzdZ79CKpdikeNV2FFc5XpSRr1onYwRrf0QCqJ4RZPmcO0oYA==
date: Thu, 21 Nov 2024 03:57:55 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Tue, 19 Nov 2024 09:40:11 GMT
cache-control: no-store
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 rsa-plugins-remote-StorageMigrator.min.js Show response
cdn.rudderlabs.com/v3/modern/plugins/ 619 B
1 KB 431ms
430ms Script
application/javascript 2600:9000:214f:e00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-remote-StorageMigrator.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50d3daa507563c4018de1d3b0b0bddd19382cd72eebfeb85da172629fd45c86f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js

Response headers

etag: "70fb5b056b0cc1397dade445db4683af"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: AaWynrbTYJTCdG4pJsQlcjfy-EMIotfe5tJuEn9uhYmjmL1C1u91hg==
date: Thu, 21 Nov 2024 03:57:55 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Tue, 19 Nov 2024 09:40:11 GMT
cache-control: no-store
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 619
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 rsa-plugins-remote-ExternalAnonymousId.min.js Show response
cdn.rudderlabs.com/v3/modern/plugins/ 719 B
1 KB 436ms
436ms Script
application/javascript 2600:9000:214f:e00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-remote-ExternalAnonymousId.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6f41d433502964f62c699bbd6fd5e79f71899f911d35988f39ae7a051f02f88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js

Response headers

etag: "41ec2632e0abd806f6d5ca9530913f61"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: rAPZd0_aenB6eWUCg_gi_qY3ap6Ld87q_UOJ0U4AHFTdnuepMcTmcA==
date: Thu, 21 Nov 2024 03:57:55 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Tue, 19 Nov 2024 09:40:11 GMT
cache-control: no-store
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 719
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 rsa-plugins-remote-XhrQueue.min.js Show response
cdn.rudderlabs.com/v3/modern/plugins/ 2 KB
2 KB 428ms
427ms Script
application/javascript 2600:9000:214f:e00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-remote-XhrQueue.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 092ebc314e8a7f96e6122771b802a9d7ec6d7d29b76a4b2f2b4e18797e5112fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins.js

Response headers

content-encoding: br
etag: W/"e89108388f2c10a8c01a1397a218cc89"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: hhJjd1GryHc5pDWvh_5GCNkti1PL4sAkFCFLilTGQGtBgR4dpW6Z0A==
date: Thu, 21 Nov 2024 03:57:55 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Tue, 19 Nov 2024 09:40:11 GMT
cache-control: no-store
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 rsa-plugins-common.min.js Show response
cdn.rudderlabs.com/v3/modern/plugins/ 7 KB
3 KB 514ms
513ms Script
application/javascript 143.204.215.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-common.min.js
Requested by: Host: www.gatewayames.com
URL: https://www.gatewayames.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.215.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-69.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 074abf4239d136493dd5efc02d3924f130b561686b3828c819381fd276598634

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-remote-StorageEncryption.min.js

Response headers

content-encoding: br
etag: W/"ab83224890d71835b7bb8f7e82d021d7"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: rVWqyfkF5Xekm8WFgusSiP8jfGaQ9NOnLW6OndpTlKe4SzplfU31yg==
date: Thu, 21 Nov 2024 03:57:55 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Tue, 19 Nov 2024 09:40:11 GMT
cache-control: no-store
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 rsa-plugins-RetryQueue.min.js Show response
cdn.rudderlabs.com/v3/modern/plugins/ 10 KB
4 KB 499ms
499ms Script
application/javascript 143.204.215.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-RetryQueue.min.js
Requested by: Host: www.gatewayames.com
URL: https://www.gatewayames.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.215.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-69.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c5b049a08e39930a4982c1a164ca98f149395c9842e3e3d9a3bfb169fa2432a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-remote-XhrQueue.min.js

