bookingscozumel.palaceresorts.com Open in urlscan Pro
51.254.62.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bookingscozumel.palaceresorts.com/
Submission: On February 15 via automatic, source certstream-suspicious (February 15th 2020, 8:00:20 pm UTC)

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 20 domains to perform 63 HTTP transactions. The main IP is 51.254.62.70, located in Germany and belongs to OVH, FR. The main domain is bookingscozumel.palaceresorts.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 13th 2020. Valid for: 3 months.

This is the only time bookingscozumel.palaceresorts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.254.62.70 51.254.62.70	16276 (OVH) (OVH)
13	143.204.98.146 143.204.98.146	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
2	51.254.62.77 51.254.62.77	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	147.75.102.13 147.75.102.13	54825 (PACKET) (PACKET)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 2	147.135.10.37 147.135.10.37	16276 (OVH) (OVH)
18	104.20.39.138 104.20.39.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST)
2	2a04:4e42:1b:... 2a04:4e42:1b::393	54113 (FASTLY) (FASTLY)
8	51.254.62.68 51.254.62.68	16276 (OVH) (OVH)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
1	147.75.100.69 147.75.100.69	54825 (PACKET) (PACKET)
1 3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	52.50.124.238 52.50.124.238	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
63	21

1 51.254.62.70 (Germany)

ASN16276 (OVH, FR)

bookingscozumel.palaceresorts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 143.204.98.146 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-146.fra50.r.cloudfront.net

d2jtzd336hs8un.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.254.62.77 (Germany)

ASN16276 (OVH, FR)

cloud.seekda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.seekda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.135.10.37 (Reston, United States) 2 redirects

ASN16276 (OVH, FR)
PTR: kurento.acquire.io

s.tagove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.20.39.138 (United States)

ASN13335 (CLOUDFLARENET, US)

s.acquire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.acquire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.113 (London, United Kingdom)

ASN15133 (EDGECAST, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::393 (Ascension Island)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.254.62.68 (Germany)

ASN16276 (OVH, FR)

hbe-api.kognitiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.seekda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apm-server.seekda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.69 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.50.124.238 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-124-238.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	acquire.io s.acquire.io media.acquire.io	294 KB
13	cloudfront.net d2jtzd336hs8un.cloudfront.net	992 KB
8	seekda.com cloud.seekda.com static.seekda.com log.seekda.com apm-server.seekda.com	29 KB
4	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net	12 KB
3	facebook.com 1 redirects www.facebook.com	776 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	79 KB
3	gstatic.com fonts.gstatic.com	67 KB
2	kognitiv.com hbe-api.kognitiv.com	889 B
2	cloudinary.com res.cloudinary.com	82 KB
2	tagove.com 2 redirects s.tagove.com	192 B
2	facebook.net connect.facebook.net	142 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	atdmt.com cx.atdmt.com	431 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	181 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	159 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	googleapis.com fonts.googleapis.com	630 B
1	polyfill.io cdn.polyfill.io	571 B
1	palaceresorts.com bookingscozumel.palaceresorts.com	37 KB
63	20

	Domain	Requested by
13	d2jtzd336hs8un.cloudfront.net	bookingscozumel.palaceresorts.com d2jtzd336hs8un.cloudfront.net
12	s.acquire.io	bookingscozumel.palaceresorts.com d2jtzd336hs8un.cloudfront.net s.acquire.io
6	media.acquire.io	s.acquire.io
4	apm-server.seekda.com	d2jtzd336hs8un.cloudfront.net bookingscozumel.palaceresorts.com
3	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
3	www.facebook.com	1 redirects bookingscozumel.palaceresorts.com
3	fonts.gstatic.com	bookingscozumel.palaceresorts.com
2	log.seekda.com	d2jtzd336hs8un.cloudfront.net bookingscozumel.palaceresorts.com
2	hbe-api.kognitiv.com	d2jtzd336hs8un.cloudfront.net bookingscozumel.palaceresorts.com
2	res.cloudinary.com	bookingscozumel.palaceresorts.com
2	s.tagove.com	2 redirects
2	connect.facebook.net	bookingscozumel.palaceresorts.com connect.facebook.net
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	cx.atdmt.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de	bookingscozumel.palaceresorts.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	tags.crwdcntrl.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	static.seekda.com	cloud.seekda.com
1	www.googletagmanager.com	bookingscozumel.palaceresorts.com
1	fonts.googleapis.com	bookingscozumel.palaceresorts.com
1	cloud.seekda.com	bookingscozumel.palaceresorts.com
1	cdn.polyfill.io	bookingscozumel.palaceresorts.com
1	bookingscozumel.palaceresorts.com
63	27

This site contains no links.

