urlscan.io logo urlscan.io
SecurityTrails logo

arrowwoodbrainerdlodge.com Open in urlscan Pro
52.34.104.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://c.gm-04.guest-message.com/ls/click?upn=e6ViB2ei5JG2stIMv3oU65tV4se2Tl49YXZOfbjuHdvHjWuFrgEOY-2B6pfTXKBbX-2BuY4mFnGk26edz6P...
Effective URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Submission: On November 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 21 domains to perform 83 HTTP transactions. The main IP is 52.34.104.197, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is arrowwoodbrainerdlodge.com.
TLS certificate: Issued by R3 on November 20th 2022. Valid for: 3 months.
This is the only time arrowwoodbrainerdlodge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.124 11377 (SENDGRID)
2 21 52.34.104.197 16509 (AMAZON-02)
7 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 35.167.226.169 16509 (AMAZON-02)
1 143.204.215.28 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 45.60.198.96 19551 (INCAPSULA)
3 2a03:2880:f02... 32934 (FACEBOOK)
3 107.178.244.119 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
2 2 142.250.185.198 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 37.252.173.215 29990 (ASN-APPNEX)
2 2 142.250.186.162 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 37.252.171.53 29990 (ASN-APPNEX)
1 15.197.193.217 16509 (AMAZON-02)
1 142.250.181.226 15169 (GOOGLE)
5 2a03:2880:f14... 32934 (FACEBOOK)
2 209.97.16.17 14446 (CNT-ASN)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a04:4e42::729 54113 (FASTLY)
2 44.236.15.95 16509 (AMAZON-02)
83 24
1    167.89.123.124 (Chicago, United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x124.outbound-mail.sendgrid.net
c.gm-04.guest-message.com
21    52.34.104.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-104-197.us-west-2.compute.amazonaws.com
arrowwoodbrainerdlodge.com
7    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    35.167.226.169 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-226-169.us-west-2.compute.amazonaws.com
contact-api.inguest.com
1    143.204.215.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-28.fra53.r.cloudfront.net
js.createsend1.com
4    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
13    45.60.198.96 (United States)

ASN19551 (INCAPSULA, US)
www.thehotelsnetwork.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
beacon.sojern.com
pixel.sojern.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
5    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcmatch.google.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcmatch.youtube.com
2    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
5    2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    209.97.16.17 (United States)

ASN14446 (CNT-ASN, US)
PTR: wh070.infi.net
rtsys.rtrk.com
1    2a02:26f0:480:f::213:7edb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
2    44.236.15.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-15-95.us-west-2.compute.amazonaws.com
rlets.com
Apex Domain
Subdomains		 Transfer
21 arrowwoodbrainerdlodge.com
arrowwoodbrainerdlodge.com
547 KB
13 thehotelsnetwork.com
www.thehotelsnetwork.com — Cisco Umbrella Rank: 35178
312 KB
9 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 142
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
ad.doubleclick.net — Cisco Umbrella Rank: 197
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
5 KB
8 typekit.net
use.typekit.net — Cisco Umbrella Rank: 873
p.typekit.net — Cisco Umbrella Rank: 1025
260 KB
7 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2321
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 121
fcmatch.google.com — Cisco Umbrella Rank: 4536
2 KB
6 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 577
ib.adnxs.com — Cisco Umbrella Rank: 276
6 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
248 B
5 google.de
www.google.de — Cisco Umbrella Rank: 3269
890 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
246 KB
3 sojern.com
beacon.sojern.com — Cisco Umbrella Rank: 6531
pixel.sojern.com — Cisco Umbrella Rank: 9003
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
196 KB
2 rlets.com
rlets.com — Cisco Umbrella Rank: 17995
2 KB
2 rtrk.com
rtsys.rtrk.com — Cisco Umbrella Rank: 453539
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
20 KB
1 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 7744
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 168
2 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 454
265 B
1 youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 4615
525 B
1 createsend1.com
js.createsend1.com — Cisco Umbrella Rank: 33487
4 KB
1 inguest.com
contact-api.inguest.com — Cisco Umbrella Rank: 196465
2 KB
1 guest-message.com
c.gm-04.guest-message.com — Cisco Umbrella Rank: 269921
332 B
83 21
Domain Requested by
21 arrowwoodbrainerdlodge.com 2 redirects arrowwoodbrainerdlodge.com
13 www.thehotelsnetwork.com www.googletagmanager.com
www.thehotelsnetwork.com
7 use.typekit.net arrowwoodbrainerdlodge.com
5 www.facebook.com arrowwoodbrainerdlodge.com
5 www.google.de arrowwoodbrainerdlodge.com
4 secure.adnxs.com 2 redirects arrowwoodbrainerdlodge.com
4 www.google.com 1 redirects arrowwoodbrainerdlodge.com
4 www.googletagmanager.com arrowwoodbrainerdlodge.com
www.googletagmanager.com
3 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
3 connect.facebook.net arrowwoodbrainerdlodge.com
connect.facebook.net
2 rlets.com rtsys.rtrk.com
2 rtsys.rtrk.com arrowwoodbrainerdlodge.com
rtsys.rtrk.com
2 ib.adnxs.com 2 redirects
2 pixel.sojern.com arrowwoodbrainerdlodge.com
2 cm.g.doubleclick.net 2 redirects
2 ad.doubleclick.net 2 redirects
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
arrowwoodbrainerdlodge.com
1 js.sentry-cdn.com www.thehotelsnetwork.com
1 p.typekit.net arrowwoodbrainerdlodge.com
1 www.googleadservices.com www.googletagmanager.com
1 match.adsrvr.org arrowwoodbrainerdlodge.com
1 fcmatch.youtube.com arrowwoodbrainerdlodge.com
1 fcmatch.google.com 1 redirects
1 adservice.google.com arrowwoodbrainerdlodge.com
1 region1.analytics.google.com www.googletagmanager.com
1 beacon.sojern.com arrowwoodbrainerdlodge.com
1 js.createsend1.com arrowwoodbrainerdlodge.com
1 contact-api.inguest.com arrowwoodbrainerdlodge.com
1 c.gm-04.guest-message.com 1 redirects
83 30

This site contains links to these domains. Also see Links.

Domain
be.synxis.com
www.google.com
www.facebook.com
twitter.com
clickrain.com
Subject Issuer Validity Valid
arrowwoodbrainerdlodge.com
R3		 2022-11-20 -
2023-02-18		 3 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.revinate.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-03-10		 a year crt.sh
*.createsend1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-02 -
2023-08-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.thehotelsnetwork.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-11-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-06 -
2022-12-05		 3 months crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-16 -
2023-01-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.rtrk.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-25 -
2023-01-13		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.rlets.com
Amazon		 2021-12-30 -
2023-01-28		 a year crt.sh

This page contains 6 frames:

Primary Page: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Frame ID: 53561E22080CD7BB0B0DBEFA24729783
Requests: 76 HTTP requests in this frame

Frame: https://www.thehotelsnetwork.com/widget/core/latest/hub/
Frame ID: 119CB9C1EC895C2BB8EDC73106B0EDF9
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 02B7D7D28FB6EC409580CFEEBDF8C3E2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 16BAFE1D3D52506CA56FD31BCDE69080
Requests: 1 HTTP requests in this frame

Frame: https://rlets.com/static/getItem.html?rl_eid=rctOptOut&rl_ws=%5B%22RlocalOptOut%22%5D
Frame ID: 400474E2433C30749F6472DFEC26FC4E
Requests: 1 HTTP requests in this frame

Frame: https://rlets.com/static/getItem.html?rl_eid=rctOptOut&rl_ws=%5B%22RlocalOptOut%22%5D
Frame ID: 96E40243C6660C452DFBCCED0ABDEF30
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Cyber Special | Arrowwood Resort & Conference Center

