urlscan.io logo urlscan.io
SecurityTrails logo

be.synxis.com Open in urlscan Pro
45.60.46.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u27595191.ct.sendgrid.net/ls/click?upn=u001.L-2BeCXIpMQ0jtnX-2BxkfLV5-2FTN67vFTkzrGop1NX4-2F28LhvK53iN4zrUbWEupwH-2BdH5B7t...
Effective URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&cha...
Submission: On October 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 3 countries across 24 domains to perform 132 HTTP transactions. The main IP is 45.60.46.204, located in United States and belongs to INCAPSULA, US. The main domain is be.synxis.com. The Cisco Umbrella rank of the primary domain is 51760.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q3 on August 4th 2024. Valid for: 6 months.
This is the only time be.synxis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.35 11377 (SENDGRID)
17 45.60.46.204 19551 (INCAPSULA)
26 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 45.60.155.144 19551 (INCAPSULA)
1 2600:9000:235... 16509 (AMAZON-02)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 172.217.16.130 15169 (GOOGLE)
3 18.66.147.127 16509 (AMAZON-02)
4 2a04:4e42:600... 54113 (FASTLY)
3 3 107.154.192.208 19551 (INCAPSULA)
3 2a00:1450:400... 15169 (GOOGLE)
1 8 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a03:2880:f08... 32934 (FACEBOOK)
1 18.66.102.51 16509 (AMAZON-02)
1 45.60.154.108 19551 (INCAPSULA)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a03:2880:f17... 32934 (FACEBOOK)
1 2620:1ec:29:1... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:225... 16509 (AMAZON-02)
7 3.161.82.70 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.25.236.4 16509 (AMAZON-02)
1 2600:9000:264... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 34.135.178.72 396982 (GOOGLE-CL...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 151.101.65.182 54113 (FASTLY)
2 2600:9000:275... 16509 (AMAZON-02)
1 151.101.2.133 54113 (FASTLY)
132 34
1    167.89.118.35 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net
u27595191.ct.sendgrid.net
17    45.60.46.204 (United States)

ASN19551 (INCAPSULA, US)
be.synxis.com
26    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    45.60.155.144 (United States)

ASN19551 (INCAPSULA, US)
be-cms-api.synxis.com
1    2600:9000:235a:f600:0:e5a2:8c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
twi.revinate.com
6    2606:4700:10::6816:3591 (United States)

ASN13335 (CLOUDFLARENET, US)
integration.flip.to
cdn.flip.to
sa.flip.to
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googleadservices.com
3    18.66.147.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-127.fra60.r.cloudfront.net
api.cartstack.com
4    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
seal.globalsign.com
ssif1.globalsign.com
3    107.154.192.208 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.192.208.ip.incapdns.net
gc.synxis.com
3    2a00:1450:4001:82f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
8    2606:4700:3030::ac43:a4e2 (United States)

ASN13335 (CLOUDFLARENET, US)
onboard.triptease.io
targeted-messages.triptease.io
5    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net
tag.uplift.com
1    45.60.154.108 (United States)

ASN19551 (INCAPSULA, US)
be-cms-api-p1.synxis.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
13    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2620:1ec:29:1::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2600:9000:2251:6800:16:3eaa:9140:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.navisperformance.com
7    3.161.82.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-70.fra56.r.cloudfront.net
www.thehotelsnetwork.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
4    52.25.236.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-236-4.us-west-2.compute.amazonaws.com
fusion-api.navisperformance.com
1    2600:9000:2644:a200:1:5bd4:31c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.uplift.com
1    2606:4700:4400::ac40:9105 (United States)

ASN13335 (CLOUDFLARENET, US)
www.wigwamarizona.com
1    2606:4700::6812:bd5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.quantummetric.com
4    34.135.178.72 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.178.135.34.bc.googleusercontent.com
ingest.quantummetric.com
2    2606:4700:3032::6815:59cd (United States)

ASN13335 (CLOUDFLARENET, US)
targeted-messages.triptease.io
api.triptease.io
3    151.101.65.182 (San Francisco, United States)

ASN54113 (FASTLY, US)
static-meta.triptease.io
2    2600:9000:275d:3200:1d:40aa:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
p.relay-t.io
1    151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
messages.guest-experience.triptease.io
Apex Domain
Subdomains		 Transfer
26 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
1 MB
22 synxis.com
be.synxis.com — Cisco Umbrella Rank: 51760
be-cms-api.synxis.com — Cisco Umbrella Rank: 141580
gc.synxis.com — Cisco Umbrella Rank: 271983
be-cms-api-p1.synxis.com — Cisco Umbrella Rank: 157166
2 MB
14 triptease.io
onboard.triptease.io — Cisco Umbrella Rank: 37763
targeted-messages.triptease.io — Cisco Umbrella Rank: 56824
static-meta.triptease.io — Cisco Umbrella Rank: 97851
messages.guest-experience.triptease.io — Cisco Umbrella Rank: 59087
api.triptease.io — Cisco Umbrella Rank: 56526
143 KB
13 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
7 thehotelsnetwork.com
www.thehotelsnetwork.com — Cisco Umbrella Rank: 41593
88 KB
7 navisperformance.com
assets.navisperformance.com — Cisco Umbrella Rank: 75591
fusion-api.navisperformance.com — Cisco Umbrella Rank: 74711
142 KB
6 flip.to
integration.flip.to — Cisco Umbrella Rank: 65401
cdn.flip.to — Cisco Umbrella Rank: 85599
sa.flip.to — Cisco Umbrella Rank: 75155
24 KB
5 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2492
ingest.quantummetric.com — Cisco Umbrella Rank: 2862
102 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
82 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
ampcid.google.com — Cisco Umbrella Rank: 6370
461 B
4 globalsign.com
seal.globalsign.com — Cisco Umbrella Rank: 58408
ssif1.globalsign.com — Cisco Umbrella Rank: 84622
11 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
storage.googleapis.com — Cisco Umbrella Rank: 356
45 KB
3 cartstack.com
api.cartstack.com — Cisco Umbrella Rank: 59448
24 KB
2 relay-t.io
p.relay-t.io — Cisco Umbrella Rank: 50898
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
21 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 11271
ampcid.google.de Failed
127 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
576 B
2 uplift.com
tag.uplift.com — Cisco Umbrella Rank: 21285
cdn.uplift.com — Cisco Umbrella Rank: 25345
145 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
23 KB
1 wigwamarizona.com
www.wigwamarizona.com
2 KB
1 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
163 B
1 revinate.com
twi.revinate.com — Cisco Umbrella Rank: 109485
21 KB
1 sendgrid.net
u27595191.ct.sendgrid.net
428 B
0 gatag.it Failed
www.gatag.it Failed
132 24
Domain Requested by
26 www.googletagmanager.com be.synxis.com
integration.flip.to
www.googletagmanager.com
static-meta.triptease.io
17 be.synxis.com be.synxis.com
www.google-analytics.com
cdn.quantummetric.com
13 www.facebook.com be.synxis.com
7 www.thehotelsnetwork.com www.googletagmanager.com
www.thehotelsnetwork.com
7 onboard.triptease.io 1 redirects be.synxis.com
onboard.triptease.io
cdn.quantummetric.com
5 connect.facebook.net be.synxis.com
www.googletagmanager.com
connect.facebook.net
4 ingest.quantummetric.com cdn.quantummetric.com
4 fusion-api.navisperformance.com assets.navisperformance.com
cdn.quantummetric.com
4 sa.flip.to cdn.flip.to
3 static-meta.triptease.io onboard.triptease.io
cdn.quantummetric.com
3 assets.navisperformance.com be.synxis.com
assets.navisperformance.com
3 storage.googleapis.com be.synxis.com
3 gc.synxis.com 3 redirects
3 api.cartstack.com be.synxis.com
api.cartstack.com
2 p.relay-t.io static-meta.triptease.io
p.relay-t.io
2 targeted-messages.triptease.io onboard.triptease.io
targeted-messages.triptease.io
2 www.google.de be.synxis.com
2 www.google.com 1 redirects www.googletagmanager.com
2 ssif1.globalsign.com seal.globalsign.com
be.synxis.com
2 seal.globalsign.com be.synxis.com
2 www.googleadservices.com be.synxis.com
www.googleadservices.com
1 api.triptease.io targeted-messages.triptease.io
1 messages.guest-experience.triptease.io cdn.quantummetric.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.quantummetric.com be.synxis.com
1 www.wigwamarizona.com
1 cdn.uplift.com tag.uplift.com
1 ampcid.google.com www.google-analytics.com
1 cdn.flip.to www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 www.clarity.ms www.googletagmanager.com
1 googleads.g.doubleclick.net 1 redirects
1 be-cms-api-p1.synxis.com be.synxis.com
1 tag.uplift.com be.synxis.com
1 integration.flip.to be.synxis.com
1 twi.revinate.com be.synxis.com
1 be-cms-api.synxis.com be.synxis.com
1 ajax.googleapis.com be.synxis.com
1 u27595191.ct.sendgrid.net 1 redirects
0 ampcid.google.de Failed www.google-analytics.com
0 www.gatag.it Failed be.synxis.com
132 43

This site contains links to these domains. Also see Links.

Domain
wigwamarizona.com
preferredhotels.com
www.preferredhotels.com
www.historichotels.org
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-08-04 -
2025-01-31		 6 months crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.revinate.com
Amazon RSA 2048 M02		 2024-03-23 -
2025-04-21		 a year crt.sh
flip.to
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
*.googleadservices.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
cartstack.com
Amazon RSA 2048 M03		 2024-03-20 -
2025-04-19		 a year crt.sh
www.globalsign.com
GlobalSign Extended Validation CA - SHA256 - G3		 2024-10-07 -
2025-11-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-28 -
2024-10-26		 3 months crt.sh
*.uplift.com
Amazon RSA 2048 M02		 2024-03-28 -
2025-04-26		 a year crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
onboard.triptease.io
WE1		 2024-08-25 -
2024-11-23		 3 months crt.sh
*.navisperformance.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-09 -
2025-05-27		 a year crt.sh
*.thehotelsnetwork.com
Amazon RSA 2048 M03		 2024-08-21 -
2025-09-19		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google.de
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
www.wigwamarizona.com
WE1		 2024-09-10 -
2024-12-09		 3 months crt.sh
quantummetric.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
*.quantummetric.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-19 -
2025-02-13		 a year crt.sh
targeted-messages.triptease.io
WE1		 2024-08-26 -
2024-11-24		 3 months crt.sh
*.triptease.io
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-03 -
2025-05-05		 a year crt.sh
p.relay-t.io
Amazon RSA 2048 M02		 2024-04-30 -
2025-05-29		 a year crt.sh
*.guest-experience.triptease.io
R11		 2024-10-14 -
2025-01-12		 3 months crt.sh
api.triptease.io
WE1		 2024-09-08 -
2024-12-07		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Frame ID: 3A5E8471D308B780440725914EBF9ACD
Requests: 121 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/v8466.119522/kernel-host.html?originHost=be.synxis.com
Frame ID: E8AF50E5547B1BEE1A13C9C745A0C240
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4a90/sw_iframe.html?origin=https%3A%2F%2Fbe.synxis.com
Frame ID: AE887804CE195CC08FAD0F403A30DA82
Requests: 1 HTTP requests in this frame

Frame: https://cdn.uplift.com/client/modal/v2/2.2.4/index.html?origin=https%3A%2F%2Fbe.synxis.com&channel=up-6654-4d6d-1282-4826-45636fc9d0e5
Frame ID: C8F96FD8504B65D451748A86D074D02D
Requests: 1 HTTP requests in this frame

Frame: https://ingest.quantummetric.com/horizon/sabre?T=B&u=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&t=1729286420086&v=1729286420105&S=0&N=0&P=0&z=1
Frame ID: D8E1B7A429624418BC932F18AE697F08
Requests: 4 HTTP requests in this frame

Frame: https://targeted-messages.triptease.io/static/storageIframe.html
Frame ID: 939DC1466888B2741EF509CDEEBD1BE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Wigwam Resort-Phoenix-Litchfield Park Area - Reservations - Search for a Reservation

Page URL History Show full URLs

  1. https://u27595191.ct.sendgrid.net/ls/click?upn=u001.L-2BeCXIpMQ0jtnX-2BxkfLV5-2FTN67vFTkzrGop1NX4-2F28LhvK53iN... HTTP 302
    https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • api\.cartstack\.\w+
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

132
Requests

94 %
HTTPS

64 %
IPv6

24
Domains

43
Subdomains

34
IPs

3
Countries

3994 kB
Transfer

13629 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u27595191.ct.sendgrid.net/ls/click?upn=u001.L-2BeCXIpMQ0jtnX-2BxkfLV5-2FTN67vFTkzrGop1NX4-2F28LhvK53iN4zrUbWEupwH-2BdH5B7tPNbbnCqc0d55ZWjSFyNKIx5j-2B3uzyk2Q3T9Tbv3AEtYwJCPc18jM9rxWES-2BKDKxhKNCc-2BEz4PnATmn8JifSqxJCVVy6nZrkhZHTKzfNqPSbiq2BtFLLn85I3WeP0sAkYWW3rzjZ9AJWI7feftA-2FyjvayQq2RbLiRBloeifVox0PUkjohp7tT1Ml4uc8IT-2BJEn7Hocy5P2T1gJo7E92lETgtnJLFYXN83Ditd6pJNRUh0wrYiprOpuKWciLjWtx7H_09RutBFa1x8uCeiX0tYSQzkpFQXyVweUIX50W9pruJHcorQb7oxdkfRmzQ7xqj0XHFTIPjlfGmTVH0yfYO4JXHyEAv9nx2SFIpINbFToGd0h4z5aYi2XK-2Fr63tMuNtggAQRaRVrb-2FIyILK7w-2B2esWXSdwsI1yTpBdnbuJSak1FuRsL3EMh2jGh6Pf6WKIpIzWZVt71jdxBqP7-2B95mCIws1eJ5u4QGW81yvotWru-2FBEi0Ni6lTbAjwmZffqqatdQRsj8su3DGKLSbLP45Zyz93HxnrVv5hz8LxQ9zuvmV8XdgyrYlaW1nq5TFfRgscYmU5YLNrvP8szjmhUw1HDI3w32F-2BDMkxOq-2F90M2aokfwDOu-2BzXl5e9fY6xDXtptNg5pNkScTQIju-2FGVm5jM5AHS3EbwszuTWczgHZkVrUlLmQzxgMNUti1KRu4IPScjAbc0XZ-2FsYKCFtRDHUV8lEGuE9MrOHRSqIHDGOc18G7LYw50-3D HTTP 302
    https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://gc.synxis.com/CHAIN/10237/IMAGES/SHELL/lif-logo-wh-120.png HTTP 301
  • https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/lif-logo-wh-120.png
Request Chain 17
  • https://gc.synxis.com/CHAIN/56/IMAGES/SHELL/hha-logo-wh-120.png HTTP 301
  • https://storage.googleapis.com/webimages-p1shrd/chain/56/images/shell/hha-logo-wh-120.png
Request Chain 18
  • https://gc.synxis.com/CHAIN/10237/IMAGES/SHELL/iprefer_white2_120.png HTTP 301
  • https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/iprefer_white2_120.png
Request Chain 22
  • https://onboard.triptease.io/bootstrap.js?integrationId=01DFTF0DHFPCVRG4RKEX7R7FHN HTTP 307
  • https://onboard.triptease.io/bootstrap/v8466.119522/bootstrap.js
Request Chain 31
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937041120/?random=715253286&cv=9&fst=1729286416942&num=1&label=aPmICMjMh2IQ4LnovgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&capi=1&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIyt_l9O2YiQMVGNkRCB3LbBHWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2JlLnN5bnhpcy5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/937041120/?random=715253286&cv=9&fst=1729286416942&num=1&label=aPmICMjMh2IQ4LnovgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&capi=1&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIyt_l9O2YiQMVGNkRCB3LbBHWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2JlLnN5bnhpcy5jb20v&is_vtc=1&cid=CAQSGwDpaXnfMpq1ZSEgjltRFle5MM6g1rsN2ASZbg&random=419714322&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/937041120/?random=715253286&cv=9&fst=1729286416942&num=1&label=aPmICMjMh2IQ4LnovgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&capi=1&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIyt_l9O2YiQMVGNkRCB3LbBHWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2JlLnN5bnhpcy5jb20v&is_vtc=1&cid=CAQSGwDpaXnfMpq1ZSEgjltRFle5MM6g1rsN2ASZbg&random=419714322&resp=GooglemKTybQhCsO&ipr=y