Subject Issuer	Validity	Valid
bookingscozumel.palaceresorts.com Let's Encrypt Authority X3	`2020-02-13` - `2020-05-13`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
www.kognitiv.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-02` - `2021-12-01`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
ssl368249.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-28` - `2020-06-05`	6 months	crt.sh
tags.crwdcntrl.net DigiCert SHA2 Secure Server CA	`2019-03-15` - `2021-04-07`	2 years	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2018-07-01` - `2020-06-22`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-01-20` - `2020-04-19`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://bookingscozumel.palaceresorts.com/
Frame ID: D8228C33CCB003B522A3FA5BB07B1738
Requests: 53 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 2867CF29CC3009E952C2D695A1465638
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=12310/rand=485005764/pv=y/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: C21CB6DF670F44964025DCF70BD850FD
Requests: 1 HTTP requests in this frame

Frame: https://s.acquire.io/cookie.html
Frame ID: D6937656E228773967665792E1BBBC1D
Requests: 1 HTTP requests in this frame

Frame: https://media.acquire.io/be477/new_chat_LB.png
Frame ID: 38221513466D8037C54E01DFA44FAF5B
Requests: 7 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=12310/rand=796238926/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: AF1053E6AFDBC147B99B488ECC24868E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

63
Requests

100 %
HTTPS

52 %
IPv6

20
Domains

27
Subdomains

21
IPs

7
Countries

1796 kB
Transfer

6068 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://s.tagove.com/a-be477/init.js HTTP 301
https://s.acquire.io/a-be477/init.js

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=162037552&t=pageview&_s=1&dl=https%3A%2F%2Fbookingscozumel.palaceresorts.com%2F&ul=en-us&de=UTF-8&dt=Cozumel%20Palace&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=225537113&gjid=1605178806&cid=946110933.1581796804&tid=UA-85687310-6&_gid=640114589.1581796804&_r=1&gtm=2wg250M7CKZGT&z=392657106 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85687310-6&cid=946110933.1581796804&jid=225537113&_gid=640114589.1581796804&gjid=1605178806&_v=j81&z=392657106 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-6&cid=946110933.1581796804&jid=225537113&_v=j81&z=392657106 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-6&cid=946110933.1581796804&jid=225537113&_v=j81&z=392657106&slf_rd=1&random=147127901

Request Chain 39

https://s.tagove.com/main.js HTTP 301
https://s.acquire.io/main.js

Request Chain 45

https://bcp.crwdcntrl.net/5/c=12310/rand=485005764/pv=y/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12310/rand=485005764/pv=y/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/rt=ifr

Request Chain 56

https://www.facebook.com/tr/?id=628382487258338&ev=Microdata&dl=https%3A%2F%2Fbookingscozumel.palaceresorts.com%2F&rl=&if=false&ts=1581796805319&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cozumel%20Palace%20%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1581796803810.132300571&it=1581796803751&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=16154616917599227293&f=AYw6uem5OWq5Tggj-nJsUShCgf20YK5DB39a4g4_1zkATo2xBiSdF_mf9EefAgEL70MrUJAuxstpiR3-KCMpIrD4&id=628382487258338&l=3&v=0

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bookingscozumel.palaceresorts.com/ 166 KB
37 KB 1137ms
227ms Document
text/html 51.254.62.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingscozumel.palaceresorts.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.70 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

eedb9a3791e6ce8a54f9a651c501a12a31f4a4f0372f7df1281c5ac9ba64d7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Host: bookingscozumel.palaceresorts.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Sat, 15 Feb 2020 20:00:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
ETag: W/"29999-DYPNEO46tUf0tGeZUcFXUd8nUrs"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

GET
H2 200 webpack-838b392324e3598684b5.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/runtime/ 1 KB
1 KB 1074ms
197ms Script
application/javascript 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/runtime/webpack-838b392324e3598684b5.js

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

404ae79ad9b03e63047736ebaf77df9a759b0add1fa42e02bd6a4f362d64098e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 17 Sep 2019 13:38:25 GMT
content-encoding: gzip
age: 13069298
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2019 17:15:15 GMT
x-frame-options: SAMEORIGIN
etag: W/"5c9bafa3-5ce"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: OelVqA6GlZjPDqt3AuUFX_4zZ_W_rQXOmBfQWPwJyMw5IE-NYpEWSQ==

GET
H2 200 commons.a33aa4d5bdfeebe3d334.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/ 2 MB
485 KB 1015ms
138ms Script
application/javascript 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/chunks/commons.a33aa4d5bdfeebe3d334.js

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

50b950f2ad267e0e26e3deeb2f3e56b55c8d1541bcea842235b685daaf66f411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 18:40:33 GMT
content-encoding: gzip
age: 350370
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Tue, 11 Feb 2020 18:37:56 GMT
x-frame-options: SAMEORIGIN
etag: W/"5e42f484-1ae431"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8YdPpUMYaOXLxMI66mmyjF1teJizXS5qmesR2dor1HVfmMrio5JIuA==