Page URL History Show full URLs

  1. http://c.gm-04.guest-message.com/ls/click?upn=e6ViB2ei5JG2stIMv3oU65tV4se2Tl49YXZOfbjuHdvHjWuFrgEOY-2B6pfTXKB... HTTP 302
    https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special/?utm_source=revinate&utm_medium=email&utm_camp... HTTP 301
    http://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campa... HTTP 301
    https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campa... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

83
Requests

92 %
HTTPS

52 %
IPv6

21
Domains

30
Subdomains

24
IPs

4
Countries

1606 kB
Transfer

4380 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://c.gm-04.guest-message.com/ls/click?upn=e6ViB2ei5JG2stIMv3oU65tV4se2Tl49YXZOfbjuHdvHjWuFrgEOY-2B6pfTXKBbX-2BuY4mFnGk26edz6PGtTN1NK2JVbor38rHn0Vd0a1mgtZ1FkvMyUlGL-2BhZ1Z76APfA0tPc1xPydq3cm8jF7J-2B4-2Fsfgh7yANRTugy51lM2uHDKrEjnuhK1b-2BbsiEpH4OBYg9jq0_GT6YAEts0on5Z7PYCy9xV0Nef1Du5xBsSwsZhJNv-2FLSXtqRmDXBEgdQ5TAJXcjHOeWUIy7Ncd75HoyCd8jHOiK8h-2FS4YgrIoxX0Dsf9UiaT6zhotUgucZ7k96-2FhRBYNukElfDbdrwra4NOQwloLOpWH5UTdF7yr3-2FxZ9pw28eFCTj8o2yoF73PCFVgvJlWP6hCtTEcjz-2BTPWhbxZ5rLXU2xokxpLICXENWecKSeVD7t9WkDgiiegbYHaBUUVkT6HJk5QRaxZDTh7wTBmNvJnZR-2FzA-2Bpdax8v-2BpfL-2BEQsFqs2l7fRp2jW-2Faqg9-2FkbXbiIulMCyTHAGVgrBPa2VSfOjEC-2FxCj7mcPHfQWdJSPzJgMf81bNAU8WTv9j0GmgjmvRzLXrI8DLzMX2eSPQhSCPuER04vOBTkjFADKsUunNUsHXH8xj3HB5G-2FNJrBMg50jePPJFbK8XySVIqL3OX-2FgtRA-3D-3D HTTP 302
    https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special/?utm_source=revinate&utm_medium=email&utm_campaign=black-friday HTTP 301
    http://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday HTTP 301
    https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://ad.doubleclick.net/ddm/activity/src=6474827;type=track0;cat=arrow0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=6474827;dc_pre=CKO2hNnYz_sCFRBGHgIdju4JMQ;type=track0;cat=arrow0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=6474827;dc_pre=CKO2hNnYz_sCFRBGHgIdju4JMQ;type=track0;cat=arrow0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID
Request Chain 35
  • https://secure.adnxs.com/px?id=1362398&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1362398%26t%3D1
Request Chain 36
  • https://secure.adnxs.com/seg?add=23471200&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23471200%26t%3D1
Request Chain 37
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=9FOYFOSKX3dYcQCnMsT9Yg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi&sjrn_ula=377677570 HTTP 302
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi&sjrn_ula=377677570&google_gid=CAESEB3sMtQNWO8WxIF_NYpPwC8&google_cver=1
Request Chain 38
  • https://cm.g.doubleclick.net/pixel?google_hm=9FOYFOSKX3dYcQCnMsT9Yg&google_nid=sojern_adh HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDooOrVx-3TKN6StRV1NYuJH07N97WjP3Zl8Cfh-eRqi9CvxVfiIUIgHz6B1zP59lO260bHGPpLy6OE6CyrI0gr3KLvTnNlFxAQor6aG3MckewIyX42s HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDooOrVx-3TKN6StRV1NYuJH07N97WjP3Zl8Cfh-eRqi9CvxVfiIUIgHz6B1zP59lO260bHGPpLy6OE6CyrI0gr3KLvTnNlFxAQor6aG3MckewIyX42s
Request Chain 39
  • https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3Dupkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi HTTP 302
  • https://pixel.sojern.com/idsync/apn?id=2973351778884745551&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi
Request Chain 51
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10861317710/?random=1452895638&cv=11&fst=1669597856051&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=U_vRCInWwqcDEM6cirso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&auid=359113445.1669597856&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oAqEY_DUBaCT9fgP69uI-AY&sscte=1&crd=&pscrd=EkxDaEFJZ0xLTW5BWVF4UFNUOF96ay1fUXpFaVVBUDVZWWhBYWhPbk4zQzA5UHotSi1IOWc2RXZQYzJhVzRKMXdxV2hsbGc2dEdKWXQzGldDaEFJZ0xLTW5BWVFvS2UtalpHVjBPdHFFaTBBcVJla1pnUEhwM3Fvb2JlOTVuT3luQmZGalRpcnBEcGRfZEwwcFBMVG84ZG1BeDZTTWdnSGVuRUpGNHc HTTP 302
  • https://www.google.com/pagead/1p-conversion/10861317710/?random=1452895638&cv=11&fst=1669597856051&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=U_vRCInWwqcDEM6cirso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&auid=359113445.1669597856&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xLTW5BWVF4UFNUOF96ay1fUXpFaVVBUDVZWWhBYWhPbk4zQzA5UHotSi1IOWc2RXZQYzJhVzRKMXdxV2hsbGc2dEdKWXQzGldDaEFJZ0xLTW5BWVFvS2UtalpHVjBPdHFFaTBBcVJla1pnUEhwM3Fvb2JlOTVuT3luQmZGalRpcnBEcGRfZEwwcFBMVG84ZG1BeDZTTWdnSGVuRUpGNHc&is_vtc=1&ocp_id=oAqEY_DUBaCT9fgP69uI-AY&cid=CAQSKQDq26N9mqjgXl8nPlv7NSsjrjh-36fCyrXNoX_4kupiL1WjmVYEoGFZIBM&random=705045296 HTTP 302
  • https://www.google.de/pagead/1p-conversion/10861317710/?random=1452895638&cv=11&fst=1669597856051&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=U_vRCInWwqcDEM6cirso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&auid=359113445.1669597856&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xLTW5BWVF4UFNUOF96ay1fUXpFaVVBUDVZWWhBYWhPbk4zQzA5UHotSi1IOWc2RXZQYzJhVzRKMXdxV2hsbGc2dEdKWXQzGldDaEFJZ0xLTW5BWVFvS2UtalpHVjBPdHFFaTBBcVJla1pnUEhwM3Fvb2JlOTVuT3luQmZGalRpcnBEcGRfZEwwcFBMVG84ZG1BeDZTTWdnSGVuRUpGNHc&is_vtc=1&ocp_id=oAqEY_DUBaCT9fgP69uI-AY&cid=CAQSKQDq26N9mqjgXl8nPlv7NSsjrjh-36fCyrXNoX_4kupiL1WjmVYEoGFZIBM&random=705045296&ipr=y&prhg=0

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request your-cyber-special
arrowwoodbrainerdlodge.com/promotions/
Redirect Chain
  • http://c.gm-04.guest-message.com/ls/click?upn=e6ViB2ei5JG2stIMv3oU65tV4se2Tl49YXZOfbjuHdvHjWuFrgEOY-2B6pfTXKBbX-2BuY4mFnGk26edz6PGtTN1NK2JVbor38rHn0Vd0a1mgtZ1FkvMyUlGL-2BhZ1Z76APfA0tPc1xPydq3cm8jF7...
  • https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special/?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
  • http://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
  • https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
56 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.26
Resource Hash
a73a252edf7b3f3822f7653a289c9ec16aeb0df3e82efc4f8e6ce1807f4f8dbe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-length
7524
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 01:10:55 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon, 28 Nov 2022 01:10:55 GMT
pragma
no-cache
server
Apache/2.4.7 (Ubuntu)
vary
Accept-Encoding
x-powered-by
PHP/5.5.9-1ubuntu4.26
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