132 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
be.synxis.com/
Redirect Chain
  • https://u27595191.ct.sendgrid.net/ls/click?upn=u001.L-2BeCXIpMQ0jtnX-2BxkfLV5-2FTN67vFTkzrGop1NX4-2F28LhvK53iN4zrUbWEupwH-2BdH5B7tPNbbnCqc0d55ZWjSFyNKIx5j-2B3uzyk2Q3T9Tbv3AEtYwJCPc18jM9rxWES-2BKDKx...
  • https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=e...
719 KB
126 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e4db130a2e721f5600c7ec607f1c2d918b780c0fa0e3ceae4b3bc59a091c91b0
Security Headers
Name Value
Content-Security-Policy img-src data: *; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: *; media-src *; worker-src 'self' *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.doubleclick.net icm.aexp-static.com *.quantummetric.com *.triptease.io triptease.io pdx-col.eum-appdynamics.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com blob:; child-src 'self' *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.doubleclick.net icm.aexp-static.com *.quantummetric.com *.triptease.io triptease.io pdx-col.eum-appdynamics.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com blob:; script-src 'strict-dynamic' 'nonce-K7MQ2XXGU0R0h9Bmt8p0Og==' 'unsafe-inline' 'unsafe-eval' 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io https://*.sabre-gcp.com https://*.sabre-gcp.com:3000 https://*.sabre-gcp.com:3001 https://*.sabre-gcp.com:3002 https://*.sabrecirrus.com pdx-col.eum-appdynamics.com *.quantummetric.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com; default-src 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io https://*.sabre-gcp.com https://*.sabre-gcp.com:3000 https://*.sabre-gcp.com:3001 https://*.sabre-gcp.com:3002 https://*.sabrecirrus.com pdx-col.eum-appdynamics.com *.quantummetric.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com; report-uri /reports?hid=53654&cid=10237&sid=z1TBwoiydli-LejpZM4m6if9
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
img-src data: *; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: *; media-src *; worker-src 'self' *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.doubleclick.net icm.aexp-static.com *.quantummetric.com *.triptease.io triptease.io pdx-col.eum-appdynamics.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com blob:; child-src 'self' *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.doubleclick.net icm.aexp-static.com *.quantummetric.com *.triptease.io triptease.io pdx-col.eum-appdynamics.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com blob:; script-src 'strict-dynamic' 'nonce-K7MQ2XXGU0R0h9Bmt8p0Og==' 'unsafe-inline' 'unsafe-eval' 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io https://*.sabre-gcp.com https://*.sabre-gcp.com:3000 https://*.sabre-gcp.com:3001 https://*.sabre-gcp.com:3002 https://*.sabrecirrus.com pdx-col.eum-appdynamics.com *.quantummetric.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com; default-src 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io https://*.sabre-gcp.com https://*.sabre-gcp.com:3000 https://*.sabre-gcp.com:3001 https://*.sabre-gcp.com:3002 https://*.sabrecirrus.com pdx-col.eum-appdynamics.com *.quantummetric.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com; report-uri /reports?hid=53654&cid=10237&sid=z1TBwoiydli-LejpZM4m6if9
content-type
text/html; charset=utf-8
date
Fri, 18 Oct 2024 21:20:15 GMT
link
</public/js/font-spark-icon-fill.woff2>; rel=preload; as=font; type=font/woff2; crossOrigin=anonymous, </public/js/font-spark-icon-line.woff2>; rel=preload; as=font; type=font/woff2; crossOrigin=anonymous, </public/js/client.js>; rel=preload; as=script, </public/js/modules-main.js>; rel=preload; as=script,
strict-transport-security
max-age=31536000
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
13-287721909-287721912 NNNN CT(170 171 0) RT(1729286414203 42) q(0 0 3 0) r(10 10) U12

Redirect headers

Connection
keep-alive
Content-Length
283
Content-Type
text/html; charset=utf-8
Date
Fri, 18 Oct 2024 21:20:14 GMT
Location
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Server
nginx
X-Robots-Tag
noindex, nofollow
font-spark-icon-fill.woff2
be.synxis.com/public/js/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/public/js/font-spark-icon-fill.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721976 NNNN CT(175 175 0) RT(1729286414203 1115) q(0 0 3 -1) r(5 7) U2
cache-control
public, max-age=0
etag
W/"792c-191b6fb4c00"
x-cdn
Imperva
x-content-type-options
nosniff
accept-ranges
bytes
content-length
31020
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
font/woff2
last-modified
Tue, 03 Sep 2024 08:23:28 GMT
x-frame-options
SAMEORIGIN
font-spark-icon-line.woff2
be.synxis.com/public/js/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/public/js/font-spark-icon-line.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721978 NNNN CT(170 169 0) RT(1729286414203 1119) q(0 0 3 -1) r(5 7) U2
cache-control
public, max-age=0
etag
W/"9a0c-191b6fb4c00"
x-cdn
Imperva
x-content-type-options
nosniff
accept-ranges
bytes
content-length
39436
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
font/woff2
last-modified
Tue, 03 Sep 2024 08:23:28 GMT
x-frame-options
SAMEORIGIN
client.js
be.synxis.com/public/js/ 		3 MB
419 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/public/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
88604fce849b2caaddc6f743289c5c77f0b026f360a799d331f486f426e9cd47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721980 NNNN CT(170 170 0) RT(1729286414203 1121) q(0 0 3 -1) r(5 7) U2
cache-control
public, max-age=0
content-encoding
br
etag
W/"68c60-191b6fb4c00"
x-cdn
Imperva
x-content-type-options
nosniff
accept-ranges
bytes
content-length
429152
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Sep 2024 08:23:28 GMT
x-frame-options
SAMEORIGIN
modules-main.js
be.synxis.com/public/js/ 		3 MB
464 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/public/js/modules-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ef931918a971d8c9c7ec687833646e0f095d996b264bb09c092ff4da790ad596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721982 NNNN CT(173 173 0) RT(1729286414203 1123) q(0 0 3 -1) r(5 7) U2
cache-control
public, max-age=0
content-encoding
br
etag
W/"73cca-191b6fb4c00"
x-cdn
Imperva
x-content-type-options
nosniff
accept-ranges
bytes
content-length
474314
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Sep 2024 08:23:28 GMT
x-frame-options
SAMEORIGIN
o-Of-dready-beene-Banquo-Of-King-and-shall-now-I
be.synxis.com/ 		240 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/o-Of-dready-beene-Banquo-Of-King-and-shall-now-I
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5f3d5cb841300f7f7a3f9bfe10c205fcb06a1587885020005254f1034a4f3592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-287721909-0 0CNN RT(1729286414203 2193) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=124, public
content-encoding
gzip
etag
"55cc2b44"
x-cdn
Imperva
expires
Fri, 18 Oct 2024 21:22:20 GMT
content-length
80409
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
text/javascript
Raleway-Regular.ttf
be.synxis.com/shs-bedesigner-services/assets/chain/10237/hotel/53654/fileStorage/font/ 		174 KB
175 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/shs-bedesigner-services/assets/chain/10237/hotel/53654/fileStorage/font/Raleway-Regular.ttf
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-287721909-287721999 NNNN CT(175 177 0) RT(1729286414203 1256) q(0 0 4 -1) r(7 9) U12
access-control-max-age
3600
x-cdn
Imperva
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
via
1.1 google
access-control-allow-origin
https://be.synxis.com
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
application/x-font-ttf
vary
Origin
server
nginx
content-disposition
inline
Northwell.otf
be.synxis.com/shs-bedesigner-services/assets/chain/10237/hotel/53654/fileStorage/font/ 		372 KB
373 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/shs-bedesigner-services/assets/chain/10237/hotel/53654/fileStorage/font/Northwell.otf
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
e35104f1a05b82ceb2151127ad8ada2cc9702d25d48ee2eeb2dc26557b495ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-287721909-287721912 PNNN RT(1729286414203 1257) q(0 3 3 -1) r(8 8) U12
access-control-max-age
3600
x-cdn
Imperva
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
via
1.1 google
access-control-allow-origin
https://be.synxis.com
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
application/x-font-otf
vary
Origin
server
nginx
content-disposition
inline
gtm.js
www.googletagmanager.com/ 		376 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d4e88430beb4e9b7dc00b6284c05d51be10d8e65cdf30fc8694ae369acc9ba92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 21:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102674
x-xss-protection
0
server
Google Tag Manager
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
age
236682
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:35:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:35:34 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30399
x-xss-protection
0
server
sffe
ipreferMSG.js
be-cms-api.synxis.com/assets/chain/10237/fileStorage/tracking/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be-cms-api.synxis.com/assets/chain/10237/fileStorage/tracking/ipreferMSG.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.155.144 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
16e70f6d61ac503652fcdf56b17255323ddd0911df37ac66b1201e567503b4ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
8-149424008-149424016 NNYN CT(2 10 0) RT(1729286415854 66) q(0 0 0 6) r(2 2) U24
access-control-max-age
3600
content-encoding
gzip
x-cdn
Imperva
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:16 GMT
content-disposition
inline
content-type
application/javascript
js.aspx
twi.revinate.com/JavascriptPhoneNumber/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twi.revinate.com/JavascriptPhoneNumber/js.aspx?account=15030&jspass=3mg535j7e7n38e5nowkz&dflt=8669766894
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f600:0:e5a2:8c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
8c7fb6432892d002309b855cf9df4cc47ed3a8e595b8071d9b37c66015ec4b41
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
private
x-aspnet-version
4.0.30319
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
20820
x-amz-cf-id
I_HYQVnV1qLXMOJHWAIMnhjdh1A8jdjS72HJVJTno2kKLWhEBuqV0g==
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
text/javascript; charset=utf-8
x-powered-by
ASP.NET
x-amz-cf-pop
FRA60-P9
K2X4KDP
integration.flip.to/ 		2 KB
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://integration.flip.to/K2X4KDP
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ce2d50684fd0b9487ca2d9468532d4f68a8638c03ea96c77993cac817fab5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SameOrigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
cf-cache-status
HIT
age
24469
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 14:31:23 GMT
x-frame-options
SameOrigin
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=86400
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d4b924a5facdc4e-FRA
x-xss-protection
1; mode=block
server
cloudflare
conversion.js
www.googleadservices.com/pagead/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
f2c19a3d8895d7d23b633ded630a23d1f4936ceb4406653bae1d3a8bd61123f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
etag
17749235541420607595
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 21:20:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
20935
x-xss-protection
0
server
cafe
www.wigwamarizona.com_e5d9f818d55e887179b49fbe9f918a49.js
api.cartstack.com/js/customer-tracking/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cartstack.com/js/customer-tracking/www.wigwamarizona.com_e5d9f818d55e887179b49fbe9f918a49.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-127.fra60.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16 /
Resource Hash
01e8eff0acd3ef13254929a0cf292b1476e7c17770072876d4f963320da39ef6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
"18d3-5ead9e99cdae2-gzip"
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
expires
Sun, 17 Nov 2024 21:20:16 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
1186
x-amz-cf-id
65vlk7tYJJ4bxmQ691p_UztGOOS0YCZvO5HyXw82eipsTpOX8zevEQ==
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
application/javascript
last-modified
Wed, 12 Oct 2022 17:42:11 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16
x-amz-cf-pop
FRA60-P4
vary
Accept-Encoding
gs_noscript_110-45_en.gif
seal.globalsign.com/SiteSeal/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal.globalsign.com/SiteSeal/images/gs_noscript_110-45_en.gif
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f0baa2f585589b61492337c559286db0878134fe51795d9ba1cae33c87ea779f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

x-cache-status
HIT
etag
W/"1865-1712018860000"
age
2337
x-timer
S1729286416.185839,VS0,VE1
via
1.1 varnish
accept-ranges
bytes
x-cache
HIT
content-length
1865
date
Fri, 18 Oct 2024 21:20:16 GMT
last-modified
Tue, 02 Apr 2024 00:47:40 GMT
content-type
image/gif
x-served-by
cache-fra-etou8220109-FRA
x-cache-hits
1
gmogs_image_110-45_en_black.js
seal.globalsign.com/SiteSeal/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seal.globalsign.com/SiteSeal/gmogs_image_110-45_en_black.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e4a73c39901bb5ae743fa1329c30d10465b2486b263b853d6b43a80b35b9c179