GET
H2 200 main-a83dcf51e6ad438a076a.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/runtime/ 15 KB
6 KB 920ms
43ms Script
application/javascript 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/runtime/main-a83dcf51e6ad438a076a.js

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

0850399b7ff25de33fec4f33a9ce53a08829f80519fe84963c9c7f236eca738e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:09:26 GMT
content-encoding: gzip
age: 46237
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Fri, 06 Dec 2019 18:09:46 GMT
x-frame-options: SAMEORIGIN
etag: W/"5dea996a-3d10"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DYKBcv1ufI1qKxMzZkipQ2ZZevbe7gRYd498EP48m7bj1GQHepVAZg==

GET
H2 200 styles.aa556c16603f590645df.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/ 86 B
536 B 1067ms
190ms Script
application/javascript 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/chunks/styles.aa556c16603f590645df.js

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

ca59dd4386f3324ad7413bdc73c10d844bc0c28fe1170b4a6beda11c8b14f486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:59:16 GMT
content-encoding: gzip
age: 43247
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2019 15:18:11 GMT
x-frame-options: SAMEORIGIN
etag: W/"5cebffb3-56"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: FGc47FwVmtsh_5nIPAS3fltBa1fnmzs7_P4gFevTj2P7-sFi80L2aA==

GET
H2 200 semantic.min.css
d2jtzd336hs8un.cloudfront.net/static/ 614 KB
101 KB 952ms
75ms Stylesheet
text/css 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/semantic.min.css?checksum=5f99d090bfef57b452eb516e05430565

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

fb32146b22a6e7cdd5457a025ef35f88250f65971da3bde15d82aef631c63a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 12:35:47 GMT
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
last-modified: Wed, 12 Jun 2019 15:10:24 GMT
age: 26656
etag: W/"5d0115e0-996e3"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000
access-control-allow-origin: *
x-amz-cf-id: ssAFHT7IEErUzpSwJL11abT1wHqqKpZk0b2Ch-M9vtMautFd966Xtw==
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)

GET
H2 200 icons.css
d2jtzd336hs8un.cloudfront.net/static/ 19 KB
4 KB 1039ms
162ms Stylesheet
text/css 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/icons.css?checksum=10237f48c3fa09118c62aea0fad9d4f4

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

b0a30bcf035ffe41d39eda71670849b0cf0f1b7bfbaceda519f2676b3dbe8164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 18 Feb 2019 19:49:51 GMT
age: 20357
x-frame-options: SAMEORIGIN
etag: "5c6b0c5f-4a0a"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
date: Sat, 15 Feb 2020 14:20:46 GMT
x-amz-cf-pop: FRA50-C1
access-control-allow-origin: *
x-amz-cf-id: 4Aw3zTkPi0GJYGuKwz0cIivMrnF5IHlm0IkNAHh9zxO7DEQE9iGw2g==
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)

GET
H2 200 icons-extended.css
d2jtzd336hs8un.cloudfront.net/static/ 9 KB
2 KB 919ms
43ms Stylesheet
text/css 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/icons-extended.css?checksum=c68829aa4263885cfc63b20639cec261

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

25941065c411f81473eb4e447130945ba13cab3b87bab7920e404b442eec7300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 18 Feb 2019 19:49:51 GMT
age: 25326
x-frame-options: SAMEORIGIN
etag: "5c6b0c5f-250b"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
date: Sat, 15 Feb 2020 12:57:57 GMT
x-amz-cf-pop: FRA50-C1
access-control-allow-origin: *
x-amz-cf-id: 09HdK9mbQRc23HpZT2DPbi3urigxPOwwbPtedmZK7vvZFnvdkhIPSQ==
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)

GET
H2 200 styles.bd4f6453.chunk.css
d2jtzd336hs8un.cloudfront.net/_next/static/css/ 183 KB
31 KB 1008ms
132ms Stylesheet
text/css 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/css/styles.bd4f6453.chunk.css

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

42034e972610a048ced9b5a34666245d29a3a48dce8f8a0a5bc8051c7c03f339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 03:57:39 GMT
content-encoding: gzip
age: 57744
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Mon, 03 Feb 2020 23:33:10 GMT
x-frame-options: SAMEORIGIN
etag: W/"5e38adb6-2da59"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ytZ-QXofMwzVajZIA66S_QLe0LnjUS14gwXLgVSfTTH-MpZYGvXVpQ==