Content-Length
17
Content-Type
text/plain; charset=utf-8
Date
Mon, 28 Nov 2022 01:10:54 GMT
Location
https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
amm5cti.js
use.typekit.net/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/amm5cti.js
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c81311e28fdfb5c589608f519eb760373a8c7c1eb1762dff3e638f4ea4949035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 28 Nov 2022 01:10:55 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6831
style.css
arrowwoodbrainerdlodge.com/assets/css/ 		189 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://arrowwoodbrainerdlodge.com/assets/css/style.css
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
c69a88089968375b82a01865f60c77601898ea863f874c6bb7974ec7c023f4a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 13:49:13 GMT
server
Apache/2.4.7 (Ubuntu)
vary
Accept-Encoding
content-type
text/css; charset=utf-8
accept-ranges
bytes
content-length
27594
modernizr-2.8.3.dev.js
arrowwoodbrainerdlodge.com/assets/libs/modernizr/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arrowwoodbrainerdlodge.com/assets/libs/modernizr/modernizr-2.8.3.dev.js
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
7dfc3ef73c1284c7aff3c5cdac3812d212c8b899037d7860c8ba20a1defb9a7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
gzip
last-modified
Wed, 30 Jan 2019 19:06:54 GMT
server
Apache/2.4.7 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
15769
Arrowwood_Brainerd_139.jpg
arrowwoodbrainerdlodge.com/assets/uploads/page-headers/_preview_thumb/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/uploads/page-headers/_preview_thumb/Arrowwood_Brainerd_139.jpg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
f12f3618066acf2950ae7ace285743d8a5ebc0ad08b3eaf6cf059987ec1f3f35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
last-modified
Wed, 17 Feb 2016 16:59:14 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
13391
content-type
image/jpeg
Arrowwood_Brainerd_Lodge.jpg
arrowwoodbrainerdlodge.com/assets/uploads/page-headers/_preview_thumb/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/uploads/page-headers/_preview_thumb/Arrowwood_Brainerd_Lodge.jpg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
f37047969f81e2a87a9181a5020efd8ba59b03d4c273d7394ab62d8e20e94dbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
last-modified
Mon, 15 Feb 2016 22:27:07 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
7503
content-type
image/jpeg
Arrowwood_Brainerd_82.jpg
arrowwoodbrainerdlodge.com/assets/uploads/page-headers/_preview_thumb/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/uploads/page-headers/_preview_thumb/Arrowwood_Brainerd_82.jpg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
01d3f9b66f34784cb57bf74aa3a0af00e4678e2f28d5ad0a8a6b481340371111

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
last-modified
Tue, 30 Aug 2022 13:54:30 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
9737
content-type
image/jpeg
revinate-form.js
contact-api.inguest.com/bundles/revinatecontactapi/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contact-api.inguest.com/bundles/revinatecontactapi/js/revinate-form.js?v=1
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.226.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-226-169.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
27477cae35fa16324eb29e830c181ad33340f63cea5f3623d5428adc9198aa34
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
vary
Accept-Encoding,Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31449600, public
accept-ranges
bytes
content-length
1480
copypastesubscribeformlogic.js
js.createsend1.com/javascript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.createsend1.com/javascript/copypastesubscribeformlogic.js
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-28.fra53.r.cloudfront.net
Software
csw /
Resource Hash
2013f00120eab5b2c18b7f0f6554c7741dab49acfc3ccb35642b644010435ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 00:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
2304
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Nov 2022 00:27:23 GMT
server
csw
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3291
x-amz-cf-id
q_is462ZoF3Rq1SRK0hcrpYP5bTFJObw-zwRLpPNGiVREagFr15VGg==
expires
Mon, 28 Nov 2022 01:27:23 GMT
script.js
arrowwoodbrainerdlodge.com/assets/js/ 		259 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arrowwoodbrainerdlodge.com/assets/js/script.js
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
20f72a32a876f344104ddccafbeb9f28ebd377242f5af9a28b0dc76fb146aa2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 13:58:39 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
bkg-fabric-green.jpg
arrowwoodbrainerdlodge.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/bkg-fabric-green.jpg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
71196eb623b412db951d3b6b69a95792bc1227278e71e9d9e32bed0362e676bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
last-modified
Wed, 14 Aug 2019 16:47:35 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
1566
content-type
image/jpeg
gtm.js
www.googletagmanager.com/ 		143 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MHXJX
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c14a6bd25606cdb718aa2d72420ad910b37004998d3bdefba32a7950eead93d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52700
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Nov 2022 01:10:55 GMT
logo-header-desktop.png
arrowwoodbrainerdlodge.com/assets/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/logo-header-desktop.png
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
4cfc671716cf85e59a063acd19c4c1603464f371551272894116ab9c150ca8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
last-modified
Wed, 30 Jan 2019 19:06:54 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
64604
content-type
image/png
bkg-wood.jpg
arrowwoodbrainerdlodge.com/assets/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/bkg-wood.jpg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
989596cca7cd7597702a2c8c5949b78943613c085b9c34db7f58eea4729f5de3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
last-modified
Wed, 14 Aug 2019 16:47:35 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
16063
content-type
image/jpeg
bkg-fabric-tan.jpg
arrowwoodbrainerdlodge.com/assets/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/bkg-fabric-tan.jpg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
63e708e313638ed4c867047097d02cdf28e60ac3e00d0e79d38151228fbc3bde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
last-modified
Wed, 14 Aug 2019 16:47:35 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
15835
content-type
image/jpeg
bkg-fabric-brown.jpg
arrowwoodbrainerdlodge.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/bkg-fabric-brown.jpg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
13c5a70987ce1cb671227f91c4d10905e433c6ab919d976cef35b59efbe2d504