Response headers

content-encoding: br
etag: W/"4aa7f52c50278dd4fe1c39fe319d007c"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: ey4f_zRY4srevc8I7iPXaGS9yNALajDbMr_ed2ypCvEY2fZBzEXJ-g==
date: Thu, 21 Nov 2024 03:57:55 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Tue, 19 Nov 2024 09:40:11 GMT
cache-control: no-store
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 rsa-plugins-legacyEncryptionUtils.min.js Show response
cdn.rudderlabs.com/v3/modern/plugins/ 14 KB
6 KB 468ms
468ms Script
application/javascript 143.204.215.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-legacyEncryptionUtils.min.js
Requested by: Host: www.gatewayames.com
URL: https://www.gatewayames.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.215.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-69.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7055abc7c8be1ecddc0f1281b945f8dd03373f312daf2e98aaafc32272f949a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gatewayames.com
Referer: https://cdn.rudderlabs.com/v3/modern/plugins/rsa-plugins-remote-StorageMigrator.min.js

Response headers

content-encoding: br
etag: W/"dfb4e85fc2a099c8c96f7dadbb28b537"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: av60i_CN5zWVF0Dl3XWVVciXfkuspmaHNKBrZ0lnGWWnu1twounEmA==
date: Thu, 21 Nov 2024 03:57:55 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Tue, 19 Nov 2024 09:40:11 GMT
cache-control: no-store
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.gatewayames.com%2F&auto_ccid=xs6b6-sy3sa-2gdz8-yv1m6-7f1ah&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1200&tz=-60&hpr=Gateway%20Hotel%20and%20Conference%20Center&hpid=2958&sha256_eml=&sha1_eml=&md5_eml=&ccid=&pt=HOME_PAGE&et=