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
571 B 27ms
7ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.Intl.~locale.en,Intl.~locale.ar,Intl.~locale.be,Intl.~locale.bg,Intl.~locale.ca,Intl.~locale.cs,Intl.~locale.da,Intl.~locale.de,Intl.~locale.el,Intl.~locale.es,Intl.~locale.et,Intl.~locale.fi,Intl.~locale.fr,Intl.~locale.ga,Intl.~locale.hi,Intl.~locale.hr,Intl.~locale.hu,Intl.~locale.id,Intl.~locale.is,Intl.~locale.it,Intl.~locale.he,Intl.~locale.ja,Intl.~locale.ko,Intl.~locale.lt,Intl.~locale.lv,Intl.~locale.mk,Intl.~locale.ms,Intl.~locale.mt,Intl.~locale.nb,Intl.~locale.nl,Intl.~locale.pl,Intl.~locale.pt,Intl.~locale.ro,Intl.~locale.ru,Intl.~locale.sk,Intl.~locale.sl,Intl.~locale.sq,Intl.~locale.sr,Intl.~locale.sv,Intl.~locale.th,Intl.~locale.tr,Intl.~locale.uk,Intl.~locale.vi,Intl.~locale.zh

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 4550360
normalized-user-agent: chrome/74.0.0
detected-user-agent: Chrome/74.0.3729
status: 200
date: Sat, 15 Feb 2020 20:00:02 GMT
request_came_from_shield: FRA
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
etag: W/"7e-Lg1mQtlDtrujPBTtidtsoNmOeEQ"
vary: User-Agent, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 69549e60-3d6e-0136-cbf5-0050568253f2.js Show response
cloud.seekda.com/w/w-tracking-api/group:BookingFlow/ 18 KB
7 KB 224ms
82ms Script
text/javascript 51.254.62.77
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.seekda.com/w/w-tracking-api/group:BookingFlow/69549e60-3d6e-0136-cbf5-0050568253f2.js
Requested by: Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.62.77 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.8.1 + Phusion Passenger 5.0.24 / Phusion Passenger Enterprise 5.0.24
Resource Hash: de1f40657caf399bca0d07e362f66a7976c547f303e05313db7e961630e2551e

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Runtime: 0.035118
Date: Sat, 15 Feb 2020 20:00:02 GMT
Content-Encoding: gzip
Server: nginx/1.8.1 + Phusion Passenger 5.0.24
X-Powered-By: Phusion Passenger Enterprise 5.0.24
ETag: W/"80fcdd62c57ec773511fb15072da0bd5"
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: c871ac9bc447584fbf94eb1ec633abd2
X-Rack-Cache: miss
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 index.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/1GUnnCyF6HaSpvGicWfQh/pages/ 320 KB
83 KB 156ms
155ms Script
application/javascript 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/1GUnnCyF6HaSpvGicWfQh/pages/index.js

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

3af7c402bc8384fca2f386721a93b548cd653afd75ff03c94159d853b988234b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 18:40:33 GMT
content-encoding: gzip
age: 350370
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Tue, 11 Feb 2020 18:38:55 GMT
x-frame-options: SAMEORIGIN
etag: W/"5e42f4bf-5017c"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jpkoFNqyPb8HxhsQtF3vCyrFk-nQdsDvQcJaAeaGor-4XDSJuZUCMw==

GET
H2 200 _app.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/1GUnnCyF6HaSpvGicWfQh/pages/ 63 KB
15 KB 155ms
154ms Script
application/javascript 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/1GUnnCyF6HaSpvGicWfQh/pages/_app.js

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

7b87291587957c928ca4ed4a8dc0c97fe937b0876e386c126cb0cc8c8c0e9d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 03:57:39 GMT
content-encoding: gzip
age: 57744
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Tue, 11 Feb 2020 18:37:56 GMT
x-frame-options: SAMEORIGIN
etag: W/"5e42f484-fac8"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RSLT4l7Ig4yg6Iael6jJ0CK_trEGPXIkw2QmvwDe5gplvSoQxs_znA==

GET
H2 200 elastic-apm-js-base.umd.min.js Show response
d2jtzd336hs8un.cloudfront.net/static/scripts/ 64 KB
18 KB 1067ms
197ms Script
application/javascript 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

638edab9dc8582110d373f1db5fe53d2993dc03de261e8bcadc5e860775cf60d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 04:46:48 GMT
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
last-modified: Tue, 12 Feb 2019 13:06:53 GMT
age: 53419
etag: W/"5c62c4ed-101b2"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000
access-control-allow-origin: *
x-amz-cf-id: lu903VJtTdp8rFjDA5A2FtJFOGsWgfv4-NcEzbANl2vkVB294MPjFw==
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ 3 KB
630 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 20:00:03 GMT
server: ESF
date: Sat, 15 Feb 2020 20:00:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Feb 2020 20:00:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
40 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7CKZGT

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4d086388f0ef8679a07e87bd3676e8222a56d1aa028984807b751e93db58616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 20:00:03 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41156
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Feb 2020 20:00:03 GMT

GET
H2 200 bf-icons-extended.ttf
d2jtzd336hs8un.cloudfront.net/static/ 92 KB
92 KB 140ms
63ms Font
application/octet-stream 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/bf-icons-extended.ttf