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

x-cache-status
MISS
etag
W/"1652-1712018860000"
age
76
x-timer
S1729286416.185636,VS0,VE1
via
1.1 varnish
accept-ranges
bytes
x-cache
HIT
content-length
1652
date
Fri, 18 Oct 2024 21:20:16 GMT
last-modified
Tue, 02 Apr 2024 00:47:40 GMT
content-type
application/javascript
x-served-by
cache-fra-etou8220109-FRA
x-cache-hits
1
lif-logo-wh-120.png
storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/
Redirect Chain
  • https://gc.synxis.com/CHAIN/10237/IMAGES/SHELL/lif-logo-wh-120.png
  • https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/lif-logo-wh-120.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/lif-logo-wh-120.png
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Server
2a00:1450:4001:82f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b3a8f5fa3e0a8460c97e798085a261381174215dce32e2db0e78c8865fa56355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1520950372
x-goog-hash
crc32c=1FlI6A==, md5=/boJHX25awME5sjtMu+nMg==
etag
"fdba091d7db96b0304e6c8ed32efa732"
age
316
x-goog-stored-content-encoding
identity
expires
Fri, 18 Oct 2024 22:15:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3250
date
Fri, 18 Oct 2024 21:15:00 GMT
last-modified
Tue, 22 Feb 2022 12:14:41 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY13l8AUcaFWMEib71bXbpYrBxXHWTl0N_r_UAsjrYzBQlxB6DT0cOrKjAzQHjLd-jionh12kZFu3g
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1645532081233413
content-length
3250
content-language
en
server
UploadServer

Redirect headers

X-Iinfo
4-148947266-148942215 2NNN RT(1729286415806 56) q(0 0 0 0) r(1 1) U11
Location
https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/lif-logo-wh-120.png
X-CDN
Imperva
Via
1.1 google
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
215
Date
Fri, 18 Oct 2024 21:20:15 GMT
Content-Type
text/html; charset=UTF-8
X-Powered-By
ASP.NET
Server
hha-logo-wh-120.png
storage.googleapis.com/webimages-p1shrd/chain/56/images/shell/
Redirect Chain
  • https://gc.synxis.com/CHAIN/56/IMAGES/SHELL/hha-logo-wh-120.png
  • https://storage.googleapis.com/webimages-p1shrd/chain/56/images/shell/hha-logo-wh-120.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/webimages-p1shrd/chain/56/images/shell/hha-logo-wh-120.png
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Server
2a00:1450:4001:82f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
65b3685f49bf4270427bcd8f45548e05faaa992a6262e98b25ff2364da189d60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1453305205
x-goog-hash
crc32c=pQOzLg==, md5=+3RY/+M+0HsUCDUfKiRT7Q==
etag
"fb7458ffe33ed07b1408351f2a2453ed"
age
0
x-goog-stored-content-encoding
identity
expires
Fri, 18 Oct 2024 22:20:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6132
date
Fri, 18 Oct 2024 21:20:16 GMT
last-modified
Tue, 22 Feb 2022 12:57:44 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY1-UiDhXQcaGqf7cIl1nHZ0F8pV7i9yH_gkuKeF0zFBttfNzvfDbM4Qw79FRvRbxv0ZGjnXGHwAZw
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1645534664019680
content-length
6132
content-language
en
server
UploadServer

Redirect headers

X-Iinfo
1-88900346-88886712 2NNN RT(1729286415804 50) q(0 0 0 0) r(1 1) U11
Location
https://storage.googleapis.com/webimages-p1shrd/chain/56/images/shell/hha-logo-wh-120.png
X-CDN
Imperva
Via
1.1 google
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
212
Date
Fri, 18 Oct 2024 21:20:16 GMT
Content-Type
text/html; charset=UTF-8
X-Powered-By
ASP.NET
Server
iprefer_white2_120.png
storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/
Redirect Chain
  • https://gc.synxis.com/CHAIN/10237/IMAGES/SHELL/iprefer_white2_120.png
  • https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/iprefer_white2_120.png
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/iprefer_white2_120.png
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Server
2a00:1450:4001:82f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1f615645150521b8d95414b87467cd53e31af5049d8b0a3a795273bc6d62936b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1516920183
x-goog-hash
crc32c=Be3MKQ==, md5=bTjPM72Uwr6dKJXLAq7dAQ==
etag
"6d38cf33bd94c2be9d2895cb02aedd01"
age
1228
x-goog-stored-content-encoding
identity
expires
Fri, 18 Oct 2024 21:59:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
4552
date
Fri, 18 Oct 2024 20:59:49 GMT
last-modified
Tue, 22 Feb 2022 12:14:40 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY1IWchBHXMIF_zA6vf7CDhb7KHtc1mUEu2ZDZf5xld_2ttxHz07d2T2qFTjuk7U4Y0fWcuehpx_tQ
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1645532080128428
content-length
4552
content-language
en
server
UploadServer

Redirect headers

X-Iinfo
4-148947266-148942215 2NNN RT(1729286415806 652) q(0 0 0 -1) r(1 1) U11
Location
https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/iprefer_white2_120.png
X-CDN
Imperva
Via
1.1 google
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
218
Date
Fri, 18 Oct 2024 21:20:17 GMT
Content-Type
text/html; charset=UTF-8
X-Powered-By
ASP.NET
Server
gtm.js
www.googletagmanager.com/ 		363 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53XCXJ
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b69eab8a828deb1b7454a2dc44de901484a2cb4c34772e0ec83f6a45a0cfa769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 21:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
115703
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		335 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVVCZ8
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ebe235a2321fa755c67c729d86d0e6580edda2f0a6990a07647d79da0cdb3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 21:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110971
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		330 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PQ78LTX
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6b033cb9e7286b9fee591e65e43c240058b72d17c185d335ac025a8aed13f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 21:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109289
x-xss-protection
0
server
Google Tag Manager
bootstrap.js
onboard.triptease.io/bootstrap/v8466.119522/
Redirect Chain
  • https://onboard.triptease.io/bootstrap.js?integrationId=01DFTF0DHFPCVRG4RKEX7R7FHN
  • https://onboard.triptease.io/bootstrap/v8466.119522/bootstrap.js
132 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/bootstrap/v8466.119522/bootstrap.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Server
2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
487848b702f281f7aef585a67570e59e024864fadcc20cab75d72651ad8e5f05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

x-goog-meta-build-version
8466.119522
x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=Hfl+hg==, md5=NPYAKSKqVhaQJfk9Uhy6MA==
cf-cache-status
HIT
etag
W/"34f6002922aa56169025f93d521cba30"
age
15800
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Sat, 18 Oct 2025 16:56:57 GMT
x-goog-meta-git-hash
10a673166c87ab6c4a7147733bbb8c5adce33eac
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
134732
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 2024 16:50:38 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3AvqmqH1jVLe9js0k2XBt3qJu2tLHc_sBEEoxp8ZdVX1Bv26wapX_0UDRAEy-wf5kvTlg
strict-transport-security
max-age=15552000
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d4b924b1a3f9150-FRA
access-control-allow-origin
*
x-goog-generation
1729270238235837
server
cloudflare

Redirect headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=600
location
https://onboard.triptease.io/bootstrap/v8466.119522/bootstrap.js
cf-ray
8d4b924aca069150-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
64
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
/
www.gatag.it/ 		0
0
fbds.js
connect.facebook.net/en_US/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
861a408b98b9f2525b2d58065162f747f675305e9ec73169295ef375d192bb91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-md5
OMmVrDs/e1D57pRFpmAtoA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"0e0895b31cfbc7f0c1027b4d6261b081"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 21:30:34 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
b77bfb7958c1c8ceddd6f46089b21540
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4457, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
g5yaegHJU9bapgGOqLfE1jgIyRGeP8wRwnqtDT53P951w6j8ChY38abltTj3tnZBE/AZG94PLEtfvTKMWjvWiw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
2182
origin-agent-cluster
?1
/
www.googleadservices.com/pagead/conversion/937041120/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/937041120/?random=1729286416942&cv=9&fst=1729286416942&num=1&label=aPmICMjMh2IQ4LnovgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
542419831fe050633897e5104ae835d24a046a8bb0a4982c55d3a85f17bfdf8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2601
date
Fri, 18 Oct 2024 21:20:16 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
cartstack_utility.js
api.cartstack.com/js/ 		75 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cartstack.com/js/cartstack_utility.js
Requested by
Host: api.cartstack.com
URL: https://api.cartstack.com/js/customer-tracking/www.wigwamarizona.com_e5d9f818d55e887179b49fbe9f918a49.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-127.fra60.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16 /
Resource Hash
56afe9a4247dfc80d83baefd9c520cf6f4874dc98a9c06ba259e1506607ac6f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
etag
"12a47-6227bd055f8c9-gzip"
age
2521218
expires
Sat, 19 Oct 2024 16:59:58 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
yg5HkcD3ijpZQJA8sjLO4FPZj_iBbhoBvO2ZFp_GuYtZWd_WAyH9lA==
date
Thu, 19 Sep 2024 16:59:58 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 16:57:11 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
15555
x-amz-cf-pop
FRA60-P4
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16
gtm.js
www.googletagmanager.com/ 		357 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MS8FTDSQ
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6135042f90b50f6e948c2080a2dbceb8214c1e0695b47ef0c91fcafeb1f08bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 21:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111562
x-xss-protection
0
server
Google Tag Manager
up.js
tag.uplift.com/external/ 		144 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.uplift.com/external/up.js?upcode=UP-93927779-1
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
ce0bcafa52089b085d47486f507cc84a53481d9134d922512c45f107c52df557
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31622400; includeSubdomains
x-amzn-remapped-content-length
147628
cache-control
private, max-age=60
x-duration-seconds
0.0498204
x-amz-apigw-id
f3WaxGBKPHcEdQw=
x-amzn-trace-id
Root=1-6712d111-2e573bc77f6ce0260e9e16d2;Parent=49d439d951cd1102;Sampled=0;Lineage=1:241e43e1:0
x-amzn-requestid
7a0de56c-7245-48a1-af60-d2e6d66c45d8
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
147628
x-amz-cf-id
3TmcwJX0sgiouKL8QKE1yW2VSW0Hyo_uuUaKCYslSrQGplXOtiOxww==
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
text/javascript;charset=utf-8; charset=utf-8
x-amz-cf-pop
FRA56-P2
siteSeal.do
ssif1.globalsign.com/SiteSeal/siteSeal/siteSeal/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssif1.globalsign.com/SiteSeal/siteSeal/siteSeal/siteSeal.do?p1=be.synxis.com&p2=SZ110-45&p3=image&p4=en&p5=V0021&p6=S001&p7=https
Requested by
Host: seal.globalsign.com
URL: https://seal.globalsign.com/SiteSeal/gmogs_image_110-45_en_black.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
924c72cc5f9c730be0aeaa2a7730e05d4d3f0d9042a22584090f2c1a38f56cbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

x-cache-status
MISS
x-timer
S1729286417.098693,VS0,VE1032
via
1.1 varnish
accept-ranges
bytes
x-cache
MISS
content-length
6971
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
text/javascript;charset=UTF-8
x-served-by
cache-fra-etou8220109-FRA
x-cache-hits
0
wigwam-logo.png
be-cms-api-p1.synxis.com/shs-bedesigner-services/assets/chain/10237/hotel/53654/fileStorage/image/ 		101 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://be-cms-api-p1.synxis.com/shs-bedesigner-services/assets/chain/10237/hotel/53654/fileStorage/image/wigwam-logo.png
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.108 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
414060581c406a4d66fac71cdd93122b6b65b0af81bd6c0dbc4559efee6c2a43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