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
last-modified
Wed, 14 Aug 2019 16:47:35 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
1730
content-type
image/jpeg
bkg-treeline.svg
arrowwoodbrainerdlodge.com/assets/images/ 		700 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/bkg-treeline.svg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
e2daf94de8bb1ff77b8219a118b97503fa5b1ee2be9e6b7d4fc012533f93ddd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
gzip
last-modified
Wed, 30 Jan 2019 19:06:54 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
vary
Accept-Encoding
content-type
image/svg+xml
bkg-diamond-green.png
arrowwoodbrainerdlodge.com/assets/images/ 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/bkg-diamond-green.png
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
215cb7c17493156340821749940f46d245f0f431facbe6b1989e83a6c64737f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
last-modified
Wed, 30 Jan 2019 19:06:54 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
1009
content-type
image/png
fontawesome-webfont.woff2
arrowwoodbrainerdlodge.com/assets/libs/font-awesome/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://arrowwoodbrainerdlodge.com/assets/libs/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ua-compatible
IE=Edge,chrome=1
date
Mon, 28 Nov 2022 01:10:56 GMT
last-modified
Wed, 30 Jan 2019 19:06:54 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
64464
content-type
font/woff2
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHXJX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 27 Nov 2022 23:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6901
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 28 Nov 2022 01:15:54 GMT
js
www.googletagmanager.com/gtag/ 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-848580526
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHXJX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b226972b9ad2df78f5e208c4f85655ee64b5f63e0f5182de13a9b6bb82a60db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53034
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Nov 2022 01:10:55 GMT
hotel_price_widget.js
www.thehotelsnetwork.com/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092025&property_id=1016518&account_key=466bb1407e2f264f96346124f6c5c6ed
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHXJX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
62f6638990c2815bab72692677ccf10500d896499256a0a1fe61e3658ab05923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
gzip
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-iinfo
10-183397974-183397976 NNNN CT(2 3 0) RT(1669597855363 10) q(0 0 0 1) r(0 1) U5
pragma
no-cache
last-modified
Sun, 27 Nov 2022 19:23:47 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://arrowwoodbrainerdlodge.com
cache-control
max-age=7200
access-control-allow-credentials
true
x-amz-cf-id
gqx_NyOx4kioPC8E3FLz-_f-mgP1yyXxY7V7NBYqHCwBqZYajG4Vvw==
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 28 Nov 2022 01:10:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
QEyQjpXLuMHXtfwWyKAyUgYzC09r4GHAReIYyiDV98ESLdrrmIWlKFUCNVNLksU4peaR9faML7yztzZcjuTfTw==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
11709
beacon.sojern.com/pixel/p/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.sojern.com/pixel/p/11709?f_v=v6_js&p_v=1&vid=hot&cid=
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
8298d8991a694ce2e0cd8dd23e6bca68821fe2b3961208115b957e16066665ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/javascript
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1081
js
www.googletagmanager.com/gtag/ 		178 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10861317710
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHXJX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47fb25098d91610711500a40641a2c8e5c85fc91ce5bebf7ec1da8f5466ca777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67187
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Nov 2022 01:10:55 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5EXQ6KNFME&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHXJX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1296f20c5de3b6720f76c471540cf18552e2634561e337c151bde6fff28f2bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78374
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Nov 2022 01:10:55 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-33833826-1&cid=1089020149.1669597856&jid=642765832&gjid=1120583461&_gid=1591879548.1669597856&_u=YGBAiAABBAAAAE~&z=1640672522
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 28 Nov 2022 01:10:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arrowwoodbrainerdlodge.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1980764623&t=pageview&_s=1&dl=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&ul=en-us&de=UTF-8&dt=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABB~&jid=642765832&gjid=1120583461&cid=1089020149.1669597856&tid=UA-33833826-1&_gid=1591879548.1669597856&gtm=2wgb905MHXJX&z=2129963694
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 14:21:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38976
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848580526/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848580526/?random=1669597855964&cv=11&fst=1669597855964&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&auid=359113445.1669597856&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-848580526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfa9dbb82e64eea0613fa3cc1cfd54fed91e71c93f88f2e73a44db5b3a6163c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
973
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
826482897504946
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/826482897504946?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e955e049f968b099bf8d0321c20ac29324f73a5e74fb36e4edd2ed56e8aec3a5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 28 Nov 2022 01:10:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
2Rh1X7G1n0LYx8kCa3tphmHMjs3U4YdwZRJDr60pMAVk+5mLUxvh/dvt7IhdnpYbauF/qsdEMqOJI2N53ZopVg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
355 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5EXQ6KNFME&gtm=2oeb90&_p=1980764623&_gaz=1&cid=1089020149.1669597856&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1669597856&sct=1&seg=0&dl=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&dt=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5EXQ6KNFME&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arrowwoodbrainerdlodge.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5EXQ6KNFME&cid=1089020149.1669597856&gtm=2oeb90&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5EXQ6KNFME&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arrowwoodbrainerdlodge.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5EXQ6KNFME&cid=1089020149.1669597856&gtm=2oeb90&aip=1&z=1564893713
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-33833826-1&cid=1089020149.1669597856&jid=642765832&_u=YGBAiAABBAAAAE~&z=132398410
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-33833826-1&cid=1089020149.1669597856&jid=642765832&_u=YGBAiAABBAAAAE~&z=132398410
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=6474827;dc_pre=CKO2hNnYz_sCFRBGHgIdju4JMQ;type=track0;cat=arrow0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=6474827;type=track0;cat=arrow0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID
  • https://ad.doubleclick.net/ddm/activity/src=6474827;dc_pre=CKO2hNnYz_sCFRBGHgIdju4JMQ;type=track0;cat=arrow0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID
  • https://adservice.google.com/ddm/fls/z/src=6474827;dc_pre=CKO2hNnYz_sCFRBGHgIdju4JMQ;type=track0;cat=arrow0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID
42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=6474827;dc_pre=CKO2hNnYz_sCFRBGHgIdju4JMQ;type=track0;cat=arrow0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/src=6474827;dc_pre=CKO2hNnYz_sCFRBGHgIdju4JMQ;type=track0;cat=arrow0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1362398&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1362398%26t%3D1
0
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1362398%26t%3D1
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 01:10:56 GMT
AN-X-Request-Uuid
df1bef2a-93bf-48ff-b8c3-b0848913fd54
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 01:10:56 GMT
AN-X-Request-Uuid
950669b4-b912-4b3c-8d41-17e7baee9eef
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1362398%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=23471200&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23471200%26t%3D1
0
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23471200%26t%3D1
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 01:10:56 GMT
AN-X-Request-Uuid
b2f0baa8-3b97-4ff2-ae22-15da201ed851
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 01:10:56 GMT
AN-X-Request-Uuid
92a4a241-62d9-498e-8b15-b05378e2e393
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23471200%26t%3D1
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AdX
pixel.sojern.com/idSync/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=9FOYFOSKX3dYcQCnMsT9Yg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT...
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi&sjrn_ula=377677570&google_gid=CAESEB3sMtQNWO8WxIF_NYpPwC8&google_cver=1
42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi&sjrn_ula=377677570&google_gid=CAESEB3sMtQNWO8WxIF_NYpPwC8&google_cver=1
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Mon, 28 Nov 2022 01:10:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi&sjrn_ula=377677570&google_gid=CAESEB3sMtQNWO8WxIF_NYpPwC8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
412
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
fcmatch.youtube.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_hm=9FOYFOSKX3dYcQCnMsT9Yg&google_nid=sojern_adh
  • https://fcmatch.google.com/pixel?google_gm=AMnCDooOrVx-3TKN6StRV1NYuJH07N97WjP3Zl8Cfh-eRqi9CvxVfiIUIgHz6B1zP59lO260bHGPpLy6OE6CyrI0gr3KLvTnNlFxAQor6aG3MckewIyX42s
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDooOrVx-3TKN6StRV1NYuJH07N97WjP3Zl8Cfh-eRqi9CvxVfiIUIgHz6B1zP59lO260bHGPpLy6OE6CyrI0gr3KLvTnNlFxAQor6aG3MckewIyX42s
170 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDooOrVx-3TKN6StRV1NYuJH07N97WjP3Zl8Cfh-eRqi9CvxVfiIUIgHz6B1zP59lO260bHGPpLy6OE6CyrI0gr3KLvTnNlFxAQor6aG3MckewIyX42s
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDooOrVx-3TKN6StRV1NYuJH07N97WjP3Zl8Cfh-eRqi9CvxVfiIUIgHz6B1zP59lO260bHGPpLy6OE6CyrI0gr3KLvTnNlFxAQor6aG3MckewIyX42s
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apn
pixel.sojern.com/idsync/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3Dupkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi
  • https://pixel.sojern.com/idsync/apn?id=2973351778884745551&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idsync/apn?id=2973351778884745551&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Mon, 28 Nov 2022 01:10:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 01:10:56 GMT
AN-X-Request-Uuid
f3b4fce4-b0e9-4650-8152-40a146adef24
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://pixel.sojern.com/idsync/apn?id=2973351778884745551&sjrn_id=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=upkoxfwr6ijY_ngptd_-DZTS8gspLTSFwYRIcECn399Jygpm-mT2dZ3M9QwvahSi&ttd_tpi=1