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gatewayames.com/	1970-01-21 03:18:57	Name: _gcl_au Value: 1.1.29362981.1732161470
.gatewayames.com/	1970-01-21 03:18:57	Name: _fbp Value: fb.1.1732161470675.722761163101143424
.doubleclick.net/	1970-01-21 01:52:33	Name: ar_debug Value: 1
.gatewayames.com/	1970-01-21 10:45:21	Name: _ga_MDD3JDJ1MK Value: GS1.1.1732161470.1.0.1732161470.0.0.0
.doubleclick.net/	1970-01-21 10:30:57	Name: IDE Value: AHWqTUkRyKTeaW4d12VRCZyh33yqOgUgc6BKsPK29e-s3qpcH88LHxwdRLYUphCsE7E
.doubleclick.net/	1970-01-21 05:28:33	Name: receive-cookie-deprecation Value: 1
.gatewayames.com/	1970-01-21 01:10:47	Name: _gid Value: GA1.2.1487477553.1732161471
.gatewayames.com/	1970-01-21 01:09:21	Name: _gat_tc_client Value: 1
.gatewayames.com/	1970-01-21 10:45:21	Name: _ga_3R5SJEDWK4 Value: GS1.1.1732161470.1.0.1732161470.0.0.0
.gatewayames.com/	1970-01-21 10:45:21	Name: _ga Value: GA1.1.1967054360.1732161471
.www.gatewayames.com/	1970-01-21 09:54:57	Name: cf_clearance Value: 0Frsh_YQINNLR4mA.etlKBIpTWOkxXcPMHa3Fl9jiN8-1732161470-1.2.1.1-2.scfEOHfH0F2klD_lE16pTO2PBzqBcRhiUZL7T5JzgmMPKhXV5Ql_P.rpUPJQmML7MblrOL3gu.0rJKYfNbu4klrAY3_o.hYaM7JM54A0qK99Htk8h.fagAGHJTpZaCJ6yhgmlmIrh.oppKf6.Xy4dDyHtO2IrOFtgGfz1cAEiMQTnsVyNwq4kzRjLNEYEOtELRAweb96Gme1tpZLZSyYI8cV8KlvGqxzEca7ynfTfucqGnBcO9jOnOPMnQLVyvgJqI2ZKf8IR4i6iMWC4_T7bdTXChTp92MOGTtc2QAjvGcEAa3Qmvb.bYUvFsJVRimImQhbF_ciXXNF268zTHquvJqmTgqYz.7rVmS7vC56L9g3neHjeJud87m5PgNJH1
.sojern.com/	1970-01-21 09:54:57	Name: cid Value: 273d865f-7896-4423-815a-73154c62748d#1732147200000
.adnxs.com/	1970-01-21 10:45:21	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-21 01:52:33	Name: C Value: 1
.adnxs.com/	1970-01-21 03:18:57	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Illmv04>!]tbP6j2F-XstGt!@EF3%7r4?
.adnxs.com/	1970-01-21 03:18:57	Name: XANDR_PANID Value: SkncbpnKzOKfeGoQcBLNRos-EtHKy780UmqFnXkQ29GNq2PNtGvHen0QDYI5JbzV1k1MegSFNRQY77X6v-IzCz7_vHB7kZOquy1kK5U_M3k.
.adnxs.com/	1970-01-21 03:18:57	Name: uuid2 Value: 2232632341908430917
theguestbook.com/	1970-01-21 01:09:25	Name: _session_id Value: 088b25ff23381a536d27b92815b2fd92
.adform.net/	1970-01-21 02:35:45	Name: uid Value: 4253672801637572396
.sojern.com/	1970-01-21 09:54:57	Name: adfid Value: 4253672801637572396
.adform.net/	1970-01-21 01:10:47	Name: CM Value: 1\|1
.adform.net/	1970-01-21 01:29:31	Name: CM14 Value: 1732247871_1732161471_1732161471_1_Hu7u4e4e4R7u4e4REREeEREREA
.casalemedia.com/	1970-01-21 09:54:57	Name: CMID Value: Zz6vwLmqPZYAAFGvBOhIFgAA
.casalemedia.com/	1970-01-21 03:18:57	Name: CMPS Value: 3249
.casalemedia.com/	1970-01-21 03:18:57	Name: CMPRO Value: 3249
.eyeota.net/	1970-01-21 01:09:22	Name: SERVERID Value: 19371~DM
.semasio.net/	1970-01-21 09:54:57	Name: SEUNCY Value: C02F78A1DA98F7A7
cm.adsafety.net/	1970-01-21 09:54:57	Name: UID Value: CM120241121030991ac2fda923e85851
.adsafety.net/	1970-01-21 09:54:57	Name: cm_uid Value: CM120241121030991ac2fda923e85851
ads.smartstream.tv/	1970-01-21 09:54:57	Name: DID Value: 11378453f3308278c129bc24320a5f47