Transfer-Encoding
chunked
X-Iinfo
7-73603804-73603808 NNNN CT(2 11 0) RT(1729286416318 47) q(0 0 0 0) r(2 2) U24
Access-Control-Max-Age
3600
X-CDN
Imperva
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Via
1.1 google
Access-Control-Allow-Origin
*
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date
Fri, 18 Oct 2024 21:20:17 GMT
Content-Disposition
inline
Content-Type
image/png
/
www.google.de/pagead/1p-conversion/937041120/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937041120/?random=715253286&cv=9&fst=1729286416942&num=1&label=aPmICMjMh2IQ4LnovgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid...
  • https://www.google.com/pagead/1p-conversion/937041120/?random=715253286&cv=9&fst=1729286416942&num=1&label=aPmICMjMh2IQ4LnovgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C46646592...
  • https://www.google.de/pagead/1p-conversion/937041120/?random=715253286&cv=9&fst=1729286416942&num=1&label=aPmICMjMh2IQ4LnovgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/937041120/?random=715253286&cv=9&fst=1729286416942&num=1&label=aPmICMjMh2IQ4LnovgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&capi=1&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIyt_l9O2YiQMVGNkRCB3LbBHWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2JlLnN5bnhpcy5jb20v&is_vtc=1&cid=CAQSGwDpaXnfMpq1ZSEgjltRFle5MM6g1rsN2ASZbg&random=419714322&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 18 Oct 2024 21:20:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/937041120/?random=715253286&cv=9&fst=1729286416942&num=1&label=aPmICMjMh2IQ4LnovgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&capi=1&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIyt_l9O2YiQMVGNkRCB3LbBHWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2JlLnN5bnhpcy5jb20v&is_vtc=1&cid=CAQSGwDpaXnfMpq1ZSEgjltRFle5MM6g1rsN2ASZbg&random=419714322&resp=GooglemKTybQhCsO&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 18 Oct 2024 21:20:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=null&ev=6023148677895&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&rl=&if=false&ts=1729286417018&cd[value]=&cd[currency]=USD
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1328, tbw=2901, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
text/plain
server
proxygen-bolt
gtm.js
www.googletagmanager.com/ 		316 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K2X4KDP&l=fliptoDataLayer
Requested by
Host: integration.flip.to
URL: https://integration.flip.to/K2X4KDP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ecb7411cc730e77e362b0a0a695ec92d7767fb59759df145d7a8b46cd694a76a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 21:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97926
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin&scrsrc=www.googletagmanager.com&frm=0&rnd=1215702095.1729286417&auid=1839985294.1729286417&npa=1&gtm=45He4ah0v831174218za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685&tft=1729286417249&tfd=3296&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ78LTX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers
js
www.googletagmanager.com/gtag/ 		297 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PKJPZC4PZZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ78LTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a30ab0298785c31432b68d9121ae8eea42583e220bf307638602c2bb5608c98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 21:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101412
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		276 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-628855339&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ78LTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a20b3c301c2e72560096ec44bf3fdbf53b5aaf055b06501d3cb5c0d16ff9df03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 18 Oct 2024 21:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97099
x-xss-protection
0
server
Google Tag Manager
xxxxxxxx
www.clarity.ms/tag/ 		0
163 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/xxxxxxxx?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS8FTDSQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-cache
CONFIG_NOCACHE
date
Fri, 18 Oct 2024 21:20:17 GMT
x-azure-ref
20241018T212017Z-er1787bdbf4qdx7dyyx43acr1c00000002eg00000000f43x
destination
www.googletagmanager.com/gtag/ 		249 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-969611418&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS8FTDSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f36e0382a3b650b5cd7664c64fffd18f829a77616b61a69a856ab3ffa57f1aaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 18 Oct 2024 21:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90416
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		227 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS8FTDSQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=27, mss=1232, tbw=9809, tp=16, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
jzFFw7qp6783U2mfGPlwxRzNr7tg7P+6BJuzwy0uEpS4qtfrvexOaNdUjv6kAlkj9RSEEiActyDjbRlRAJDp3Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59352
x-xss-protection
0
origin-agent-cluster
?1
kernel-host.html
onboard.triptease.io/kernel/v8466.119522/ Frame E8AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/kernel/v8466.119522/kernel-host.html?originHost=be.synxis.com
Requested by
Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DFTF0DHFPCVRG4RKEX7R7FHN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://be.synxis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Type
age
15539
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
8d4b924e49e9a1af-SIN
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 18 Oct 2024 21:20:17 GMT
expires
Sat, 18 Oct 2025 16:57:22 GMT
last-modified
Fri, 18 Oct 2024 16:50:28 GMT
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-goog-generation
1729270228575653
x-goog-hash
crc32c=DEZ13A== md5=fzwC1bu5gbpWG4Z3kvg6EA==
x-goog-meta-build-version
8466.119522
x-goog-meta-git-hash
10a673166c87ab6c4a7147733bbb8c5adce33eac
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
63095
x-guploader-uploadid
AHmUCY1ONRUXhC-4Hzb84Jl2F2ez0F4Jk07WEX5cC8IgEiuciXy8BH8MyitePDURzuP89gv7pDg
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVVCZ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
age
6608
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 21:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
destination
www.googletagmanager.com/gtag/ 		238 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-958661020&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVVCZ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2bf07779ae8d52d387656472cf6914536bfe9e0265ca26bcbbd7649f042a2e05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 18 Oct 2024 21:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
87431
x-xss-protection
0
server
Google Tag Manager
navis-fusion-loader.js
assets.navisperformance.com/NWRC/Fusion/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6800:16:3eaa:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37a7918f1596d21356e4fba56ae52f2099325c3fc04d6b195358f9cc666f681e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
YBr8SRJCzRKJ8ZhphEqzZ4HNkEzVdCx_
etag
W/"cc9d6a022deff35e3282ef6ab843f37f"
age
60263
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
NWbPwAg4bj2bk49jjqHU2cS2j6D5Esniq4X65ZN1PnkWfAoyjF-qrQ==
date
Fri, 18 Oct 2024 05:40:10 GMT
content-type
application/javascript
last-modified
Thu, 03 Sep 2020 23:26:09 GMT
vary
Accept-Encoding,Access-Control-Request-Headers
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P3
server
AmazonS3
hotel_price_widget.js
www.thehotelsnetwork.com/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53XCXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-70.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6d70e331bb5d0a542b5ae1105efc2b1ee3b7596d96f1eaf84ce78cfdf7b60104
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
content-encoding
gzip
age
25
access-control-allow-credentials
true
via
1.1 5d59ec457bae9e2b9df45a357eeeffd2.cloudfront.net (CloudFront)
access-control-allow-origin
https://be.synxis.com
x-cache
Hit from cloudfront
x-amz-cf-id
avzQ6xTQO5y2DTJO-wJQgc_gmDdZO9-O8AiczjzknTaLpohpp7sc7w==
date
Fri, 18 Oct 2024 21:19:52 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding,Accept-Encoding
server
nginx
x-amz-cf-pop
FRA56-P10
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:17 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=gtm.init&eid=0&h=Ag&z=0
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:17 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=*&eid=1&u=AAAAAAAI&ut=Ag&h=Ag&hf=0__html&ht=p__html&tr=1gclidw.1ua.1fsl.1cl.1lcl.1fsl.1lcl.1html&ti=1gclidw.1ua.2fsl.2cl.2lcl.2fsl.2lcl.2html&z=0
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:17 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=gtm.dom&eid=8&u=AAAAAAAI&ut=Ag&h=Ag&z=0
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:17 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=gtm.dom&eid=161&u=AAAAAAAI&ut=Ag&h=Ag&z=0
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:17 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
sw_iframe.html
www.googletagmanager.com/static/service_worker/4a90/ Frame AE88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4a90/sw_iframe.html?origin=https%3A%2F%2Fbe.synxis.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53XCXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
265387
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Oct 2024 19:37:10 GMT
expires
Wed, 15 Oct 2025 19:37:10 GMT
last-modified
Wed, 09 Oct 2024 09:08:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1774710772856668
connect.facebook.net/signals/config/ 		77 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1774710772856668?v=2.9.172&r=stable&domain=be.synxis.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d17343b9333952610ec116f4a49f2cdae787caa0de3fc95ffc102c27d96dd3bf
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=61, mss=1232, tbw=71233, tp=69, tpl=0, uplat=171, ullat=0
pragma
public
x-fb-debug
vNwDjr1S4Q3/FVBIZaPwfWP0l7L+chmoDIMLAc/SjJhEpOwZLiiiJ35s5HMmNKPqu9B2e4yO33SbsLswOzFKNg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PKJPZC4PZZ&gtm=45je4ah0v890679680z8831174218za200zb831174218&_p=1729286416013&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&cid=1940942283.1729286417&ecid=1270359173&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&sid=1729286417&sct=1&seg=0&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3517
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PKJPZC4PZZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://be.synxis.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
552 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PKJPZC4PZZ&cid=1940942283.1729286417&gtm=45je4ah0v890679680z8831174218za200zb831174218&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PKJPZC4PZZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://be.synxis.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PKJPZC4PZZ&cid=1940942283.1729286417&gtm=45je4ah0v890679680z8831174218za200zb831174218&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685&tag_exp=101686685&z=2070431622
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 18 Oct 2024 21:20:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ftsa.js
cdn.flip.to/public/ 		50 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flip.to/public/ftsa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2X4KDP&l=fliptoDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af746a2ae180923dc94da9db2f48abaa8dae92d2efcba4afe1e92b53de817a2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-md5
aXEVazttxROaibXZ9EAhzA==
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DC896E01590A40
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
2451
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript
last-modified
Mon, 10 Jun 2024 16:54:34 GMT
vary
Accept-Encoding
x-ms-request-id
8e851b54-a01e-005e-78d8-1f2e0f000000
cf-ray
8d4b924def9edc4e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
22125
x-ms-blob-type
BlockBlob
server
cloudflare
publisher:getClientId
ampcid.google.com/v1/ 		74 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://be.synxis.com/

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://be.synxis.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
date
Fri, 18 Oct 2024 21:20:17 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?ctid=GTM-53XCXJ&t=s&si=235&m=0&iss=4&sid=7735972568789823&cc=1&tl=1&hc=1&cl=0&pid=386955165&bc=1
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:17 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
discovery.json
assets.navisperformance.com/NWRC/Fusion/ 		61 B
553 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.navisperformance.com/NWRC/Fusion/discovery.json
Requested by
Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6800:16:3eaa:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d2071d21c7728e75e882a3240e59f7e175809de3296ca06cdd14273e84d6684

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

access-control-max-age
3000
x-amz-version-id
7tcDAQ7c5ivWOL6SzEdqjJeDxOoT5c_Z
etag
"abb936b7e075c6e92be7f68866771f0f"
age
74532
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
kqHgZvCzoImKB7iR1s18Rc2MXEG2cta0Tl5H6AW4TUi_kEY3n4t1Zw==
date
Fri, 18 Oct 2024 00:38:06 GMT
content-type
application/json
last-modified
Mon, 24 Aug 2020 19:13:13 GMT
vary
Accept-Encoding,Access-Control-Request-Headers
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
61
x-amz-cf-pop
FRA60-P3
server
AmazonS3
o-Of-dready-beene-Banquo-Of-King-and-shall-now-I
be.synxis.com/ 		733 B
878 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/o-Of-dready-beene-Banquo-Of-King-and-shall-now-I?d=be.synxis.com
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/o-Of-dready-beene-Banquo-Of-King-and-shall-now-I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
bon /
Resource Hash
0f248c6165ca0a6a95223dd7ecaa958dacd3a2d1a9a5094aa93af0de65fde3d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json; charset=utf-8
Content-Type
text/plain; charset=utf-8

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-287721909-287722179 NNYN CT(18 9 0) RT(1729286414203 2900) q(0 0 0 -1) r(0 0) U6
cache-control
no-cache, no-store
content-encoding
gzip
x-cdn
Imperva
server-timing
bon, total;dur=11.049463000000001
access-control-allow-origin
*
date
Fri, 18 Oct 2024 21:20:16 GMT
content-type
application/json
server
bon
get_loader_data
www.thehotelsnetwork.com/ 		118 B
556 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/get_loader_data?partnership_id=6
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-70.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
63f25809ec0e6a52c2edc1e3ec42669659c5d4f35ff7b224dbd1622824d0129e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 5d59ec457bae9e2b9df45a357eeeffd2.cloudfront.net (CloudFront)
access-control-allow-origin
https://be.synxis.com
x-cache
Miss from cloudfront
x-amz-cf-id
p6nJZPb0U9-4xyOeXmIDCr7DWvFDv-8JMARsFc3T1RgJCO2sKpxUTQ==
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
server
nginx
x-amz-cf-pop
FRA56-P10
bw4
sa.flip.to/flip/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sa.flip.to/flip/bw4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://be.synxis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://be.synxis.com
access-control-max-age
600
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d4b924edb9b1c38-FRA
content-length
0
date
Fri, 18 Oct 2024 21:20:17 GMT
server
cloudflare
via
1.1 google
bw4
sa.flip.to/flip/ 		2 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sa.flip.to/flip/bw4
Requested by
Host: cdn.flip.to
URL: https://cdn.flip.to/public/ftsa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://be.synxis.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
via
1.1 google
cf-ray
8d4b924f5c7adc54-FRA
access-control-allow-origin
https://be.synxis.com
alt-svc
h3=":443"; ma=86400
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
147655379176114
connect.facebook.net/signals/config/ 		24 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/147655379176114?v=2.9.172&r=stable&domain=be.synxis.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C133%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C125%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C113%2C127
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fa28a930751c3124bcfaae3a7162f129c961eeedddd32e4f89bcb70da5d9518d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=74, mss=1232, tbw=87201, tp=85, tpl=0, uplat=198, ullat=0
pragma
public
x-fb-debug
yf35ibHRCDvmP/0P4FxpdpLxuV67jPw8VjoYDvgt/NyFGRBNJxIzUoPvlQawRVS7L/3GYNg7Gz9Zw+K14IDwcw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1774710772856668&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&rl=&if=false&ts=1729286417668&sw=1600&sh=1200&v=2.9.172&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1729286417667.564302007498387275&cs_est=true&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&tm=1&rqm=GET
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=10, mss=1328, tbw=3267, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1774710772856668&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&rl=&if=false&ts=1729286417668&sw=1600&sh=1200&v=2.9.172&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1729286417667.564302007498387275&cs_est=true&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&tm=1&rqm=FGET
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228606651982176"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228606651982176"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
LEK31ofE3YcSLy9FH/ijOX+4JGiYybT9OMVcjZsVisH5+yvz71RX0vts9paoRNSTu2BB/e5s3QKQCh+hjl4d+A==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7427228606651982176", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=10, mss=1328, tbw=3414, tp=-1, tpl=-1, uplat=159, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
getFusionConfig
fusion-api.navisperformance.com/fusion-config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fusion-api.navisperformance.com/fusion-config/getFusionConfig?account=15030&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.236.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-236-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
secret
Access-Control-Request-Method
GET
Origin
https://be.synxis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, x-requested-with, secret
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://be.synxis.com
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 18 Oct 2024 21:20:18 GMT
requestguid
fc03189d-1feb-4482-bd44-156bbec7620e
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
getFusionConfig
fusion-api.navisperformance.com/fusion-config/ 		547 B
913 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fusion-api.navisperformance.com/fusion-config/getFusionConfig?account=15030&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202
Requested by
Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.236.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-236-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
fa1e29a5bed7ff4d26c852afa13b97e6b862d3cb12fe194eb691e69e307b3f89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
secret
3mg535j7e7n38e5nowkz
Referer
https://be.synxis.com/