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10861317710/ 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10861317710/?random=1669597856038&cv=11&fst=1669597856038&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&auid=359113445.1669597856&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10861317710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65fd8acb05bdb8a0e3fd73cc69ca570d80607c6eefd3e9e03a6740f7e7d8fa23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
974
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/10861317710/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10861317710/?random=1669597856051&cv=11&fst=1669597856051&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=U_vRCInWwqcDEM6cirso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&auid=359113445.1669597856&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10861317710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a6388bf62ca6bdd4763e191a1f9dbeeac1dc969ebccd9a83ef3212f001f6a22e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1269
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/848580526/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/848580526/?random=1669597855964&cv=11&fst=1669597200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1587982768&rmt_tld=0&ipr=y
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/848580526/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/848580526/?random=1669597855964&cv=11&fst=1669597200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1587982768&rmt_tld=1&ipr=y
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.thehotelsnetwork.com/widget/core/latest/hub/ Frame 119C 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/widget/core/latest/hub/
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092025&property_id=1016518&account_key=466bb1407e2f264f96346124f6c5c6ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f3fc7d8e1e98e2cdb9b1221bb442291d923eec8db1ffc58009478a40c241f423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 01:10:55 GMT
etag
W/"6383f62b-11fd"
last-modified
Sun, 27 Nov 2022 23:43:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-iinfo
10-183397974-183397549 2CNN RT(1669597855363 135) q(0 0 0 -1) r(0 0)
_Incapsula_Resource
www.thehotelsnetwork.com/ Frame 119C 		136 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=64671007
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1e2f2a771187e2c072f560f39853aa60575d9ee46d160555b7027ddfa57c07df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thehotelsnetwork.com/widget/core/latest/hub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
19692
content-type
application/javascript
178514983025151
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/178514983025151?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
376732ab69841a4a9b8ce92be32d96c6ed926025296f13c0e42b27129ba214f9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 28 Nov 2022 01:10:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
bSZ3OVjJ4IBwzFKLuuBBLqr+Bb6IiD/TNmAP3iv78zN2DknwtzlZXWtxJVuOlJHYPUQmqYiGdCDAOwmah8EDKQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=826482897504946&ev=PageView&dl=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&rl=&if=false&ts=1669597856117&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669597856116.1526334327&it=1669597855982&coo=false&rqm=GET
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 28 Nov 2022 01:10:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/10861317710/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10861317710/?random=1669597856038&cv=11&fst=1669597200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=983563179&rmt_tld=0&ipr=y
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10861317710/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10861317710/?random=1669597856038&cv=11&fst=1669597200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=983563179&rmt_tld=1&ipr=y
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/10861317710/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10861317710/?random=1452895638&cv=11&fst=1669597856051&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=U_vRCInWwqcDEM6c...
  • https://www.google.com/pagead/1p-conversion/10861317710/?random=1452895638&cv=11&fst=1669597856051&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=U_vRCInWwqcDEM6cirso&hn=www.googleads...
  • https://www.google.de/pagead/1p-conversion/10861317710/?random=1452895638&cv=11&fst=1669597856051&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=U_vRCInWwqcDEM6cirso&hn=www.googleadse...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/10861317710/?random=1452895638&cv=11&fst=1669597856051&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=U_vRCInWwqcDEM6cirso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&auid=359113445.1669597856&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xLTW5BWVF4UFNUOF96ay1fUXpFaVVBUDVZWWhBYWhPbk4zQzA5UHotSi1IOWc2RXZQYzJhVzRKMXdxV2hsbGc2dEdKWXQzGldDaEFJZ0xLTW5BWVFvS2UtalpHVjBPdHFFaTBBcVJla1pnUEhwM3Fvb2JlOTVuT3luQmZGalRpcnBEcGRfZEwwcFBMVG84ZG1BeDZTTWdnSGVuRUpGNHc&is_vtc=1&ocp_id=oAqEY_DUBaCT9fgP69uI-AY&cid=CAQSKQDq26N9mqjgXl8nPlv7NSsjrjh-36fCyrXNoX_4kupiL1WjmVYEoGFZIBM&random=705045296&ipr=y&prhg=0
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H3
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 01:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/10861317710/?random=1452895638&cv=11&fst=1669597856051&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=U_vRCInWwqcDEM6cirso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&tiba=Your%20Cyber%20Special%20%7C%20Arrowwood%20Resort%20%26%20Conference%20Center&auid=359113445.1669597856&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xLTW5BWVF4UFNUOF96ay1fUXpFaVVBUDVZWWhBYWhPbk4zQzA5UHotSi1IOWc2RXZQYzJhVzRKMXdxV2hsbGc2dEdKWXQzGldDaEFJZ0xLTW5BWVFvS2UtalpHVjBPdHFFaTBBcVJla1pnUEhwM3Fvb2JlOTVuT3luQmZGalRpcnBEcGRfZEwwcFBMVG84ZG1BeDZTTWdnSGVuRUpGNHc&is_vtc=1&ocp_id=oAqEY_DUBaCT9fgP69uI-AY&cid=CAQSKQDq26N9mqjgXl8nPlv7NSsjrjh-36fCyrXNoX_4kupiL1WjmVYEoGFZIBM&random=705045296&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_Incapsula_Resource
www.thehotelsnetwork.com/ Frame 119C 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thehotelsnetwork.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5718256882002941
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thehotelsnetwork.com/widget/core/latest/hub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
get_loader_data
www.thehotelsnetwork.com/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/get_loader_data?hotel_id=1092025&property_id=1016518&account_key=466bb1407e2f264f96346124f6c5c6ed
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092025&property_id=1016518&account_key=466bb1407e2f264f96346124f6c5c6ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e27f477ce26526349c5d86e37d11f42d987328c2e989a92d5931a297241d2178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
content-encoding
gzip
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-iinfo
10-183397974-183397976 PNNN RT(1669597855363 232) q(0 0 0 -1) r(1 1) U5
pragma
no-cache
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://arrowwoodbrainerdlodge.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
HUVrff7n4GjCPeZdlabrvShKbuzyvUo2nj_FdgmggXHmT4ZEreqcYg==
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=178514983025151&ev=PageView&dl=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&rl=&if=false&ts=1669597856203&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669597856116.1526334327&it=1669597855982&coo=false&tm=1&rqm=GET
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 28 Nov 2022 01:10:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=178514983025151&ev=Tracking&dl=https%3A%2F%2Farrowwoodbrainerdlodge.com%2Fpromotions%2Fyour-cyber-special%3Futm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3Dblack-friday&rl=&if=false&ts=1669597856204&cd[content_type]=hotel&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669597856116.1526334327&it=1669597855982&coo=false&tm=2&rqm=GET
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 28 Nov 2022 01:10:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
index.min.js
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 		385 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=38bbafc2
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092025&property_id=1016518&account_key=466bb1407e2f264f96346124f6c5c6ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
684fd622b3eb4c07ceacfcb904fc2865a6e9cb8d60d5bc819848fa1a6dcf4176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 27 Nov 2022 19:23:47 GMT
x-cdn
Imperva
etag
W/"6383b943-60336"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-iinfo
13-137373160-0 0CNN RT(1669597855496 18) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=0
content-length
103859
icon-envelope-brown.svg
arrowwoodbrainerdlodge.com/assets/images/ 		1 KB
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/icon-envelope-brown.svg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
8e98d7044469edba39a974e818a762bbc90a8265e649179478e549878debe381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
content-encoding
gzip
last-modified
Wed, 30 Jan 2019 19:06:54 GMT
server
Apache/2.4.7 (Ubuntu)
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
818
logo-footer.svg
arrowwoodbrainerdlodge.com/assets/images/ 		23 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/logo-footer.svg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
084046188b2b859ed3f93126552fe7157c50e3a405485a9c5057a4e952c44545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
content-encoding
gzip
last-modified
Wed, 30 Jan 2019 19:06:54 GMT
server
Apache/2.4.7 (Ubuntu)
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
5837
bkg-wood-groove-light.png
arrowwoodbrainerdlodge.com/assets/images/ 		196 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/bkg-wood-groove-light.png
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
49bf14b4eeb398a1d3577ff07ba55d7e944f95e0cedfe4e8fc976c59681039dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
last-modified
Wed, 30 Jan 2019 19:06:54 GMT
server
Apache/2.4.7 (Ubuntu)
accept-ranges
bytes
content-length
196
content-type
image/png
logo-clickrain.svg
arrowwoodbrainerdlodge.com/assets/images/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arrowwoodbrainerdlodge.com/assets/images/logo-clickrain.svg
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.104.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-104-197.us-west-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
60baf18a063106dcd7f14c89347aef247b04a46679f731b5413dc2b9fd39fb8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
content-encoding
gzip
last-modified
Wed, 30 Jan 2019 19:06:54 GMT
server
Apache/2.4.7 (Ubuntu)
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
3344
rlrct1.js
rtsys.rtrk.com/rct_lct/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsys.rtrk.com/rct_lct/js/rlrct1.js
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
209.97.16.17 , United States, ASN14446 (CNT-ASN, US),
Reverse DNS
wh070.infi.net
Software
nginx /
Resource Hash
83477ee1adcdefb387b340d769fe4b74d275da65c398bfd9952fa9beead2f3f5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 01:10:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Dec 2018 22:32:56 GMT
Server
nginx
ETag
"3301-57ceee561b600-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex,nofollow
Content-Length
3721
X-XSS-Protection
0
l
use.typekit.net/af/61961a/00000000000000000001707c/27/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/61961a/00000000000000000001707c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
577eb29033168284b5fafa405e0f49b2e680c311e9888aa923c1cf418d88ae83