ads.smartstream.tv/	1970-01-21 09:54:57	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 09:54:57	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-21 01:52:33	Name: cm_uid Value: CM120241121030991ac2fda923e85851
.demdex.net/	1970-01-21 05:28:33	Name: demdex Value: 36288580835921923032851074962882818539
.agkn.com/	1970-01-21 09:54:57	Name: ab Value: 0001%3AWRXf99Eso867grb%2BAlwMbxe%2FSFKPI%2BAv
cm.adsafety.net/	1970-01-21 09:54:57	Name: permanent Value: 1
.w55c.net/	1970-01-21 10:38:09	Name: wfivefivec Value: nDu4XpZF1TdYkg5
.adfarm1.adition.com/	1970-01-21 03:18:57	Name: UserID1 Value: 7439576873647602030
.audrte.com/	1970-01-21 01:30:57	Name: arcki2 Value: 34mErB92NBkSd-z57p0wJwJDw!20210107!1732161472532!ip#80.255.7.109:57754
.audrte.com/	1970-01-21 01:30:57	Name: arcki2_adform Value: 4253672801637572396!20210107!1732161472532
.w55c.net/	1970-01-21 01:52:33	Name: matchadform Value: 5
.dpm.demdex.net/	1970-01-21 05:28:33	Name: dpm Value: 36288580835921923032851074962882818539
cm.adsafety.net/	1970-01-21 09:54:57	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaeWxvTVRBZ3RxektRVWVxZ0xlY25xbSt6WkMzdlAyTm05UlZXOS9tNngwQXplc0dPc1E0N05pRWhoc016OHk4ckJWZy9ScE9yUTNmMW5HdnRZc0FtSnJOMmdWd2plS0QyOWFyQTcyd0tPUEVLT0FNRVMzMkJWaE8yUmdBTWNEUTc4MXF4LzFRRUJaY012TzluVE9NMlJNd04wVXBzVGtFcU9ScDFHMHVCYklIV2VNcVRHaXpNeks1eDMyc1cyUjl6RHIxL2tlSXJPNTRQVFF4eUpLNTBZRCtiSURHU05Kd0pqQUVSSVZSNW9QR0Z3bTc4S0lTSnpkN0dsSlpQdmljSmJhNXcrUENUdGw3RlIyY2NHMHkxOGVPNHRSZHp5bVpNMmlhU3JITXFFR0Fvc2FwbXlja1dtRkxjZWc1dUZLYkpGSG1Gdy9RVzJmWUNacU9iYy9wWFFQQkFBUC9sZllWaE5xTlFjS2trRjdKOEUrUHZyU1NjWXduQ3FXVlMxdGRmT3hYSS84WXV6NFNHTzlxV1dGdDdQOTBKbWgrYnpOOFZFOGk4aWZPb3kvMnlyTmtLZmVTZnlQQlREMUZXUjkycVArMmF6bzMrU3k2THRJRHEzZmVGNTliWWJGUzBpcnFjMHMxVzFWcHRjTEk%3D
.weborama.fr/	1970-01-21 10:35:16	Name: AFFICHE_W Value: WG2OSwDJtMdY43
.onaudience.com/	1970-01-21 01:10:47	Name: done_redirects161 Value: 1
.onaudience.com/	1970-01-21 09:54:57	Name: cookie Value: 28a530aab2e971a8
.onaudience.com/	1970-01-21 01:10:47	Name: done_redirects147 Value: 1
.onaudience.com/	1970-01-21 01:10:47	Name: done_redirects252 Value: 1
.gatewayames.com/	1970-01-21 09:54:57	Name: rl_anonymous_id Value: RS_ENC_v3_ImI2NzIzOTQ2LThiZjEtNDY0Zi05NDQ1LWIwYWU2OWUxYWQwYyI%3D
.gatewayames.com/	1970-01-21 09:54:57	Name: rl_page_init_referrer Value: RS_ENC_v3_IiRkaXJlY3Qi
.gatewayames.com/	1970-01-21 09:54:57	Name: rl_session Value: RS_ENC_v3_eyJpZCI6MTczMjE2MTQ3NDk0NywiZXhwaXJlc0F0IjoxNzMyMTYzMjc0OTQ3LCJ0aW1lb3V0IjoxODAwMDAwLCJhdXRvVHJhY2siOnRydWV9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3038431.fls.doubleclick.net
a1.seadform.net
a2.adform.net
ad.doubleclick.net
adservice.google.com
api.rudderstack.com
assets.theguestbook.com
beacon.sojern.com
c1.adform.net
cdn.galaxy.tf
cdn.rudderlabs.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dynamic.travelclick-websolutions.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image-tc.galaxy.tf
match.adsrvr.org
pixel.sojern.com
region1.google-analytics.com
s2.adform.net