Response headers

access-control-allow-headers
origin, content-type, accept, x-requested-with, secret
requestguid
fd4f29ac-ff59-47a8-8343-b60b8e5c070a
access-control-allow-origin
https://be.synxis.com
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
index.min.js
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 		273 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=e0d8256a
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-70.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f51a7084acc232699aae89df1b43c617dc73f1ebe12db9b6258965ec0946e969
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
etag
W/"67122cc6-444f5"
age
2191
expires
Sat, 18 Oct 2025 20:43:46 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
wizr8hjK-0Z5YK5ZjUUg6aqGkkIZqdfPKdVyRjx6DivOyzU_bhTI4g==
date
Fri, 18 Oct 2024 20:43:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 2024 09:39:18 GMT
vary
Accept-Encoding,Accept-Encoding,Origin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
max-age=31536000, public
via
1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P10
server
nginx
reports
be.synxis.com/ 		6 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/reports?hid=53654&cid=10237&sid=z1TBwoiydli-LejpZM4m6if9
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
35d345a82fe5820a332ca49dae3f60884be182e388fbc55674aa685fc7d741bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721912 PNYN RT(1729286414203 3027) q(0 0 0 -1) r(2 2) U6
content-encoding
gzip
etag
W/"1689-QG2nnWmH+N22t5VsWsVuKCUPcz8"
x-cdn
Imperva
x-content-type-options
nosniff
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
publisher:getClientId
ampcid.google.de/v1/ 		0
0
bw4
sa.flip.to/flip/ 		2 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sa.flip.to/flip/bw4
Requested by
Host: cdn.flip.to
URL: https://cdn.flip.to/public/ftsa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://be.synxis.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
via
1.1 google
cf-ray
8d4b924fbd3bdc54-FRA
access-control-allow-origin
https://be.synxis.com
alt-svc
h3=":443"; ma=86400
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
/
www.thehotelsnetwork.com/sjs/@thehotelsnetwork/agent-partnerships@latest&bundle/ 		559 B
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/sjs/@thehotelsnetwork/agent-partnerships@latest&bundle/
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=e0d8256a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-70.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
cc473589d9a1e22c1fc122b38150b771cdc9954f1e6c299d6dc689e52c7d86f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=600
content-encoding
br
age
7
x-forwarded-for
93.234.188.10, 64.252.87.58
via
1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
fOPOBPsFSYJ8t1jQvcqq-JJy_kZWjS7bz7v0hnXepaYaJ-TayeGWzg==
date
Fri, 18 Oct 2024 21:20:10 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
FRA56-P10
6
www.thehotelsnetwork.com/sjs/@thehotelsnetwork/agent-partnerships@latest&bundle/ 		518 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/sjs/@thehotelsnetwork/agent-partnerships@latest&bundle/6
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-70.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
401b539c399a729da4612b645dcb692500765e575339874d0ade6b5aaecf5819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=600
content-encoding
br
x-forwarded-for
217.114.215.132, 64.252.89.127
via
1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
access-control-allow-origin
*
server-timing
cache-acquire;dur=0,cache-read;dur=0.3,cache-acquire;desc="redirect-fastpath > cache-acquire";dur=0,cache-read;desc="redirect-fastpath > cache-read";dur=0.5,redirect-fastpath;dur=0.9,total;dur=1.7,cache-hit,cache-hit;desc="redirect-fastpath > cache-hit"
x-cache
Miss from cloudfront
x-amz-cf-id
2Z-SLqzzzKJALNcI4zNQjHYP7FpSmudPL6BCEAqKSb1UVL6ybZ3q2A==
date
Fri, 18 Oct 2024 21:20:17 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
FRA56-P10
vendors-en.js
be.synxis.com/public/js/ 		43 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/public/js/vendors-en.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8792c14790b1e2e6fb67b6cd6556ca32f6ff4c7bd19b9db56a4ff099d83395d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721912 PNNN RT(1729286414203 3337) q(0 0 0 -1) r(2 2) U2
cache-control
public, max-age=0
content-encoding
br
etag
W/"111d-191b6fb4c00"
x-cdn
Imperva
x-content-type-options
nosniff
accept-ranges
bytes
content-length
4381
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Sep 2024 08:23:28 GMT
x-frame-options
SAMEORIGIN
index.html
cdn.uplift.com/client/modal/v2/2.2.4/ Frame C8F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.uplift.com/client/modal/v2/2.2.4/index.html?origin=https%3A%2F%2Fbe.synxis.com&channel=up-6654-4d6d-1282-4826-45636fc9d0e5
Requested by
Host: tag.uplift.com
URL: https://tag.uplift.com/external/up.js?upcode=UP-93927779-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:a200:1:5bd4:31c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://be.synxis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
65817
content-encoding
gzip
content-type
text/html
date
Fri, 18 Oct 2024 03:03:22 GMT
etag
W/"c086920ee88306cee99ef8f7fec202e5"
last-modified
Tue, 02 Jul 2024 17:14:52 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
x-amz-cf-id
XoThC0NpLKybj7Dm3oYn3xD7QmqTwLol_yTK_AySDK38JJ28evyVUQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
NTdDraWuuHMzbv95XVSklPBu2pg.YB5p
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1774710772856668&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&rl=&if=false&ts=1729286418158&sw=1600&sh=1200&v=2.9.172&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1729286417667.564302007498387275&cs_est=true&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&rqm=GET
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4601, tp=12, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1774710772856668&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&rl=&if=false&ts=1729286418158&sw=1600&sh=1200&v=2.9.172&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1729286417667.564302007498387275&cs_est=true&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&rqm=FGET
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228610928962399"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228610928962399"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
LmPyAul5Pkuy5WDSqTpY8WMK5Q+Znmgvzr6Eq2hgmGxKR2Ams0t4SI+g7nYW5h9vYZogL/c+lfTBi+3p8DeJhA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7427228610928962399", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=24, mss=1232, tbw=5161, tp=17, tpl=0, uplat=117, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=147655379176114&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&rl=&if=false&ts=1729286418158&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729286417667.564302007498387275&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&rqm=GET
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4921, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=147655379176114&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3F_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2021-11-22%26chain%3D10237%26child%3D0%25c2%25a4cy%3DUSD%26depart%3D2021-11-23%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26NCK%3D8442440202&rl=&if=false&ts=1729286418158&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729286417667.564302007498387275&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&rqm=FGET
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228611848675280"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228611848675280"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7b65350ef814fb43","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["3047019825406587"]},"debug_reporting":true,"debug_key":"2869820035840657615"}
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
fKpnuj9yBrzjzeLSnWO/p1i2fkoA5hYiEBY0F0lk2KPOxuuiRO1BShZ5PeXNjEEDmkwEghsNt+X+ZTKPFxUkAw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7427228611848675280", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=24, mss=1232, tbw=8217, tp=20, tpl=0, uplat=137, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
6.bundle.js
www.thehotelsnetwork.com/sjs/v135/@thehotelsnetwork/agent-partnerships@2.6.3/es2022/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/sjs/v135/@thehotelsnetwork/agent-partnerships@2.6.3/es2022/6.bundle.js
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-70.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1b57bf36dc0819373a3925d52546107522f8543938dbd2ebaf723e753b4886aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/

Response headers

content-encoding
br
age
41026
x-forwarded-for
193.19.254.40, 64.252.87.9
x-cache
Hit from cloudfront
x-amz-cf-id
f51jub8IMFx3mXDCjt4pk9HYH1ufCkL7ZraEoUEs-uVbXLoE1xmKDw==
date
Fri, 18 Oct 2024 09:56:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 2024 09:48:08 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=31536000, immutable
via
1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
693
x-amz-cf-pop
FRA56-P10
server
nginx
siteSealImage.do
ssif1.globalsign.com/SiteSeal/siteSeal/siteSeal/ 		117 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssif1.globalsign.com/SiteSeal/siteSeal/siteSeal/siteSealImage.do?p1=be.synxis.com&p2=SZ110-45&p3=image&p4=en&p5=V0021&p6=S001&p7=https&deterDn=
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57b1270f49b4ae74b0f86f2bc05c5395fabd2315464ef6983bfbb077f00be10a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

x-cache-status
MISS
x-timer
S1729286418.179625,VS0,VE946
via
1.1 varnish
accept-ranges
bytes
x-cache
MISS
content-length
117
date
Fri, 18 Oct 2024 21:20:19 GMT
content-type
image/gif
x-served-by
cache-fra-etou8220109-FRA
x-cache-hits
0
get_hotel_property_rel
www.thehotelsnetwork.com/ 		32 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.thehotelsnetwork.com/get_hotel_property_rel?partnership_id=6&partnership_hotel_id=53654
Requested by
Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=e0d8256a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-70.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1506c80eb411afef8b09df3fb0f6701c617f081139d6356dbe0114e32c2e91d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
access-control-allow-origin
https://be.synxis.com
x-cache
Miss from cloudfront
x-amz-cf-id
G5injlRSDbnRtVVFwSPqY-8v-z-cwQ0QAi7dZzbTtr3l69_Va-y0aA==
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
server
nginx
x-amz-cf-pop
FRA56-P10
85.js
be.synxis.com/public/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/public/js/85.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
96e375c0d047ed434d3785e684e128b89304d6118b783837c2f4f2805d7fcd5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721912 PNNN RT(1729286414203 3575) q(0 0 0 -1) r(2 2) U2
cache-control
public, max-age=0
content-encoding
br
etag
W/"1576-191b6fb4c00"
x-cdn
Imperva
x-content-type-options
nosniff
accept-ranges
bytes
content-length
5494
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Sep 2024 08:23:28 GMT
x-frame-options
SAMEORIGIN
font-spark-icon-line.woff2
be.synxis.com/public/js/ 		39 KB
95 B 		Font
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/public/js/font-spark-icon-line.woff2
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721982 PNNN RT(1729286414203 3607) q(0 0 0 -1) r(1 1) U2
cache-control
public, max-age=0
etag
W/"9a0c-191b6fb4c00"
x-cdn
Imperva
x-content-type-options
nosniff
accept-ranges
bytes
content-length
39436
date
Fri, 18 Oct 2024 21:20:18 GMT
last-modified
Tue, 03 Sep 2024 08:23:28 GMT
content-type
font/woff2
x-frame-options
SAMEORIGIN
bw4
sa.flip.to/flip/ 		2 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sa.flip.to/flip/bw4
Requested by
Host: cdn.flip.to
URL: https://cdn.flip.to/public/ftsa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://be.synxis.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
via
1.1 google
cf-ray
8d4b9252ccc8dc54-FRA
access-control-allow-origin
https://be.synxis.com
alt-svc
h3=":443"; ma=86400
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1774710772856668&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&rl=&if=false&ts=1729286418354&sw=1600&sh=1200&v=2.9.172&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=12318&fbp=fb.1.1729286417667.564302007498387275&cs_est=true&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&rqm=GET
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=24, mss=1232, tbw=9769, tp=27, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1774710772856668&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&rl=&if=false&ts=1729286418354&sw=1600&sh=1200&v=2.9.172&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=12318&fbp=fb.1.1729286417667.564302007498387275&cs_est=true&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&rqm=FGET
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228611746256684"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228611746256684"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
LWNYsLfIF7rSEdDHioLBxqbEJ8Glv9IazYFNqbXPRCSZvWXINipBEan6gCjsfJcMOSD8Uam5xp5VCTjY3MIkDA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7427228611746256684", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=6, c=28, mss=1232, tbw=14553, tp=36, tpl=6, uplat=119, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=147655379176114&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&rl=&if=false&ts=1729286418354&sw=1600&sh=1200&v=2.9.172&r=stable&ec=1&o=12318&fbp=fb.1.1729286417667.564302007498387275&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&rqm=GET
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=24, mss=1232, tbw=9961, tp=29, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=147655379176114&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&rl=&if=false&ts=1729286418354&sw=1600&sh=1200&v=2.9.172&r=stable&ec=1&o=12318&fbp=fb.1.1729286417667.564302007498387275&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&rqm=FGET
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228611235905597"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228611235905597"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7b65350ef814fb43","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["3047019825406587"]},"debug_reporting":true,"debug_key":"3724348307116243257"}
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
7UcoWTN0+ID+erPQEN/8bFdG9B9aBZEygzSmfQzrCgrWsJk6SOMCWNr/p1J3QiFKoJiWgUwKiGEzHzh9ufV8xQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7427228611235905597", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=6, c=28, mss=1232, tbw=15593, tp=37, tpl=6, uplat=123, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
font-spark-icon-fill.woff2
be.synxis.com/public/js/ 		30 KB
94 B 		Font
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/public/js/font-spark-icon-fill.woff2
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721980 PNNN RT(1729286414203 3611) q(0 0 0 -1) r(1 1) U2
cache-control
public, max-age=0
etag
W/"792c-191b6fb4c00"
x-cdn
Imperva
x-content-type-options
nosniff
accept-ranges
bytes
content-length
31020
date
Fri, 18 Oct 2024 21:20:18 GMT
last-modified
Tue, 03 Sep 2024 08:23:28 GMT
content-type
font/woff2
x-frame-options
SAMEORIGIN
synxis.js
onboard.triptease.io/integrations/v8466.119522/ 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/integrations/v8466.119522/synxis.js
Requested by
Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DFTF0DHFPCVRG4RKEX7R7FHN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c85a1e6ba674b075f66be2255770e1c0c7050e17703c3cd3dbb1d188052b878
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/

Response headers

x-goog-meta-build-version
8466.119522
x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=btxv1Q==, md5=LK1BPehSW4EB/TbVk3jWIA==
cf-cache-status
HIT
etag
W/"2cad413de8525b8101fd36d59378d620"
age
15533
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Sat, 18 Oct 2025 17:01:24 GMT
x-goog-meta-git-hash
10a673166c87ab6c4a7147733bbb8c5adce33eac
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
173455
date
Fri, 18 Oct 2024 21:20:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 2024 16:54:52 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3jCIjrd_TbY3y7o1XqsKNMJg9NEY_9Wb4AGFTLqqYbG4G01OMy5KO6UK55-dRl64kH0W4
strict-transport-security
max-age=15552000
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d4b92533fcfc7e4-DUS
access-control-allow-origin
*
x-goog-generation
1729270492889055
server
cloudflare
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=gtm.historyChange&eid=456&u=AgAAAAAI&ut=Ag&h=Ag&z=0
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:18 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
abandoned-cart-config.bundle.js
assets.navisperformance.com/abandoned-cart-client/ 		127 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.navisperformance.com/abandoned-cart-client/abandoned-cart-config.bundle.js
Requested by
Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6800:16:3eaa:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f26b52e060b83802af003f033b7d2c3f0f4a5d7e3b260d09b10376892210c6aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

x-amz-version-id
lnTXxym7WXwrrDQeSpTOenCEap9DEuja
etag
"76530a273eaa19ea7e2f4f29d8c9dcca"
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
130021
x-amz-cf-id
tzdZpp2Y36WhfHct6UV-hkeZ0dKPH1Fkaq84rfa7TiVJiGSxiMw0lw==
date
Fri, 18 Oct 2024 21:20:20 GMT
content-type
application/javascript
last-modified
Tue, 15 Oct 2024 16:03:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
fusion-config
fusion-api.navisperformance.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fusion-api.navisperformance.com/fusion-config?account=15030&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.236.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-236-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
secret
Access-Control-Request-Method
GET
Origin
https://be.synxis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, x-requested-with, secret
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://be.synxis.com
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 18 Oct 2024 21:20:19 GMT
requestguid
50de8206-70a9-4479-97bb-da2a4169d38c
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fusion-config
fusion-api.navisperformance.com/ 		33 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fusion-api.navisperformance.com/fusion-config?account=15030&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1
Requested by
Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/abandoned-cart-client/abandoned-cart-config.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.236.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-236-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
09205cd7fbd7212073f63606f659e7d8a03ab0c3cdd5bd39f601f705228a1296

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
secret
3mg535j7e7n38e5nowkz
Referer
https://be.synxis.com/