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
server
nginx
etag
"9a7689fb57e6dda5e0454a7c9c15e4e41de35062"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
48468
l
use.typekit.net/af/6a3278/000000000000000000017080/27/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6a3278/000000000000000000017080/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f1e2b70a1df8427d1e9a65c08b07d0f14c207380adce83c1411179b6db95b7b9

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
server
nginx
etag
"a9bf153fdfb2f252b0d83adf098a933d6124f6a4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47072
l
use.typekit.net/af/d3823a/000000000000000000017087/27/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d3823a/000000000000000000017087/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
65f89ca82d7aa01c3eeb8d8f9280ed4a71a462423b4435e7130d6e9beb85b6b1

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
server
nginx
etag
"25ef623c117890dc3122648aeda511592a239baa"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47896
l
use.typekit.net/af/9aa4fe/000000000000000000013f4e/27/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9aa4fe/000000000000000000013f4e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8aa1f94eb99d57cb3324efb1b537bc32d6a3b8d73adea5be680bcba2b1920975

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
server
nginx
etag
"5970eaf1cd05a7ca2366f3dcb4411265feec7581"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36704
l
use.typekit.net/af/b714ca/000000000000000000013f4b/27/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b714ca/000000000000000000013f4b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
90a0e42b5f46798cc397147222168e17e8f2a41cea4ada46938cbd11b3ae9766

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
server
nginx
etag
"be208f7072737bd91e138490174485ebd4791e22"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
40708
l
use.typekit.net/af/9dc3b1/000000000000000000013f8f/27/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9dc3b1/000000000000000000013f8f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
52ce26ceeba83c537157f04873df47938240f2ce968f51aebac77a7b94249a5d

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
server
nginx
etag
"f61720dce904208de161e9db0106d12bad29b54a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36072
/
www.facebook.com/tr/ Frame 02B7 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://arrowwoodbrainerdlodge.com
Referer
https://arrowwoodbrainerdlodge.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://arrowwoodbrainerdlodge.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 01:10:56 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
p.gif
p.typekit.net/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=amm5cti&ht=tk&h=arrowwoodbrainerdlodge.com&f=4455.5018.5045.18438.18440.18445&a=427539&js=1.21.0&app=typekit&e=js&_=1669597856678
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
/
www.facebook.com/tr/ Frame 16BA 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: arrowwoodbrainerdlodge.com
URL: https://arrowwoodbrainerdlodge.com/promotions/your-cyber-special?utm_source=revinate&utm_medium=email&utm_campaign=black-friday
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://arrowwoodbrainerdlodge.com
Referer
https://arrowwoodbrainerdlodge.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://arrowwoodbrainerdlodge.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 01:10:56 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
index.min.js
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 		385 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=38bbafc2
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=38bbafc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
684fd622b3eb4c07ceacfcb904fc2865a6e9cb8d60d5bc819848fa1a6dcf4176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 27 Nov 2022 19:23:47 GMT
x-cdn
Imperva
etag
W/"6383b943-60336"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-iinfo
13-137373160-0 0CNN RT(1669597855496 1134) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
103859
c3373f4d.min.js
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 		151 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/c3373f4d.min.js?h=38bbafc2
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092025&property_id=1016518&account_key=466bb1407e2f264f96346124f6c5c6ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
94f0b87d317695f905869e223d5a5390d8c98a0dedde268f5862c16de12f4158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 27 Nov 2022 19:23:46 GMT
x-cdn
Imperva
etag
W/"6383b942-25ab3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-iinfo
13-137373160-0 0CNN RT(1669597855496 1136) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
41796
ec6c1c5195eb457d8b2cba6b15191d30.min.js
js.sentry-cdn.com// 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com//ec6c1c5195eb457d8b2cba6b15191d30.min.js
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=38bbafc2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7001af9c7a0179ce7606b6aee1bfdd367d506e65e656656893d9af0893aa1e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
age
11
x-envoy-upstream-service-time
12
content-length
1017
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-5c68b88dcb-qcg97, cache-bog2260027-BOG
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
https://sentry.io
8c365a89.min.js
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/8c365a89.min.js?h=38bbafc2
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092025&property_id=1016518&account_key=466bb1407e2f264f96346124f6c5c6ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a9b7ac6203659317e480c49b11e55a196d62163ec021de9462aacee26395c974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 27 Nov 2022 19:23:46 GMT
x-cdn
Imperva
etag
W/"6383b942-a29d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-iinfo
13-137373160-137361668 2CNN RT(1669597855496 1200) q(0 0 0 -1) r(0 0)
cache-control
max-age=0
content-length
13410
add_widget_url_history
www.thehotelsnetwork.com/ 		12 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/add_widget_url_history
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=38bbafc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a627cdef47d90beb8922c69653ebe40592d9af103fb4e925c2dee8bc0615f83e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Nov 2022 01:10:57 GMT
content-encoding
gzip
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-iinfo
10-183397974-183397976 PNNN RT(1669597855363 1541) q(0 0 0 -1) r(0 0) U6
pragma
no-cache
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://arrowwoodbrainerdlodge.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
tB0ZE9OKNZV3-taTtrtv9Zaqk36Bm-Tejss0zn3UJi6RqRdo2OFnUg==
expires
Thu, 19 Nov 1981 08:52:00 GMT
getItem.html
rlets.com/static/ Frame 4004 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rlets.com/static/getItem.html?rl_eid=rctOptOut&rl_ws=%5B%22RlocalOptOut%22%5D
Requested by
Host: rtsys.rtrk.com
URL: https://rtsys.rtrk.com/rct_lct/js/rlrct1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.15.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-15-95.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
1760
content-type
text/html
date
Mon, 28 Nov 2022 01:10:58 GMT
last-modified
Tue, 25 Oct 2022 18:55:19 GMT
getItem.html
rlets.com/static/ Frame 96E4 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rlets.com/static/getItem.html?rl_eid=rctOptOut&rl_ws=%5B%22RlocalOptOut%22%5D
Requested by
Host: rtsys.rtrk.com
URL: https://rtsys.rtrk.com/rct_lct/js/rlrct1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.15.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-15-95.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0a17285f6c90a2206c11f5a586ae3f55a4dbaabe014a6ddd8be24b22832abd58