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

fd15c1d08eecfa3bebd1c8a1e28836de2f04036509f7ee65e1945cc0decd725d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://d2jtzd336hs8un.cloudfront.net/static/icons-extended.css?checksum=c68829aa4263885cfc63b20639cec261
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:59:17 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Mon, 18 Feb 2019 19:50:08 GMT
age: 43246
etag: "5c6b0c70-16eac"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000
access-control-allow-origin: *
content-length: 93868
x-amz-cf-id: GN9GMZ2v2iPZgbbgoGa-b_JsQkZcpP_3bfLQN2beAe0vHtyQHPk9eg==

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7CA.ttf
fonts.gstatic.com/s/robotocondensed/v18/ 35 KB
20 KB 6ms
5ms Font
font/ttf 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7CA.ttf

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7649ce6be20fce64c9154e7b9d8e59df09184f5cb62740f533c24b94776eceb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 03:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1268803
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20629
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:48:10 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Jan 2021 03:33:20 GMT

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3dd7835a67a74da51d59fce90e3c24f8dbe7acbab1e25406efc502c35326381

Request headers

Origin: https://bookingscozumel.palaceresorts.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xMB.ttf
fonts.gstatic.com/s/dosis/v17/ 49 KB
27 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v17/HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xMB.ttf

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41fd2074849a3aa762fafe5b92a5d2d518bfff78072e55e24d07665ea7ad039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 03:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 923446
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27076
x-xss-protection: 0
last-modified: Tue, 04 Feb 2020 22:46:28 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 03:29:17 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYag.ttf
fonts.gstatic.com/s/robotocondensed/v18/ 35 KB
20 KB 6ms
6ms Font
font/ttf 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYag.ttf

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3114cffcc2fc4ad6c6912c03aad1b6908549013fba4a721340f5c6d8a1d3c2d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 00:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1020707
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20643
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:48:14 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 00:28:16 GMT

GET
H/1.1 200
OK tracking-api.min.js Show response
static.seekda.com/widgets/tracking-api/js/ 68 KB
20 KB 172ms
45ms Script
application/javascript 51.254.62.77
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.seekda.com/widgets/tracking-api/js/tracking-api.min.js?R697cb92d440ac30cd0de608f72d1322ce43775c0
Requested by: Host: cloud.seekda.com
URL: https://cloud.seekda.com/w/w-tracking-api/group:BookingFlow/69549e60-3d6e-0136-cbf5-0050568253f2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.62.77 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 7a80e9f85c96eb45ddca8f776e4bfd4083082a2526a9a88f8b4e54d02a590a99

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 15 Feb 2020 20:00:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Feb 2020 15:48:41 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1116e-59e3aac6680b1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, max-age=1000000000, public
Accept-Ranges: bytes
Content-Length: 20460
Expires: Sun, 14 Feb 2021 20:00:03 GMT

GET
H2 200 hotjar-630323.js Show response
static.hotjar.com/c/ 84 KB
8 KB 72ms
22ms Script
application/javascript 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-630323.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7CKZGT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress1

Software

Resource Hash

5318d9787d97afa58f1fd7c37de9e23f2f0e94985cf5fd35d448dd0e5e5389b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 20:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 95
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 8204
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/1d305d8a88650088ce569f8f01cc51e3
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.020
accept-ranges: bytes
section-io-id: 805c4cd0d59c16bc37a9a32071ecfba8
section-origin-responded: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7CKZGT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5191
date: Sat, 15 Feb 2020 18:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sat, 15 Feb 2020 20:33:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: qlVfZUAjaK3pFx84Suqd99A55KnCzlQE4zBVMnlvx/3FChTzf6Yf77360OXzdagvRDMlbIqBbFEfKDRe+qq3SA==
x-fb-trip-id: 1850256238
date: Sat, 15 Feb 2020 20:00:03 GMT, Sat, 15 Feb 2020 20:00:03 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

init.js Show response
s.acquire.io/a-be477/
Redirect Chain

https://s.tagove.com/a-be477/init.js
https://s.acquire.io/a-be477/init.js

7 KB
3 KB

107ms
56ms

Script
application/javascript

104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/a-be477/init.js

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0ba4e53e0f817a7314b9289e04dab9fec63db5813dc35b04d8ffe55847402aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 375153
x-powered-by: Express
status: 200
strict-transport-security: max-age=15552000; preload
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=5184000
cf-polished: origSize=12613
cf-ray: 5659dda94a6dbdc8-AMS
expires: Sat, 11 Apr 2020 11:47:31 GMT

Redirect headers

status: 301
date: Sat, 15 Feb 2020 20:00:03 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 194
location: https://s.acquire.io/a-be477/init.js
content-type: text/html