static.sojern.com
tc.galaxy.tf
theguestbook.com
www.facebook.com
www.gatewayames.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
static.sojern.com
104.17.185.58
107.178.244.119
13.225.78.114
142.250.184.200
142.250.184.226
142.250.185.70
142.250.186.166
143.204.215.69
15.197.193.217
157.240.253.1
157.240.253.35
172.217.18.3
172.217.18.4
185.167.164.39
195.244.31.25
2001:4860:4802:32::36
216.58.206.66
2600:9000:214f:e00:16:a497:9700:93a1
2600:9000:2156:9a00:1d:9bf3:2e80:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:800::200e
2a00:1450:4001:830::2008
2a02:26f0:3500:3::b818:4d2f
2a02:26f0:3500:3::b818:4d40
2a04:4e42:600::649
35.244.188.9
35.82.108.229
37.157.2.228
37.157.2.229
37.157.2.250
37.157.6.237
37.252.171.21
02c8f2f242e8c60cc792ee4f1c936011652183460d2b305540fb632fc95ac78f
057b7d201c4090e3d2f94f2f490b2426d448f58c572a25cd09e08cb5ee3d3a67
074abf4239d136493dd5efc02d3924f130b561686b3828c819381fd276598634
092ebc314e8a7f96e6122771b802a9d7ec6d7d29b76a4b2f2b4e18797e5112fa
09aea2bf56d7b244b9ca76103edd76493b6515b55f3c376383d93e44a3920c9b
0aa6ece9157ab0e493dc9f8835f4ac5d61d43ecf45bc258d034cb59e7dc3239f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0deeac40ee53899291070a45e4c900277d2358ece0fdb020d4b221be87691f97
10cf4a1d0f1985478d568fef7fac509a8a63d9e8c76f1a36dad7dd7bd440469f
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1b36b38f0287c8af05304dbaf0ce6d159c86f44c9a4dc16b0c218601ea24cfbe
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
280852e862be648a5b7a13c42bb214ed4c41a9f8ef18ef3d73ec6ee4834f3af3
2bc02dd24f459e76f5b12d9d059d9115e6877092757d52b47af03bdb78eb1bec
2d3adff52119be1f7416b3924c9f3e6ee8841293628559b745afbe70952bc4a1
36e72f03a9980795c41bb761beadb5eca6f16b8ef81c96d958194b1e9d1a1ede
39638cf3af0c3bd48796800b6b5e29659f4db0bd238a8f686233a3c33f59a1dc
3c5b049a08e39930a4982c1a164ca98f149395c9842e3e3d9a3bfb169fa2432a
3d9dae571d29319e5284206c040d4e39446f9ad2ee9a4612f51ee237f476a71c
41faed8a25b7286377977612816b6a2f6d09714a3d5e375070ba1ac810d730eb
496e31e6d30f4b94c915e9d3e4805492693689b1e8553f2ae5ab09bc3052bd66
4af494692bddee8a0fc7dc6f1e33927091309bd504920af6bd5fe8d5695517ed
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
50d3daa507563c4018de1d3b0b0bddd19382cd72eebfeb85da172629fd45c86f
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
52de4c840b04a6da206125088e442e2f427800bf5857e79c201ecf8607e70899
5617ae219101a9b9bee8a71d26bc2a048ba21f1b3b02d9faf4ed90f817bdbda7
576f2ec5eda3b3f0908fe29f2f8598e56ad02011dcab1d0edaaf26888e8ce812
63464d2301608bcda6ec17bbe0890e724daa93d2a15e245f49aadae16e1c1e1c
638e0a9696a1287622b2881fce4aa2450101d9f7e29cb7811fb4c737a4e7e8e0
6ad260946fa1a69b7fb46b5a83ab04258d43c5556cf1663428c9f6160bcdcee1
6bcbf68c3ce7d2f248159bec9df5dff4ebb5adab05e9047c5ac39fb20454f8bb
6c510954a0d8959f49cd869166c391a0b133ce83dfa747faad43f6f55d4d03c3
796f14aaf38509678dba70fb73abf50c3e51abb545fa432c0119ec231f3d1f4b
7d3ba211e1d50a0eeeb975440899c8a822d526581a04ae84921dc5d9e488d27c
7e0423c9cae691cd3cae5a6cc5e1396cfce67a6fabb9e3b0ff2c755e312e143b