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
1760
content-type
text/html
date
Mon, 28 Nov 2022 01:10:58 GMT
last-modified
Tue, 25 Oct 2022 18:55:19 GMT
aef08f56.min.js
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/aef08f56.min.js?h=38bbafc2
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092025&property_id=1016518&account_key=466bb1407e2f264f96346124f6c5c6ed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4f032bc322fb2027489cf64bef66efc96b1b8a8a744e7bd41e3107c861825d79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
Origin
https://arrowwoodbrainerdlodge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:10:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 27 Nov 2022 23:43:41 GMT
x-cdn
Imperva
etag
W/"6383f62d-84c9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-iinfo
13-137373160-0 0CNN RT(1669597855496 2231) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
14414
init
www.thehotelsnetwork.com/agent/ 		592 B
809 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/agent/init
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=38bbafc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
13ce48fe76dc11067c63f0d1510c4b7d494080745e734ca55f4fd1833bf37d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Nov 2022 01:10:58 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P3
vary
Origin
x-cache
Miss from cloudfront
x-forwarded-for
217.64.151.32, 149.126.78.9
access-control-allow-origin
https://arrowwoodbrainerdlodge.com
x-iinfo
10-183397974-183397976 PNNN RT(1669597855363 2793) q(0 0 0 -1) r(1 1) U6
content-type
application/json
access-control-allow-credentials
true
content-length
592
x-amz-cf-id
j2AlNvinHUI09B6CslsH7JeBw19fj6jcOugM1l__LPeQlyVR1n184g==
get-visitor-data
www.thehotelsnetwork.com/agent/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/agent/get-visitor-data
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=38bbafc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f923ea79c0e9bde15bce90dc3469ed50fa493545b903656f57e23a66d51daeda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arrowwoodbrainerdlodge.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Nov 2022 01:10:59 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P3
vary
Origin
x-cache
Miss from cloudfront
x-forwarded-for
217.64.151.32, 149.126.78.9
access-control-allow-origin
https://arrowwoodbrainerdlodge.com
x-iinfo
10-183397974-183397976 PNNN RT(1669597855363 2922) q(0 0 0 -1) r(2 2) U6
content-type
application/json
access-control-allow-credentials
true
content-length
1277
x-amz-cf-id
l01KKpF1OzMduHwmnOoBquA-gNKR1HNdXpFDIsACzqSkSYK9ArX7iA==
getcookie
rtsys.rtrk.com/ 		94 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtsys.rtrk.com/getcookie?RlocalRCT
Requested by
Host: rtsys.rtrk.com
URL: https://rtsys.rtrk.com/rct_lct/js/rlrct1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
209.97.16.17 , United States, ASN14446 (CNT-ASN, US),
Reverse DNS
wh070.infi.net
Software
nginx /
Resource Hash
7015ae84a6ef0ffb6d73888d1a87c3fbb0861c1f05ae2980698ad8ecce088596
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://arrowwoodbrainerdlodge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 01:10:59 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Robots-Tag
noindex,nofollow
Content-Length
78
X-XSS-Protection
0

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Typekit object| html5 object| Modernizr object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| key object| gaplugins object| gaGlobal object| gaData function| gtag object| GooglebQhCsO function| onYouTubeIframeAPIReady function| thn function| getHost function| getSubmitButton function| getFormData function| revFormOnSubmit object| regeneratorRuntime undefined| DataLayerHelper function| openMobileNav function| closeMobileNav function| toggleMobileNav function| toggleMobileChildNav function| toggleMobileBooking function| openMobileSubnav function| closeMobileSubnav function| toggleMobileSubnav function| toggleCaption function| submitNewsletter function| $ function| jQuery object| picturefillCFG function| picturefill object| lazySizes function| Picker function| Waypoint object| $body object| $page_header string| rlrctTRKDOM string| waypointContextKey object| jQuery111102896031401995056 object| Sentry function| getQueryVariableFromString function| rl_native function| initializeRCT object| RLRCT object| RLOptOutCheck number| c_start undefined| RlocalRCT undefined| latent_cookie_time_get undefined| mcid_get undefined| madvid_get undefined| rllatent_id_get number| c_end