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/12310/ 38 KB
11 KB 94ms
24ms Script
application/javascript 93.184.220.113
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/12310/cc.js?ns=_cc12310
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7CKZGT
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.113 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B86) /
Resource Hash: 35f15b99034de36c4b2cf42148015fb2df33be155e760ac8462063d016af7692

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 20:00:03 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 16:55:22 GMT
server: ECS (amb/6B86)
age: 86221
etag: "5e20957a-97cd+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 11238
expires: Sun, 16 Feb 2020 20:00:03 GMT

GET
H2 200 CZ.jpg
res.cloudinary.com/seekda/image/upload/v1538528286/production/S001268/ 76 KB
77 KB 23ms
8ms Image
image/jpeg 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/seekda/image/upload/v1538528286/production/S001268/CZ.jpg

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

90d01926f8ac90b9cb059f7207ef4bb431912d5fad10b469cc94a189c1bc3415

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 20:00:03 GMT
last-modified: Wed, 03 Oct 2018 00:58:07 GMT
server: Cloudinary
access-control-allow-origin: *
etag: "6681071e447d06addaff8f6f9a311a19"
strict-transport-security: max-age=604800
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cloudinary;dur=84;start=2020-02-06T10:46:00.535Z,fastly;dur=0;total=1;start=2020-02-15T20:00:03.722Z;desc=HIT,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 78317

GET
H2 200 logo.png
res.cloudinary.com/seekda/image/upload/v1538529498/production/S001268/ 5 KB
5 KB 24ms
8ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/seekda/image/upload/v1538529498/production/S001268/logo.png

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b450e04fdc707956fd3f25f31d864263d7dd197d77bebe4204fc071ebdc9dc84

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 20:00:03 GMT
last-modified: Wed, 03 Oct 2018 01:18:19 GMT
server: Cloudinary
access-control-allow-origin: *
etag: "bb034793cfa000983178f124ac53c389"
strict-transport-security: max-age=604800
content-type: image/png
status: 200
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cloudinary;dur=86;start=2020-02-06T10:46:00.536Z,fastly;dur=0;total=1;start=2020-02-15T20:00:03.723Z;desc=HIT,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 4652

OPTIONS
H/1.1 200
OK offers Show response
hbe-api.kognitiv.com/ 0
426 B 159ms
37ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hbe-api.kognitiv.com/offers
Requested by: Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.62.68 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://bookingscozumel.palaceresorts.com
Referer: https://bookingscozumel.palaceresorts.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 15 Feb 2020 20:00:03 GMT
Access-Control-Allow-Origin: https://bookingscozumel.palaceresorts.com
Vary: Origin
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Status: 200 OK
Cache-control: private
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Access-Control-Allow-Headers: content-type

GET
H2 200 bf-icons.ttf
d2jtzd336hs8un.cloudfront.net/static/ 153 KB
153 KB 37ms
37ms Font
application/octet-stream 143.204.98.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/bf-icons.ttf

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/_next/static/1GUnnCyF6HaSpvGicWfQh/pages/index.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.146 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-146.fra50.r.cloudfront.net

Software

Resource Hash

6004f0b7111e09c8acdae325b3e75d38f965d89d6321df8811dabaf44d76d5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://d2jtzd336hs8un.cloudfront.net/static/icons.css?checksum=10237f48c3fa09118c62aea0fad9d4f4
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 18:34:08 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Mon, 18 Feb 2019 19:50:08 GMT
age: 4800
etag: "5c6b0c70-26218"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000
access-control-allow-origin: *
content-length: 156184
x-amz-cf-id: LFmVfyVdNbuDKCVGnXUZdhPljiBC11cILEyiD3hZ7-4_dFUn4XIRaA==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=162037552&t=pageview&_s=1&dl=https%3A%2F%2Fbookingscozumel.palaceresorts.com%2F&ul=en-us&de=UTF-8&dt=Cozumel%20Palace&sd=24-bit&sr=1600x1200&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85687310-6&cid=946110933.1581796804&jid=225537113&_gid=640114589.1581796804&gjid=1605178806&_v=j81&z=392657106
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-6&cid=946110933.1581796804&jid=225537113&_v=j81&z=392657106
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-6&cid=946110933.1581796804&jid=225537113&_v=j81&z=392657106&slf_rd=1&random=147127901

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-6&cid=946110933.1581796804&jid=225537113&_v=j81&z=392657106&slf_rd=1&random=147127901

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 20:00:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 20:00:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-6&cid=946110933.1581796804&jid=225537113&_v=j81&z=392657106&slf_rd=1&random=147127901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.a6ee02de5873aa236440.js Show response
script.hotjar.com/ 401 KB
70 KB 70ms
22ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.a6ee02de5873aa236440.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-630323.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: /
Resource Hash: 58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 20:00:03 GMT
content-encoding: br
content-type: application/javascript
age: 194369
status: 200
section-io-cache: Hit
content-length: 71483
last-modified: Thu, 13 Feb 2020 14:00:36 GMT
etag: "a29cc766b3eae227e61b1b428741bb6c"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.028
accept-ranges: bytes
section-io-id: e9ae340f55e521917fc95592c78d8554
section-origin-responded: true