84dc2e7abb6799bf54a8248acedb4d17df945d5c3dab936021a1248c18c690d2
85019de481108723e6f8095497454b1b93d2a96c16792d7d6b998e6a95dbd4d6
87cbd745e61caae9c785e7774a5181561f0826ae477fc3d9a646e9d67a40980b
8b8c05911f07734e5a531b792ad3d40cb7aa4c8687039ff16c4e0586729065d6
8c18627c7bc5e0391816b2f0fa0725b7f6131313dd1bd5054ec330e0725c75ac
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8694c4f0ae2f62084bdcbdef92ac14acee7c911601002aa4116161da84867d
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94a396fcc06471591a4bc65174c264e6375b30a94054921b6ca08ce38041305b
96d93e723ff685743d9fba61bf34d015a96caf67de800920d6b7766cba9c417e
9ebeb0070916f00d35da5bd027541d6bd9911942cd460b2c442ad069b9ef1d68
a3d0db90dad10a165500f94c5505307b2f8936272f7c6520fb799d3f634afaf5
a402f0c865d07d4e339e3da02c25105967440f9f4043fa373ff356c92c458db6
a6f41d433502964f62c699bbd6fd5e79f71899f911d35988f39ae7a051f02f88
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
afb59214ba30577a4fb8b82fb4f290c799fcc694371621cef74f8af010e73746
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7055abc7c8be1ecddc0f1281b945f8dd03373f312daf2e98aaafc32272f949a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4a286bbc67ff5ace19c8b24a0114a440543ff542cbe0776d3c2b2aeee5c7460
c83c5b32626f86c5fe3925cea93f6e3bf3dea4ab063737abf3784a74016f9798
c961b29531f353ba0031756f0fd674bbe41bd32d638360287dc4805658868b76
cb680221c5cea1c062a385fb84f7bd71bbae5681471d586e9eaae7e15002b7b4
d07353b80312036916906439c35be03f0ea31b991691d7e4fc39342773e0218a
d43b472e41b7d180c853a75d32626dbf0bff5e845da7686457e981c599881707
d72392d485fcd1f25b6ccdc5ba7df07c532a0b9b504d0f68150ccfc40480f811
d9dc2008af61c5e70a2870c55f6ec77bbf51607cd41f82f453c3c3a2d6ff3306
dc111c24ece67a02c0fe49e4d2709247e7159bfa4a902bbdeac82846741c2e8f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5542e6de31f8259ef53777d12839fa1a1befa183f312a2cd91ba6408d4795dd
ebfd0494493275cc3cfa7d640f1be08115243660b0cbdee028a946f080ab14cd
edb17da91985be0f1fb60028389b28f911291c5b30c1d4e06c90e56e3e5bcc37
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02ed428fbedb8e913cb1e5a98922c0c1aa080308c203b102c74e42a2ba2bb26
f135b40e45ec524c4eb24be2b727436b6e7b6ba8a8ab3e2be0b5bf7de8a01e12
f25dfa0f0040a357ef455eeb0304b58054dfb464b24a7d9b158ec13d33cd0f2a
f487312f9c91114e24e5e16a68318789e29b07bba7a3edb3ac0ca0e9abec78a9
f8d694298bbc98c3c17908263f1fdd465e309dc7c42e80d0699f10dc5baec905
fcec1d254e1e5e167a2de8f7a72cd1b7029e9aab723e77a22f184c7c83773484
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

www.gatewayames.com Open in urlscan Pro 104.17.185.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

94 %HTTPS

28 %IPv6

20 Domains

31 Subdomains

32 IPs

4 Countries

4958 kBTransfer

10794 kBSize

51 Cookies

11 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gatewayames.com Open in urlscan Pro
104.17.185.58 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

94 %
HTTPS

28 %
IPv6

20
Domains

31
Subdomains

32
IPs

4
Countries

4958 kB
Transfer

10794 kB
Size

51
Cookies

103 HTTP transactions
1 data transactions