26 Cookies

Domain/Path Name / Value
www.thehotelsnetwork.com/widget/core/latest/hub Name: thn_id
Value: TFE3Oj84NkNBQzo/RVFpUWJfaGI0X2ZmNWVfNTI2Y2VkN2dgN2ZoNWU1N2M2aDNnUVtRRUA8Nj9RaVE2Snk5M3Y0On46eXgmS3hgfTp4RHg/I2Q0cnhleDxBKSdyeWhdNkp5OSo/fTcqYUlFKWJ9OzJ1aGErKXg6fjp4SXs7cEZ8cnhEeD51OjRgaEs1KHk3NXc9SCskeGV4PytBNGE9XzNieDp7cnk5NSgiOn49RDoqKHlLeD1fRHg+PUs0SnhleD0jeCU6eER4PkFfMiR4ZXg7cEkjX0EqJ19ES3x1NSokPCpLfSUrKiNzOEt+cz0jJ2Bxd3g6SDo0Yic6eDtAOnxzdXckPTkpJEt5MiUmQGJ8PSpJJHMrdn0nPSgjO3UmIiV0OjciXUB3Qz5xJmZwfXd2QEBlQ2A0KDI9P2UmZDMyN2R1RD1oNiNmOnlcIj8kPipRTg==
arrowwoodbrainerdlodge.com/promotions Name: PHPSESSID
Value: rtfdtnc2u0bu33scqrt6utb9t7
arrowwoodbrainerdlodge.com/ Name: _eb9cd
Value: http://172.17.0.14:80
.arrowwoodbrainerdlodge.com/ Name: _cr_analytics
Value: %7B%22utm_source%22%3A%22revinate%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_campaign%22%3A%22black-friday%22%2C%22crt_visits_previous%22%3Anull%2C%22crt_visits_total%22%3A1%2C%22crt_visits_current%22%3A1669597855%7D
arrowwoodbrainerdlodge.com/ Name: exp_last_visit
Value: 1354237855
arrowwoodbrainerdlodge.com/ Name: exp_last_activity
Value: 1669597855
arrowwoodbrainerdlodge.com/ Name: exp_tracker
Value: %7B%220%22%3A%22promotions%2Fyour-cyber-special%22%2C%22token%22%3A%225b9d1b5b741140ed9308481bf0e7721d%22%7D
arrowwoodbrainerdlodge.com/ Name: exp_csrf_token
Value: 53e7777b76a376371b5556ca6397c0d331bd3ccb
arrowwoodbrainerdlodge.com/ Name: exp_stashid
Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A40%3A%222b970b003c24e2ed9777a69e096e96281b2ec11e%22%3Bs%3A2%3A%22dt%22%3Bi%3A1669597855%3B%7D
.arrowwoodbrainerdlodge.com/ Name: _gid
Value: GA1.2.1591879548.1669597856
.arrowwoodbrainerdlodge.com/ Name: _dc_gtm_UA-33833826-1
Value: 1
.arrowwoodbrainerdlodge.com/ Name: _gcl_au
Value: 1.1.359113445.1669597856
www.thehotelsnetwork.com/ Name: __thn_ss
Value: a5df5c259eb65ed57c7155e3b4788e98
.thehotelsnetwork.com/ Name: visid_incap_2454396
Value: v2OII8KDQem16nFezlG1vZ8KhGMAAAAAQUIPAAAAAACEVA/s9tI9kPbjfqIh+Bjm
.thehotelsnetwork.com/ Name: nlbi_2454396
Value: U7gXau/IBFON+uKZ5i1CcAAAAACwFaLKSVQg38W/jSIVBspz
.thehotelsnetwork.com/ Name: incap_ses_474_2454396
Value: wld+IvfOTkTCo5ttPv2TBp8KhGMAAAAAxJAtblSPF3DwYGwfFedFQw==
.arrowwoodbrainerdlodge.com/ Name: _ga_5EXQ6KNFME
Value: GS1.1.1669597856.1.0.1669597856.60.0.0
.arrowwoodbrainerdlodge.com/ Name: _ga
Value: GA1.1.1089020149.1669597856
.adnxs.com/ Name: uuid2
Value: 2973351778884745551
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E>0jYjk*!]tbP6j2F-XstGt!@DIH$^^6z
.doubleclick.net/ Name: IDE
Value: AHWqTUkLdGzAAyhHvqiR6Ir-AmsxMXk_oIRAQ3FjMeLLxdLu9myxsWKMaQgz6Dge
.arrowwoodbrainerdlodge.com/ Name: _fbp
Value: fb.1.1669597856116.1526334327
.sojern.com/ Name: gid
Value: CAESEB3sMtQNWO8WxIF_NYpPwC8
.sojern.com/ Name: cid
Value: f4539814-e48a-5f77-5871-00a732c4fd62#1669593600000
.sojern.com/ Name: apnid
Value: 2973351778884745551
arrowwoodbrainerdlodge.com/ Name: RlocalTag
Value: rl_tag%3D0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
arrowwoodbrainerdlodge.com
beacon.sojern.com
c.gm-04.guest-message.com
cm.g.doubleclick.net
connect.facebook.net
contact-api.inguest.com
fcmatch.google.com
fcmatch.youtube.com
googleads.g.doubleclick.net
ib.adnxs.com
js.createsend1.com
js.sentry-cdn.com
match.adsrvr.org
p.typekit.net
pixel.sojern.com
region1.analytics.google.com
rlets.com
rtsys.rtrk.com
secure.adnxs.com
stats.g.doubleclick.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.thehotelsnetwork.com
107.178.244.119
142.250.181.226
142.250.185.198
142.250.186.162
143.204.215.28
15.197.193.217
167.89.123.124
2001:4860:4802:32::36
209.97.16.17
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9c
2a02:26f0:480:f::213:7ec6
2a02:26f0:480:f::213:7edb
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42::729
35.167.226.169
37.252.171.53
37.252.173.215
44.236.15.95
45.60.198.96
52.34.104.197
01d3f9b66f34784cb57bf74aa3a0af00e4678e2f28d5ad0a8a6b481340371111
084046188b2b859ed3f93126552fe7157c50e3a405485a9c5057a4e952c44545
0a17285f6c90a2206c11f5a586ae3f55a4dbaabe014a6ddd8be24b22832abd58
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13c5a70987ce1cb671227f91c4d10905e433c6ab919d976cef35b59efbe2d504
13ce48fe76dc11067c63f0d1510c4b7d494080745e734ca55f4fd1833bf37d81
1e2f2a771187e2c072f560f39853aa60575d9ee46d160555b7027ddfa57c07df
2013f00120eab5b2c18b7f0f6554c7741dab49acfc3ccb35642b644010435ed6
20f72a32a876f344104ddccafbeb9f28ebd377242f5af9a28b0dc76fb146aa2d
215cb7c17493156340821749940f46d245f0f431facbe6b1989e83a6c64737f0
27477cae35fa16324eb29e830c181ad33340f63cea5f3623d5428adc9198aa34
376732ab69841a4a9b8ce92be32d96c6ed926025296f13c0e42b27129ba214f9
3b226972b9ad2df78f5e208c4f85655ee64b5f63e0f5182de13a9b6bb82a60db
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
47fb25098d91610711500a40641a2c8e5c85fc91ce5bebf7ec1da8f5466ca777
49bf14b4eeb398a1d3577ff07ba55d7e944f95e0cedfe4e8fc976c59681039dc
4cfc671716cf85e59a063acd19c4c1603464f371551272894116ab9c150ca8c1
4f032bc322fb2027489cf64bef66efc96b1b8a8a744e7bd41e3107c861825d79
52ce26ceeba83c537157f04873df47938240f2ce968f51aebac77a7b94249a5d
577eb29033168284b5fafa405e0f49b2e680c311e9888aa923c1cf418d88ae83
60baf18a063106dcd7f14c89347aef247b04a46679f731b5413dc2b9fd39fb8e
62f6638990c2815bab72692677ccf10500d896499256a0a1fe61e3658ab05923
63e708e313638ed4c867047097d02cdf28e60ac3e00d0e79d38151228fbc3bde
65f89ca82d7aa01c3eeb8d8f9280ed4a71a462423b4435e7130d6e9beb85b6b1
65fd8acb05bdb8a0e3fd73cc69ca570d80607c6eefd3e9e03a6740f7e7d8fa23
684fd622b3eb4c07ceacfcb904fc2865a6e9cb8d60d5bc819848fa1a6dcf4176
6c14a6bd25606cdb718aa2d72420ad910b37004998d3bdefba32a7950eead93d
7015ae84a6ef0ffb6d73888d1a87c3fbb0861c1f05ae2980698ad8ecce088596
71196eb623b412db951d3b6b69a95792bc1227278e71e9d9e32bed0362e676bc
7dfc3ef73c1284c7aff3c5cdac3812d212c8b899037d7860c8ba20a1defb9a7f
8298d8991a694ce2e0cd8dd23e6bca68821fe2b3961208115b957e16066665ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83477ee1adcdefb387b340d769fe4b74d275da65c398bfd9952fa9beead2f3f5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa1f94eb99d57cb3324efb1b537bc32d6a3b8d73adea5be680bcba2b1920975
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e98d7044469edba39a974e818a762bbc90a8265e649179478e549878debe381
90a0e42b5f46798cc397147222168e17e8f2a41cea4ada46938cbd11b3ae9766
94f0b87d317695f905869e223d5a5390d8c98a0dedde268f5862c16de12f4158
989596cca7cd7597702a2c8c5949b78943613c085b9c34db7f58eea4729f5de3
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9dfa9dbb82e64eea0613fa3cc1cfd54fed91e71c93f88f2e73a44db5b3a6163c
a627cdef47d90beb8922c69653ebe40592d9af103fb4e925c2dee8bc0615f83e
a6388bf62ca6bdd4763e191a1f9dbeeac1dc969ebccd9a83ef3212f001f6a22e
a73a252edf7b3f3822f7653a289c9ec16aeb0df3e82efc4f8e6ce1807f4f8dbe
a9b7ac6203659317e480c49b11e55a196d62163ec021de9462aacee26395c974
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c69a88089968375b82a01865f60c77601898ea863f874c6bb7974ec7c023f4a3
c81311e28fdfb5c589608f519eb760373a8c7c1eb1762dff3e638f4ea4949035
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
e1296f20c5de3b6720f76c471540cf18552e2634561e337c151bde6fff28f2bd
e27f477ce26526349c5d86e37d11f42d987328c2e989a92d5931a297241d2178
e2daf94de8bb1ff77b8219a118b97503fa5b1ee2be9e6b7d4fc012533f93ddd6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7001af9c7a0179ce7606b6aee1bfdd367d506e65e656656893d9af0893aa1e1
e955e049f968b099bf8d0321c20ac29324f73a5e74fb36e4edd2ed56e8aec3a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12f3618066acf2950ae7ace285743d8a5ebc0ad08b3eaf6cf059987ec1f3f35
f1e2b70a1df8427d1e9a65c08b07d0f14c207380adce83c1411179b6db95b7b9
f37047969f81e2a87a9181a5020efd8ba59b03d4c273d7394ab62d8e20e94dbf
f3fc7d8e1e98e2cdb9b1221bb442291d923eec8db1ffc58009478a40c241f423
f923ea79c0e9bde15bce90dc3469ed50fa493545b903656f57e23a66d51daeda