Response headers

access-control-allow-headers
origin, content-type, accept, x-requested-with, secret
requestguid
f8915049-a276-4362-9420-43f5f9bdcc01
access-control-allow-origin
https://be.synxis.com
date
Fri, 18 Oct 2024 21:20:19 GMT
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
dataStream.js
be.synxis.com/public/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/public/js/dataStream.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9004eb2ea667e7fa5bd352659d8662eff07e2c092a1dc399778b306b0804074f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721982 PNYN RT(1729286414203 4592) q(0 0 0 -1) r(2 2) U2
cache-control
public, max-age=0
content-encoding
gzip
etag
W/"2b86-191b6f73908"
x-cdn
Imperva
x-content-type-options
nosniff
accept-ranges
bytes
date
Fri, 18 Oct 2024 21:20:19 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 03 Sep 2024 08:19:01 GMT
x-frame-options
SAMEORIGIN
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=gtm.load&eid=525&u=AgAAAAAI&ut=Ag&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:19 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
favicon.ico
www.wigwamarizona.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.wigwamarizona.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930131d07fcd78a4ca3e35afbc6bfbb65dc989336970ef55896da8b9117756b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1,mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

cache-control
public, max-age=10800
cf-cache-status
HIT
etag
10182024154007
age
16656
cf-ray
8d4b9259d99dd35a-FRA
expires
Fri, 25 Oct 2024 16:42:42 GMT
accept-ranges
bytes
content-length
1150
date
Fri, 18 Oct 2024 21:20:19 GMT
x-xss-protection
1,mode=block
content-type
image/x-icon; charset=utf-8
last-modified
Tue, 04 Apr 2023 12:59:35 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
dxgtm.js
be.synxis.com/public/js/ 		74 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/public/js/dxgtm.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/dataStream.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8829abc4c445a849af9e51a2783f745fc48729538e231f5c4f9b1c7a1cb850e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
13-287721909-287721982 PNYN RT(1729286414203 4817) q(0 0 0 -1) r(1 1) U2
cache-control
public, max-age=0
content-encoding
gzip
etag
W/"12658-191b6f73908"
x-cdn
Imperva
x-content-type-options
nosniff
accept-ranges
bytes
date
Fri, 18 Oct 2024 21:20:19 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 03 Sep 2024 08:19:01 GMT
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		302 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-902GY8W2RT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e2d124a9509009451b18bd297b4d3e152d489d2d26f6b6940cb51b26d86ea0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 21:20:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104689
x-xss-protection
0
server
Google Tag Manager
quantum-sabre.js
cdn.quantummetric.com/qscripts/ 		347 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/signin?_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2021-11-22&chain=10237&child=0%c2%a4cy=USD&depart=2021-11-23&hotel=53654&level=hotel&locale=en-US&rooms=1&NCK=8442440202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f549cd10d737b18e3601cc4a0dce7b0c2d7e5dcafabdb295527c36e9eb7075
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options no-sniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
etag
W/"172901461965417291779908561729238401883"
age
192
x-content-type-options
no-sniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:19 GMT
content-type
text/javascript
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray
8d4b925c4cb591e9-FRA
access-control-allow-origin
*
server
cloudflare
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=gtm.load&eid=544&u=AgAAAAAI&ut=Ag&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:19 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-902GY8W2RT&gtm=45je4ah0v880650909za200zb77572326&_p=1729286416013&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529666~101686685&cid=1940942283.1729286417&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1729286419&sct=1&seg=0&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&dt=The%20Wigwam%20Resort-Phoenix-Litchfield%20Park%20Area%20-%20Reservations%20-%20Search%20for%20a%20Reservation&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=5979
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-902GY8W2RT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://be.synxis.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:19 GMT
content-type
text/plain
server
Golfe2
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=gtag.config&eid=563&u=AgAAAAAI&ut=Ag&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:19 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
cartstack.js
api.cartstack.com/js/ 		44 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cartstack.com/js/cartstack.js
Requested by
Host: api.cartstack.com
URL: https://api.cartstack.com/js/customer-tracking/www.wigwamarizona.com_e5d9f818d55e887179b49fbe9f918a49.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-127.fra60.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16 /
Resource Hash
cd1e0e49100b42d0d8cf260558a79e0fa4281f218402fc847a64b8ac66f405f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

cache-control
max-age=2592000
content-encoding
br
etag
W/"aeba-616244cc0f339"
age
1407699
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
expires
Fri, 01 Nov 2024 14:18:40 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
IhdUInKrUu954lH42SkcNfuaOq7j0PqXZadbfiZG32Po87IZ3aOylA==
date
Wed, 02 Oct 2024 14:18:40 GMT
content-type
application/javascript
last-modified
Mon, 15 Apr 2024 15:30:22 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16
x-amz-cf-pop
FRA60-P4
vary
Accept-Encoding
sabre
ingest.quantummetric.com/horizon/ Frame D8E1 		90 B
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ingest.quantummetric.com/horizon/sabre?T=B&u=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&t=1729286420086&v=1729286420105&S=0&N=0&P=0&z=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.135.178.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.178.135.34.bc.googleusercontent.com
Software
/
Resource Hash
8ccfb12d9242e079e524cd71f89d0c098c2772b0810ad83aa05938bdd6640b6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://be.synxis.com
content-length
90
date
Fri, 18 Oct 2024 21:20:20 GMT
content-type
application/json
access-control-allow-credentials
true
752789512056622
connect.facebook.net/signals/config/ 		24 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/752789512056622?v=2.9.172&r=stable&domain=be.synxis.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C133%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C125%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C113%2C127
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e369bdd056d0a981d9e1a2f334a00544196a091d0b748586daf6b85fd18c4a27
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=77, mss=1232, tbw=90609, tp=90, tpl=0, uplat=134, ullat=0
pragma
public
x-fb-debug
WllSBFYKPIaunQmJaVAt1TZfZj7g8T5cjC/QbHTUNxVL8Qmyg7A9GxDKv0Lk0NtR0XABBkQDF0zEasIGty03qg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=752789512056622&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&rl=&if=false&ts=1729286420418&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729286417667.564302007498387275&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=6, c=30, mss=1232, tbw=17017, tp=42, tpl=6, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 18 Oct 2024 21:20:20 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=752789512056622&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&rl=&if=false&ts=1729286420418&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729286417667.564302007498387275&ler=empty&cdl=API_unavailable&it=1729286417440&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228620039169269"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427228620039169269"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x784c46ced4d8f7de","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["3787667351339453","3863237213803696"]},"debug_reporting":true,"debug_key":"3399697851067261105"}
date
Fri, 18 Oct 2024 21:20:20 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
rfz5tUbbDX5AzDMYjvU3uPsPffIp0qMlInmJefvUlK/uyX3E3PYxE4qBhxl/z5FRy+VvqZg5fydPMaXONYcD6Q==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7427228620039169269", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=6, c=30, mss=1232, tbw=17257, tp=45, tpl=6, uplat=117, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=*&eid=587&u=AgAAAAAI&ut=Ag&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:20 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
sabre
ingest.quantummetric.com/horizon/ Frame D8E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ingest.quantummetric.com/horizon/sabre?T=B&u=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&t=1729286420086&v=1729286420566&H=14d112678453aec35649976e&s=73121277ff75538529627edc0125d870&Q=1&Y=1&X=c6d43d682be2495672f3ef30ed9dc96d&z=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.135.178.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.178.135.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://be.synxis.com
content-length
0
date
Fri, 18 Oct 2024 21:20:20 GMT
content-type
application/json
access-control-allow-credentials
true
sabre
ingest.quantummetric.com/horizon/ Frame D8E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ingest.quantummetric.com/horizon/sabre?T=B&u=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&t=1729286420086&v=1729286420569&H=14d112678453aec35649976e&s=73121277ff75538529627edc0125d870&U=0c6ad0297a1a060716c8a6e225a0f8fc&Q=2&S=0&N=0&z=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.135.178.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.178.135.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://be.synxis.com
content-length
0
date
Fri, 18 Oct 2024 21:20:20 GMT
content-type
application/json
access-control-allow-credentials
true
sabre
ingest.quantummetric.com/horizon/ Frame D8E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ingest.quantummetric.com/horizon/sabre?T=B&u=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1&t=1729286420086&v=1729286420732&H=14d112678453aec35649976e&s=73121277ff75538529627edc0125d870&S=3210&N=28&P=1&z=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.135.178.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
72.178.135.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://be.synxis.com
content-length
0
date
Fri, 18 Oct 2024 21:20:20 GMT
content-type
application/json
access-control-allow-credentials
true
identity
onboard.triptease.io/ 		161 B
531 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/identity
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b641963a0599b55c11d0c30f4cda5f877dd399694e3057224ec7c6a6c5abd89
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store, no-cache
content-encoding
br
access-control-allow-credentials
true
cf-ray
8d4b9265fa229150-FRA
access-control-allow-origin
https://be.synxis.com
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:21 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
claim
onboard.triptease.io/ 		2 B
257 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/claim?apiKey=e719de40b8a159cd84328370fe64af497353ffc8
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-store, max-age=0
content-encoding
br
cf-cache-status
BYPASS
access-control-allow-credentials
true
cf-ray
8d4b92664a6d9150-FRA
access-control-allow-origin
https://be.synxis.com
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:21 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
bootstrap-message-engine.js
targeted-messages.triptease.io/static/ 		97 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://targeted-messages.triptease.io/static/bootstrap-message-engine.js
Requested by
Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DFTF0DHFPCVRG4RKEX7R7FHN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:59cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61057c8d6aa11e1ff87dbece528028be432ef00a4dd77f28717df923f2e836a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
x-goog-meta-goog-reserved-file-mtime
1729176852
x-goog-hash
crc32c=gTL4gg==, md5=QKO9nHey/zqSRHVBfhaIMg==
cf-cache-status
HIT
etag
W/"40a3bd9c77b2ff3a924475417e168832"
age
274
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Fri, 18 Oct 2024 21:25:48 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
99538
date
Fri, 18 Oct 2024 21:20:22 GMT
content-type
text/javascript
last-modified
Thu, 17 Oct 2024 14:54:17 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2ne0kCnK2ftEASZmrpekYEeVc_S5rYB1WFPWupJusx3HdsxOG4y45mjN5BQ-zhbFihE3ZqoulFug
strict-transport-security
max-age=15552000
cache-control
public, max-age=600
x-goog-storage-class
STANDARD
cf-ray
8d4b92697974f104-CDG
access-control-allow-origin
*
x-goog-generation
1729176857328536
server
cloudflare
main.js
static-meta.triptease.io/client/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-meta.triptease.io/client/main.js
Requested by
Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DFTF0DHFPCVRG4RKEX7R7FHN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.182 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
20d79f60a4c87e7063520a07ff8ff15fdc10654e803d91229940253a6b6152a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://be.synxis.com
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
age
149925
x-cache
HIT
date
Fri, 18 Oct 2024 21:20:22 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
x-cache-hits
168
x-cloud-trace-context
75beef782356baf6b2ceda5c3259ddaf
x-served-by
cache-fra-etou8220113-FRA
cache-control
max-age=172800,stale-while-revalidate=1800
x-timer
S1729286422.029040,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
12905
server
Google Frontend
e719de40b8a159cd84328370fe64af497353ffc8
static-meta.triptease.io/client/bundle-data/ 		374 B
398 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-meta.triptease.io/client/bundle-data/e719de40b8a159cd84328370fe64af497353ffc8
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.182 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
562d92ade48e724637dcda243511e37c05987857299fca4be6b63c86eb8da30c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
age
16651
x-cache
HIT
date
Fri, 18 Oct 2024 21:20:22 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-cache-hits
0
x-cloud-trace-context
c4a1b313b67b7700eb352d04f3156c72
x-served-by
cache-fra-etou8220113-FRA
cache-control
max-age=172800,stale-while-revalidate=1800
x-timer
S1729286422.078453,VS0,VE1
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
279
server
Google Frontend
js
www.googletagmanager.com/gtag/ 		238 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-354231748
Requested by
Host: static-meta.triptease.io
URL: https://static-meta.triptease.io/client/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e77e9309941e37ab8d82e16962001aa70c6cce673753ddf96db3390a772f7c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 21:20:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
87438
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		238 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-354231748&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ78LTX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95cadaca4fe440b95e468ea01480a033a623fa07aca99a63c072ab9c864dd544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 21:20:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:20:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
87441
x-xss-protection
0
server
Google Tag Manager
wh.js
p.relay-t.io/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.relay-t.io/wh.js
Requested by
Host: static-meta.triptease.io
URL: https://static-meta.triptease.io/client/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:3200:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

etag
"53ab807de88f695459be24327e46aad6"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
IwKorRdPApsX05FiJ-eazEAe142ncVsC-UU8WruVvM4uaBtAyQ8JyA==
date
Fri, 18 Oct 2024 21:20:23 GMT
content-type
application/javascript
last-modified
Thu, 08 Feb 2024 13:34:04 GMT
vary
Origin
x-frame-options
SAMEORIGIN
x-amz-meta-content-type
application/javascript
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4196
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
e719de40b8a159cd84328370fe64af497353ffc8
static-meta.triptease.io/client/bundle-data/ 		374 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-meta.triptease.io/client/bundle-data/e719de40b8a159cd84328370fe64af497353ffc8
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.182 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
562d92ade48e724637dcda243511e37c05987857299fca4be6b63c86eb8da30c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

content-encoding
gzip
age
16651
x-cache
HIT
date
Fri, 18 Oct 2024 21:20:22 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-cache-hits
0
x-cloud-trace-context
c4a1b313b67b7700eb352d04f3156c72
x-served-by
cache-fra-etou8220113-FRA
cache-control
max-age=172800,stale-while-revalidate=1800
x-timer
S1729286422.078453,VS0,VE1
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
279
server
Google Frontend
storageIframe.html
targeted-messages.triptease.io/static/ Frame 939D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://targeted-messages.triptease.io/static/storageIframe.html
Requested by
Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://be.synxis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Type
age
70
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=600
cf-cache-status
HIT
cf-ray
8d4b926a9bcf9f23-FRA
content-encoding
br
content-type
text/html
date
Fri, 18 Oct 2024 21:20:22 GMT
expires
Fri, 18 Oct 2024 21:29:12 GMT
last-modified
Thu, 29 Jun 2023 09:56:30 GMT
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-goog-generation
1688032590472706
x-goog-hash
crc32c=/G3XxQ== md5=98b+KQq4ov4sQNnkjjyKNw==
x-goog-meta-goog-reserved-file-mtime
1688032586
x-goog-metageneration
131
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
7485
x-guploader-uploadid
AHmUCY1OebPA48vDFrRuefy1V42e0SnrC774Pu7SS2ci3GS2uCSYZWrWNxxvQYvXFleblEs2Mg
messages
messages.guest-experience.triptease.io/e719de40b8a159cd84328370fe64af497353ffc8/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://messages.guest-experience.triptease.io/e719de40b8a159cd84328370fe64af497353ffc8/messages?language=en-US
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ab029484eafd6dc44c2940b9d7d8c0c907ea30b66e2eb6f2c95e7c18fd98ad69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

access-control-expose-headers
X-Country-Code, X-Region-Code, X-City
age
0
x-cache
MISS
x-country-code
DE
tt_keys
campaigns-e719de40b8a159cd84328370fe64af497353ffc8 campaigns-client-WIGWAM
date
Fri, 18 Oct 2024 21:20:22 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-cache-hits
0
x-cloud-trace-context
ead1d53b67c53a1074b027db1a4f1f51
x-served-by
cache-fra-etou8220125-FRA
cache-control
public,stale-if-error=600,stale-while-revalidate=10,max-age=600
access-control-allow-credentials
true
x-city
windach
via
1.1 varnish
tt_host
messages.guest-experience.triptease.io
accept-ranges
bytes
access-control-allow-origin
https://be.synxis.com
content-length
2894
server
Google Frontend
x-region-code
BY
beat.js
p.relay-t.io/ 		21 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p.relay-t.io/beat.js?type=tg&idhotel=idH&pmsId=pms&tkraw=&tk=&ref=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1
Requested by
Host: p.relay-t.io
URL: https://p.relay-t.io/wh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:3200:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

etag
"590efd78ccb474abbf45b795b73e37d8"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
S8d1mHE4ZfCCYlTTYrYrk5tx4RUGBnqRUGAsxdLMhHr1zMmzxtpWeg==
date
Fri, 18 Oct 2024 21:20:23 GMT
content-type
application/javascript
last-modified
Thu, 08 Feb 2024 13:34:05 GMT
vary
Origin
x-frame-options
SAMEORIGIN
x-amz-meta-content-type
application/javascript
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
21
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
batch
onboard.triptease.io/message/ 		0
181 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/message/batch
Requested by
Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DFTF0DHFPCVRG4RKEX7R7FHN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
cf-ray
8d4b926b8f6a9150-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 21:20:22 GMT
content-type
text/html
x-cloud-trace-context
5a90d029e8a5d9c3279552987eea2ae0
vary
Accept-Encoding
server
cloudflare
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-53XCXJ&v=3&t=t&pid=1036518578&cv=143&rv=4ah0&tc=46&tag_exp=101529665~101686685~101823848&es=1&e=gtag.config&eid=625&u=AgAAAAAI&ut=Ag&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://be.synxis.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 21:20:22 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
event
api.triptease.io/zappy/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.triptease.io/zappy/event?eventName=propensityToConvert&eventAppName=messageEngine
Requested by
Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:59cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://be.synxis.com/