GET
H2 200 628382487258338 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/628382487258338?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efc571bd1d583f32b914081b6884b4d9876cda7f0b1a21cf54092111efd9269c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114948
x-xss-protection: 0
pragma: public
x-fb-debug: aMrZsRtoPkxWHPlP/8IOBpSsfL/WJlXo/K+P7Dgrks7D/yJC7tZWY4zRvbhRjAKm6weVb6QQTstPScu+KPuo5Q==
x-fb-trip-id: 1850256238
date: Sat, 15 Feb 2020 20:00:03 GMT, Sat, 15 Feb 2020 20:00:03 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 2867 0
0 67ms
19ms Document
text/html 147.75.100.69
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-630323.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.69 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress16
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://bookingscozumel.palaceresorts.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://bookingscozumel.palaceresorts.com/

Response headers

status: 200
date: Sat, 15 Feb 2020 20:00:03 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 29 Jan 2020 12:33:12 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.082
section-origin-responded: true
age: 1495426
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: fc377cc85624a35aae68f7ffd6aaa178

GET
H2 200 /
www.facebook.com/tr/ 44 B
247 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=628382487258338&ev=PageView&dl=https%3A%2F%2Fbookingscozumel.palaceresorts.com%2F&rl=&if=false&ts=1581796803811&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581796803810.132300571&it=1581796803751&coo=false&rqm=GET

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 20:00:03 GMT, Sat, 15 Feb 2020 20:00:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 15 Feb 2020 20:00:03 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
202 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=628382487258338&ev=ViewContent&dl=https%3A%2F%2Fbookingscozumel.palaceresorts.com%2F&rl=&if=false&ts=1581796803812&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581796803810.132300571&it=1581796803751&coo=false&rqm=GET

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 20:00:03 GMT, Sat, 15 Feb 2020 20:00:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 15 Feb 2020 20:00:03 GMT

POST
H/1.1 500
Internal Server Error offers Show response
hbe-api.kognitiv.com/ 35 B
463 B 342ms
342ms XHR
application/json 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hbe-api.kognitiv.com/offers
Requested by: Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.62.68 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7d291f6a021934a5ff5023c681ba2a29f482c1a6092d077edc32e2efe6b72ef7

Request headers

Accept: application/json, text/plain, */*
Referer: https://bookingscozumel.palaceresorts.com/
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Sat, 15 Feb 2020 20:00:04 GMT
Status: 500 Internal Server Error
ETag: W/"23-DMHxwEnqiYfyXhUSKuxVQGO1T+g"
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://bookingscozumel.palaceresorts.com
Access-Control-Allow-Credentials: true
Content-Length: 35

GET
H2 200 frontend Show response
s.acquire.io/a-be477/init/ 54 KB
20 KB 377ms
311ms XHR
application/json 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/a-be477/init/frontend

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

eeff6473ac9e40f8c431cb3a40d423d92c5d4bde8f6bc6e846ef05d361d1d6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bookingscozumel.palaceresorts.com
cache-control: no-cache
strict-transport-security: max-age=15552000; preload
cf-ray: 5659ddaa19d5722d-AMS

GET
H2 200 jshash Show response
s.acquire.io/ 91 B
582 B 171ms
106ms XHR
application/json 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/jshash?type=frontend

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d76eab2ff2b7e77df5fa335321cfd91e686b0e6f8bb229b7fae1f8deebf7ac8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: Express
status: 200
vary: Accept-Encoding
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bookingscozumel.palaceresorts.com
cache-control: no-cache
cf-ray: 5659ddaa19d6722d-AMS
access-control-allow-headers: X-Requested-With

GET
H2

200

main.js Show response
s.acquire.io/
Redirect Chain

https://s.tagove.com/main.js
https://s.acquire.io/main.js

51 B
206 B

62ms
62ms

Script
application/javascript

104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/main.js

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecbea42fe84a1122cc5bd7cf6a724913ea242970fe999cb7ec34a3ae623f4570

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1672
cf-polished: origSize=52
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Sat, 29 Dec 2018 08:59:21 GMT
server: cloudflare
etag: W/"5c273769-34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5659ddaabbd4bdc8-AMS
cf-bgj: minify

Redirect headers

status: 301
date: Sat, 15 Feb 2020 20:00:04 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 194
location: https://s.acquire.io/main.js
content-type: text/html

OPTIONS
H/1.1 200 json Show response
log.seekda.com/ 0
566 B 178ms
45ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://log.seekda.com/json