Response headers

strict-transport-security
max-age=15552000
access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET,PUT,POST,DELETE
via
1.1 google
cf-ray
8d4b926dbdb3dc68-FRA
access-control-allow-origin
https://be.synxis.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 18 Oct 2024 21:20:22 GMT
content-type
text/plain; charset=utf-8
server
cloudflare
events
be.synxis.com/gw/v1/log/ 		840 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.synxis.com/gw/v1/log/events
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sabre.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7dcf070ccb745cc9ec40e8c29ebbc58fd8b3efcbae29e35a5def17727167461b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1

Response headers

x-iinfo
13-287721909-0 PNNN RT(1729286414203 8600) q(0 -1 -1 -1) r(0 -1) B15(14,0,0) U6
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
content-length
840
content-type
text/html
fusion-config
fusion-api.navisperformance.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.gatag.it
URL
https://www.gatag.it/?a2d9OTQwNiM%3D/1691/0
Domain
ampcid.google.de
URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Domain
fusion-api.navisperformance.com
URL
https://fusion-api.navisperformance.com/fusion-config?account=15030&url=https%3A%2F%2Fbe.synxis.com%2Fsignin%3FNCK%3D8442440202%26_ga%3D2.233173854.1398642206.1637603945-1917855449.1636412588%26adult%3D1%26arrive%3D2024-10-18%26chain%3D10237%26child%3D0%26currency%3DUSD%26depart%3D2024-10-19%26hotel%3D53654%26level%3Dhotel%26locale%3Den-US%26productcurrency%3DUSD%26rooms%3D1

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| Animation object| process object| dataLayer object| stateTriggers object| loadState boolean| isFirstLoad boolean| isFirstDisplay object| m function| sbe_setMetrics function| sbe_logMetrics object| _globalTracking object| dataStream function| $ function| jQuery string| noOPTinHOTELID object| noOPTinHOTEL function| NavisConvertTagToPhoneNumberBasic function| ValidateNavisKeyword function| CreateNavisTagCookie function| CreateNavisTagCookie2 string| NavisCookieKeywordValue function| CreateNavisTagCookie3 function| ReadNavisTagCookie1 function| ReadNavisTagCookie function| GetNavisQueryString function| GetNavisTagQueryString function| NavisGetDomain function| GetNavisTagReferrer function| GetNavisTagReferrer2 function| GetNavisTagHash function| ProcessNavisNCKeyword function| ProcessNavisNCKeyword2 function| ProcessNavisNCKeyword3 function| ProcessNavisNCKeyword4 function| ProcessNavisNCKeyword5 function| FormatPhone function| ShowNavisNCPhoneNumber function| ShowNavisNCPhoneNumberFormat function| SetElementToNavisNCPhoneNumber function| SetElementToNavisNCPhoneNumberFormat function| NavisConvertTagToPhoneNumber function| NavisSetHiddenKeywordField function| NavisSetHiddenKeywordFieldD function| NavisSetHiddenPhoneNumberField function| SetNavisP2TalkLink function| SetNavisP2TalkCustomLink function| SetNavisP2ChatLink function| SetNavisP2ChatCustomLink function| SetNavisLink function| AppendNavisKeywordToURL function| AppendNavisKeywordToLink function| AppendNavisPhoneNumberToLink function| SetTelLinkToNavisPhoneNumber function| SetLinkToNavisPhoneNumber function| AppendNavisItemToURL function| AppendNavisItemToLink function| SendNavisConfirmationNumberField function| SendNavisConfirmationNumber function| SendNavisAltConfirmationNumber function| CreateNavisContactIdCookie function| ReadNavisContactIdCookie function| GetNavisContactIdQueryString function| ProcessNavisContactId function| SendNavisContactIdAttribute function| SendNavisContactIdAttributeIncrement function| SendNavisContactIdAttributeIncrement2 function| SendNavisContactIdAttributeData function| GetNavisUniqueTimeValue object| fliptoDataLayer object| _reztrack function| _fbq object| google_tag_data function| GooglemKTybQhCsO number| google_conversion_snippets number| google_conversion_first_time number| _cartstack_loaded object| _cartstack function| cartstack_getTracking string| UpLiftPlatformObject function| up function| upReady function| ss_js_sealTagStr function| ss_js_seal string| ss_ua string| ss_fqdn string| ss_size string| ss_type string| ss_lang string| ss_ver string| ss_service string| ss_protocol string| ss_jspUrl object| __INITIAL_STATE__ string| _sid_ string| _env_ string| _maskedHostName_ string| _hostRegionCode_ object| cartstack_num object| cartstack_alpha function| cartstackutility_getCookie function| cartstack_encode function| cartstack_decode function| cartstack_TabAbandonment function| cartstack_SMS function| cartstack_WebPush function| cartstack_Popup function| cartstack_sendMyCart function| cartstack_getCartItems_RealTime function| cartstack_getCartItems function| cartstack_getCartTotal function| cartstack_getCartTotal_RealTime function| cartstack_getDataItem function| cartstack_getAttributeItem function| cartstack_browseData function| cartstack_setBrowseID function| cartstack_setCookie function| cartstack_getAttribute function| cartstack_getElement function| cartstack_endRecordingSession function| cartstack_setRecordingCartID function| cartstack_livecallback function| cartstack_autoFormFillProcessing function| cartstack_autoFormFill function| cartstack_WebPushInit function| cartstack_SMSInit function| cartstack_ISNInit function| a1_0x15c8 object| reese84 function| a1_0x2213 function| reese84interrogator function| initializeProtection number| reeseScriptLoadCount function| protectionSubmitCaptcha object| google_tag_manager string| val function| clarity function| fbq object| _fbq_gtm_ids function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| __classPrivateFieldIn object| triptease string| GoogleAnalyticsObject function| ga object| a object| gaGlobal function| fliptoDecorateLink function| fliptoDecorateForm function| fliptoDecorate object| FliptoFliptoGlobalSnowplowNamespace function| fliptoSnowplow object| gaplugins function| webpackHotUpdate function| isNative function| thn object| webpackJsonp object| _ function| setImmediate function| clearImmediate object| React function| Component symbol| Fragment object| PropTypes object| Children function| withStyles function| bindRedux function| Immutable function| injectIntl function| defineMessages function| FormattedDate function| FormattedTime function| FormattedNumber function| FormattedMessage object| FormattedMoney function| Infinite object| Uplift object| UpLift boolean| _upliftFlag function| ss_open_sub function| ss_sealTagStr function| writeFlashImage function| writeFlash function| writeImage function| ss_seal function| ss_right string| ss_domain string| ss_imageLocation string| ss_flashLocation object| ss_dimensions function| aec_callback_handler object| aec_init object| globalTracking object| regeneratorRuntime object| events_ object| eventData_ boolean| dx object| _events object| eventWrappers_ object| eventLogs object| audience object| pluggins object| plugginsQ object| plugginsTl function| registerEvent function| listen function| subscribe function| binge function| unsubscribe function| send function| customEvent function| merge function| isArray function| importScript function| import object| jsonp function| pluggin function| registerPluggin object| registeredPluggins string| proto object| b object| rzt object| __ab_cart_configs__ object| d object| w object| qrs string| hotel string| chain string| test_container object| pilot_gtm_map object| _GlobalTokens function| onYouTubeIframeAPIReady function| cartstack_getCookie function| cartstack_traverseDOM function| cartstack_checkProcess object| cartstack_regex object| cartstack_dataItems number| cartstack_executeBrowse number| cartstack_trackVisitorPageViewOff string| cartstack_domain number| cartstack_validUser number| cartstack_processRequest string| cartstack_url number| cartstack_captureonly string| cartstack_siteid number| cartstack_url_index function| cartstack_updatecart function| QuantumMetricInstrumentationStart object| QuantumMetricAPI object| QuantumMetricAPI_sabre function| gtag boolean| ttGoogleGlobalSiteTagAdded boolean| ttWihpGlobalSiteTagAdded function| parcelRequire8d74 function| w_pLB function| w_insertTagFac function| w_getDomainR function| w_getUrlParams function| w_getUrlParams_f function| w_getUrlParams_f2 function| w_putC number| wh_inter function| check_idH function| _b_i_h

33 Cookies

Domain/Path Name / Value
fusion-api.navisperformance.com/fusion-config Name: navis-fusion-identity
Value: 9783f28d-a10b-440a-aeaf-e2f1269d4b54
be.synxis.com/ Name: sbeSessionID
Value: z1TBwoiydli-LejpZM4m6if9
.synxis.com/ Name: apisession
Value: MDAxMjF-VXZXQndGZ0FMT3pxVmZ2Y1AyR1NsTENOd2l5d25DV2x2RmtoWFlJc2FHNno0eWp2Qy9YVXM4UVZpUG5qVDFHL0crVFkySlZsUEtKbENCMVozb2liNVc5S3R2YW9FMFFQWXp5OGF0QzZhNjBsYnZocXJ3d0F3ZVV1N3ZZSm5NdDhuclRIS2c2Szg3bkljZEU0SXoxaVRmaFY3OEFIMS9GODd5N2xjOVJHN3J5cW8yL1cxRG5GZ1dSMis3bU5lRHZCc3RZWE4vZjROSjhYOWxMT0M5eW5RZXZwck1PREdmK1hxMVdJeG50Vi9PM1A4ZWkrQTJDR3JtWGZHWTJoTngvMGswTllXbDJmbkd5Q1NtNER4ZXljZ3dKNTIzdDMwSW4xckhBUDh2NnhSQ0ZpcDZsUitXMmxVUzFvSkN0VEFkR00
.synxis.com/ Name: visid_incap_1215874
Value: V5DFkJtZTHGz3afRYvkIDA7REmcAAAAAQUIPAAAAAAB/HXvwQu/WHdS8ruPAQY5B
.synxis.com/ Name: nlbi_1215874
Value: PsecKXJkjTXZwiITrJ/xDgAAAACWrhae9EeIhkHAp85ArASD
.synxis.com/ Name: incap_ses_876_1215874
Value: digkJmRtbX+SyUHxcC0oDA/REmcAAAAADauRHijGuBySqP0xjRZh/Q==
.synxis.com/ Name: visid_incap_1814716
Value: E2VFkuTqT2KyzqR282AL1g/REmcAAAAAQUIPAAAAAABH9zZdaUfwtmZjqtU5CfYY
gc.synxis.com/ Name: GCLB
Value: CJK30IiN1OTIlgEQAw
.synxis.com/ Name: incap_ses_473_1814716
Value: cmeSQEtKZGVt9C9/DG+QBg/REmcAAAAAn4yY6+N5PKbEmqP2pQg7vA==
.synxis.com/ Name: visid_incap_2103294
Value: 0wndH0UFSHWt9D8ht8HQTA/REmcAAAAAQUIPAAAAAAAV9/d5bhFr+prXFlmbd5Ru
.synxis.com/ Name: incap_ses_1309_2103294
Value: eVbKch+E0E0dYV9oo4AqEhDREmcAAAAAbd+KPlQ/VA6McYRQqVchlA==
be.synxis.com/ Name: 15030NavisNCKeyword
Value: 8442440202
be.synxis.com/ Name: NavisNCKeyword
Value:
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.synxis.com/ Name: _gcl_au
Value: 1.1.1839985294.1729286417
.synxis.com/ Name: visid_incap_2730559
Value: VAYr6Gx+TmajIIJJn+IXlhDREmcAAAAAQUIPAAAAAADWlbS+htgxTJtNFx1M7aJB
.synxis.com/ Name: nlbi_2730559
Value: LNh4fKFTxFwXkEjmJ8VgkAAAAAB0bBNOHEIV7V2jEThArWzP
.synxis.com/ Name: incap_ses_471_2730559
Value: AVA+ZqS+915MrbHVIVSJBhDREmcAAAAALwmjQiDxvRnRY2VnFFFeWg==
.synxis.com/ Name: _ga_PKJPZC4PZZ
Value: GS1.1.1729286417.1.0.1729286417.60.0.1270359173
.synxis.com/ Name: _ga
Value: GA1.1.1940942283.1729286417
.synxis.com/ Name: AMP_TOKEN
Value: %24RETRIEVING
.synxis.com/ Name: sa_ftses.4d4e
Value: *
.synxis.com/ Name: _fbp
Value: fb.1.1729286417667.564302007498387275
.synxis.com/ Name: nlbi_1215874_2147483392
Value: tRZ2JcWbmQz34t7arJ/xDgAAAAAbOKd2hTKk1NNwBHwC/I/x
.be.synxis.com/ Name: reese84
Value: 3:e3gW6rC6me9jrDvG122/og==:S/RKX3oba2JQJuohibe5tdCe/TkUxiD4JMwKgGa21cR7v5u0IQb/CE39jngzcFUd18OrhUcYZxYHWZy+7a+G4ac2PR2X7/Z/Pc5Zs16zpt+EPyojTs183rv9puBZ3vcemakmkIVsJXh3RtWfuqCUnEn9rsPM8GtLVA+czPld2hZ1FU/TD/7hy5XH1QFaldYAjq15kl4bVaqey9cFt/ZaDEC0hGSbe4junpJkJzxJr92MrGmqu0yRNGaBpy0zSPuLX0AWiDJYXiwig6cpTnELTFWtxzkpbiwWl64D9/GLHzLkPXS8/hyCG74p7hMkomgVBdsP1X/aVKv3pg1c1Z77Fe5PDoA+nTmP8V7hKdD1QBMB6vQLlcdHI5wQAn19GCUIzyw3UXC5UlDldzntbB9zjmNF9ycldiIp/XEPc8V9OcXNxPRdK9+r4Sa7MM0x0N0vERwRETQ+D57tVrc2dUL9ucS2Cj+hVk0xsDoG5Dxn4BPzMYCHbegvbqcrKHgAxDWYohevG9nZu8TeZ3nlZaWZzBPuW1+xC9X6eHtBMVcsSiQd1UC8dUVSLD++XKacWgx23lhS0/UjTrlmpHW7HqtWMQ==:090kP1U65KdR75TNvFWcv/a80k++MmjjPp55hKTeRbQ=
.synxis.com/ Name: _up
Value: 1.2.156851153.1729286418
.synxis.com/ Name: sa_ftid.4d4e
Value: 196213ea-c84e-4932-b808-02ef6dcd2fdd.1729286418.1.1729286418..fcdd2179-4b8a-41ed-9d36-635b5c68a245..95b758b7-a89f-4b06-891e-e8e31dfbdf34.1729286417652.3
.www.wigwamarizona.com/ Name: _cfuvid
Value: .16TRR_YyoecdEMsnw8krzVk6Gmj5K9jQVoRCCBQk5I-1729286419510-0.0.1.1-604800000
.synxis.com/ Name: _ga_902GY8W2RT
Value: GS1.1.1729286419.1.0.1729286419.0.0.0
.synxis.com/ Name: QuantumMetricSessionID_sabre
Value: 73121277ff75538529627edc0125d870
.synxis.com/ Name: QuantumMetricUserID_sabre
Value: 0c6ad0297a1a060716c8a6e225a0f8fc
.triptease.io/ Name: triptease-user-id
Value: 01JAGR1EY4XMHM6R2HAV2D0QB0
.triptease.io/ Name: triptease-session-id
Value: 01JAGR1EY47FKW6WJY95GXH2HY

4 Console Messages

Source Level URL
Text
network error URL: https://www.gatag.it/?a2d9OTQwNiM%3D/1691/0
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://www.google-analytics.com/analytics.js(Line 31)
Message:
Refused to connect to 'https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM' because it violates the following Content Security Policy directive: "default-src 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io https://*.sabre-gcp.com https://*.sabre-gcp.com:3000 https://*.sabre-gcp.com:3001 https://*.sabre-gcp.com:3002 https://*.sabrecirrus.com pdx-col.eum-appdynamics.com *.quantummetric.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
recommendation verbose URL: https://be.synxis.com/signin?NCK=8442440202&_ga=2.233173854.1398642206.1637603945-1917855449.1636412588&adult=1&arrive=2024-10-18&chain=10237&child=0&currency=USD&depart=2024-10-19&hotel=53654&level=hotel&locale=en-US&productcurrency=USD&rooms=1
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://be.synxis.com/gw/v1/log/events
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy img-src data: *; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: *; media-src *; worker-src 'self' *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.doubleclick.net icm.aexp-static.com *.quantummetric.com *.triptease.io triptease.io pdx-col.eum-appdynamics.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com blob:; child-src 'self' *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.doubleclick.net icm.aexp-static.com *.quantummetric.com *.triptease.io triptease.io pdx-col.eum-appdynamics.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com blob:; script-src 'strict-dynamic' 'nonce-K7MQ2XXGU0R0h9Bmt8p0Og==' 'unsafe-inline' 'unsafe-eval' 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io https://*.sabre-gcp.com https://*.sabre-gcp.com:3000 https://*.sabre-gcp.com:3001 https://*.sabre-gcp.com:3002 https://*.sabrecirrus.com pdx-col.eum-appdynamics.com *.quantummetric.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com; default-src 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io https://*.sabre-gcp.com https://*.sabre-gcp.com:3000 https://*.sabre-gcp.com:3001 https://*.sabre-gcp.com:3002 https://*.sabrecirrus.com pdx-col.eum-appdynamics.com *.quantummetric.com *.uplift.com *.uplift-platform.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com *.optimand.com optimand.com https://*.d-edgeconnect.media https://reginahotel.matomo.cloud https://*.matomo.cloud *.thehotelsnetwork.com thehotelsnetwork.com https://*.secureprivacy.ai secureprivacy.ai https://api-prod.secureprivacy.ai *.navistechnologies.com *.thenavisway.com *.triptease.com triptease.io facebook.com *.facebook.net facebook.net *.bing.com bing.com *.bat.bing.com bat.bing.com https://*.flip.to https://*.ft-clarity.com; report-uri /reports?hid=53654&cid=10237&sid=z1TBwoiydli-LejpZM4m6if9
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ampcid.google.com
ampcid.google.de
api.cartstack.com
api.triptease.io
assets.navisperformance.com
be-cms-api-p1.synxis.com
be-cms-api.synxis.com
be.synxis.com
cdn.flip.to
cdn.quantummetric.com
cdn.uplift.com
connect.facebook.net
fusion-api.navisperformance.com
gc.synxis.com
googleads.g.doubleclick.net
ingest.quantummetric.com
integration.flip.to
messages.guest-experience.triptease.io
onboard.triptease.io
p.relay-t.io
region1.analytics.google.com
region1.google-analytics.com
sa.flip.to
seal.globalsign.com
ssif1.globalsign.com
static-meta.triptease.io
stats.g.doubleclick.net
storage.googleapis.com
tag.uplift.com
targeted-messages.triptease.io
twi.revinate.com
u27595191.ct.sendgrid.net
www.clarity.ms
www.facebook.com
www.gatag.it
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.thehotelsnetwork.com
www.wigwamarizona.com
ampcid.google.de
fusion-api.navisperformance.com
www.gatag.it
107.154.192.208
151.101.2.133
151.101.65.182
167.89.118.35
172.217.16.130
18.66.102.51
18.66.147.127
2001:4860:4802:34::36
2600:9000:2251:6800:16:3eaa:9140:93a1
2600:9000:235a:f600:0:e5a2:8c40:93a1
2600:9000:2644:a200:1:5bd4:31c0:93a1
2600:9000:275d:3200:1d:40aa:1fc0:93a1
2606:4700:10::6816:3591
2606:4700:3030::ac43:a4e2
2606:4700:3032::6815:59cd
2606:4700:4400::ac40:9105
2606:4700::6812:bd5
2620:1ec:29:1::64
2a00:1450:4001:80e::2008
2a00:1450:4001:813::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::201b
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::645
3.161.82.70
34.135.178.72
45.60.154.108
45.60.155.144
45.60.46.204
52.25.236.4
01e8eff0acd3ef13254929a0cf292b1476e7c17770072876d4f963320da39ef6
09205cd7fbd7212073f63606f659e7d8a03ab0c3cdd5bd39f601f705228a1296
0f248c6165ca0a6a95223dd7ecaa958dacd3a2d1a9a5094aa93af0de65fde3d9
13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a
13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03
1506c80eb411afef8b09df3fb0f6701c617f081139d6356dbe0114e32c2e91d2
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16e70f6d61ac503652fcdf56b17255323ddd0911df37ac66b1201e567503b4ac
1b57bf36dc0819373a3925d52546107522f8543938dbd2ebaf723e753b4886aa
1f615645150521b8d95414b87467cd53e31af5049d8b0a3a795273bc6d62936b
20d79f60a4c87e7063520a07ff8ff15fdc10654e803d91229940253a6b6152a8
20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bf07779ae8d52d387656472cf6914536bfe9e0265ca26bcbbd7649f042a2e05
2e2d124a9509009451b18bd297b4d3e152d489d2d26f6b6940cb51b26d86ea0e
2ebe235a2321fa755c67c729d86d0e6580edda2f0a6990a07647d79da0cdb3ab
35d345a82fe5820a332ca49dae3f60884be182e388fbc55674aa685fc7d741bc
37a7918f1596d21356e4fba56ae52f2099325c3fc04d6b195358f9cc666f681e
3c85a1e6ba674b075f66be2255770e1c0c7050e17703c3cd3dbb1d188052b878
401b539c399a729da4612b645dcb692500765e575339874d0ade6b5aaecf5819
414060581c406a4d66fac71cdd93122b6b65b0af81bd6c0dbc4559efee6c2a43
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
487848b702f281f7aef585a67570e59e024864fadcc20cab75d72651ad8e5f05
542419831fe050633897e5104ae835d24a046a8bb0a4982c55d3a85f17bfdf8c
562d92ade48e724637dcda243511e37c05987857299fca4be6b63c86eb8da30c
56afe9a4247dfc80d83baefd9c520cf6f4874dc98a9c06ba259e1506607ac6f1
57b1270f49b4ae74b0f86f2bc05c5395fabd2315464ef6983bfbb077f00be10a
5a30ab0298785c31432b68d9121ae8eea42583e220bf307638602c2bb5608c98
5f3d5cb841300f7f7a3f9bfe10c205fcb06a1587885020005254f1034a4f3592
6135042f90b50f6e948c2080a2dbceb8214c1e0695b47ef0c91fcafeb1f08bf5
625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1
63f25809ec0e6a52c2edc1e3ec42669659c5d4f35ff7b224dbd1622824d0129e
65b3685f49bf4270427bcd8f45548e05faaa992a6262e98b25ff2364da189d60
65ce2d50684fd0b9487ca2d9468532d4f68a8638c03ea96c77993cac817fab5a
6d70e331bb5d0a542b5ae1105efc2b1ee3b7596d96f1eaf84ce78cfdf7b60104
7dcf070ccb745cc9ec40e8c29ebbc58fd8b3efcbae29e35a5def17727167461b
861a408b98b9f2525b2d58065162f747f675305e9ec73169295ef375d192bb91
8792c14790b1e2e6fb67b6cd6556ca32f6ff4c7bd19b9db56a4ff099d83395d7
8829abc4c445a849af9e51a2783f745fc48729538e231f5c4f9b1c7a1cb850e6
88604fce849b2caaddc6f743289c5c77f0b026f360a799d331f486f426e9cd47
8c7fb6432892d002309b855cf9df4cc47ed3a8e595b8071d9b37c66015ec4b41
8ccfb12d9242e079e524cd71f89d0c098c2772b0810ad83aa05938bdd6640b6e
8e77e9309941e37ab8d82e16962001aa70c6cce673753ddf96db3390a772f7c7
9004eb2ea667e7fa5bd352659d8662eff07e2c092a1dc399778b306b0804074f
924c72cc5f9c730be0aeaa2a7730e05d4d3f0d9042a22584090f2c1a38f56cbf
930131d07fcd78a4ca3e35afbc6bfbb65dc989336970ef55896da8b9117756b0
95cadaca4fe440b95e468ea01480a033a623fa07aca99a63c072ab9c864dd544
96e375c0d047ed434d3785e684e128b89304d6118b783837c2f4f2805d7fcd5e
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b641963a0599b55c11d0c30f4cda5f877dd399694e3057224ec7c6a6c5abd89
9d2071d21c7728e75e882a3240e59f7e175809de3296ca06cdd14273e84d6684
a20b3c301c2e72560096ec44bf3fdbf53b5aaf055b06501d3cb5c0d16ff9df03
a6b033cb9e7286b9fee591e65e43c240058b72d17c185d335ac025a8aed13f1e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab029484eafd6dc44c2940b9d7d8c0c907ea30b66e2eb6f2c95e7c18fd98ad69
af746a2ae180923dc94da9db2f48abaa8dae92d2efcba4afe1e92b53de817a2b
b3a8f5fa3e0a8460c97e798085a261381174215dce32e2db0e78c8865fa56355
b69eab8a828deb1b7454a2dc44de901484a2cb4c34772e0ec83f6a45a0cfa769
c2f549cd10d737b18e3601cc4a0dce7b0c2d7e5dcafabdb295527c36e9eb7075
cc473589d9a1e22c1fc122b38150b771cdc9954f1e6c299d6dc689e52c7d86f5
cd1e0e49100b42d0d8cf260558a79e0fa4281f218402fc847a64b8ac66f405f9
ce0bcafa52089b085d47486f507cc84a53481d9134d922512c45f107c52df557
d17343b9333952610ec116f4a49f2cdae787caa0de3fc95ffc102c27d96dd3bf
d4e88430beb4e9b7dc00b6284c05d51be10d8e65cdf30fc8694ae369acc9ba92
d61057c8d6aa11e1ff87dbece528028be432ef00a4dd77f28717df923f2e836a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e35104f1a05b82ceb2151127ad8ada2cc9702d25d48ee2eeb2dc26557b495ec2
e369bdd056d0a981d9e1a2f334a00544196a091d0b748586daf6b85fd18c4a27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a73c39901bb5ae743fa1329c30d10465b2486b263b853d6b43a80b35b9c179
e4db130a2e721f5600c7ec607f1c2d918b780c0fa0e3ceae4b3bc59a091c91b0
ecb7411cc730e77e362b0a0a695ec92d7767fb59759df145d7a8b46cd694a76a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef931918a971d8c9c7ec687833646e0f095d996b264bb09c092ff4da790ad596
f0baa2f585589b61492337c559286db0878134fe51795d9ba1cae33c87ea779f
f26b52e060b83802af003f033b7d2c3f0f4a5d7e3b260d09b10376892210c6aa
f2c19a3d8895d7d23b633ded630a23d1f4936ceb4406653bae1d3a8bd61123f2
f36e0382a3b650b5cd7664c64fffd18f829a77616b61a69a856ab3ffa57f1aaa
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191
f51a7084acc232699aae89df1b43c617dc73f1ebe12db9b6258965ec0946e969
fa1e29a5bed7ff4d26c852afa13b97e6b862d3cb12fe194eb691e69e307b3f89
fa28a930751c3124bcfaae3a7162f129c961eeedddd32e4f89bcb70da5d9518d