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.68 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: POST
Origin: https://bookingscozumel.palaceresorts.com
Referer: https://bookingscozumel.palaceresorts.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Vary: Origin
Date: Sat, 15 Feb 2020 20:00:03 GMT
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Access-Control-Allow-Methods: HEAD,GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Headers: content-type
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: 0

OPTIONS
H/1.1 200
OK events Show response
apm-server.seekda.com/intake/v2/rum/ 0
422 B 191ms
48ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-server.seekda.com/intake/v2/rum/events

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.68 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://bookingscozumel.palaceresorts.com
Referer: https://bookingscozumel.palaceresorts.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 15 Feb 2020 20:00:04 GMT
X-Content-Type-Options: nosniff
Vary: Origin
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://bookingscozumel.palaceresorts.com
Access-Control-Expose-Headers: Etag
Access-Control-Max-Age: 3600
Strict-Transport-Security: max-age=31536000;
Access-Control-Allow-Headers: Content-Type, Content-Encoding, Accept
Content-Length: 0

GET
H2 200 frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 555 KB
173 KB 91ms
91ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/a-be477/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d9709cf5f304c960a35d2ddaa2a29f1208208aa0bb9bc94dc33df84333c4e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 141879
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:57 GMT
server: cloudflare
etag: W/"5e462245-8aac2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659ddaacbe9bdc8-AMS
expires: Mon, 24 Feb 2020 04:35:25 GMT

POST
H/1.1 200 json Show response
log.seekda.com/ 0
379 B 48ms
48ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://log.seekda.com/json

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.68 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://bookingscozumel.palaceresorts.com/
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Sat, 15 Feb 2020 20:00:03 GMT
Vary: Origin
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: 0

POST
H/1.1 202
Accepted events Show response
apm-server.seekda.com/intake/v2/rum/ 0
232 B 47ms
47ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-server.seekda.com/intake/v2/rum/events

Requested by

Host: bookingscozumel.palaceresorts.com
URL: https://bookingscozumel.palaceresorts.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.68 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-ndjson

Response headers

Access-Control-Allow-Origin: https://bookingscozumel.palaceresorts.com
Date: Sat, 15 Feb 2020 20:00:04 GMT
X-Content-Type-Options: nosniff
Content-Length: 0
Strict-Transport-Security: max-age=31536000;

GET
H/1.1

200
OK

Cookie set rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=12310/rand=485005764/pv=y/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/ Frame C21C
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12310/rand=485005764/pv=y/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=12310/rand=485005764/pv=y/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/rt=ifr

0
0

100ms
100ms

Document
text/html

52.50.124.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12310/rand=485005764/pv=y/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12310/cc.js?ns=_cc12310
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.124.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-124-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://bookingscozumel.palaceresorts.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://bookingscozumel.palaceresorts.com/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 15 Feb 2020 20:00:04 GMT
Expires: 0
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 20:11:00 GMT;SameSite=None;Secure _cc_id=8d3fecea29868f8bf7629b2a5c236f3b;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 20:11:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQsEgxTktNTk00srQws0izSEozNzOyTDJKNE02MjZLM05iAII4D98jv%2F7%2F%2F8%2FPAAM8Ux6el2aclsDwn5GRYXrnMxkY%2B9ZJdRjzwuI5LDD2uaOHmGHsB1N7GGHs5R8tYczLz%2B%2FIwtiHkbReOvWIDcZuXf%2BUG8bev%2FwoXD0AYn9A8Q%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 20:11:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCI8%2FA9wgADzAysbT4gBltNLohibe4FkgBYnASW";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 20:11:00 GMT;Max-Age=23328000;SameSite=None;Secure
Vary: Accept-Encoding
X-Server: 10.45.18.182
Content-Length: 686
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Date: Sat, 15 Feb 2020 20:00:04 GMT
Expires: 0
Location: https://bcp.crwdcntrl.net/5/ct=y/c=12310/rand=485005764/pv=y/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/rt=ifr
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
X-Server: 10.45.24.88
Content-Length: 0
Connection: keep-alive

GET
H2 200 13.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 331 KB
56 KB 54ms
53ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/13.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f277a42a1d0bd45b4a21ae64c53163a9e34baa781e502f407d9ab948b0d6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 141832
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:17 GMT
server: cloudflare
etag: W/"5e46221d-52c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659ddad9eefbdc8-AMS
expires: Mon, 24 Feb 2020 04:36:12 GMT

GET
H2 200 66.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 439 B
397 B 48ms
48ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/66.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7266287380057ccde528022ec92dfc5ac86791f30a1267fe3b77ea9441144d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 139305
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:22 GMT
server: cloudflare
etag: W/"5e462222-1b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659ddae1f88bdc8-AMS
expires: Mon, 24 Feb 2020 05:18:19 GMT

GET
H2 200 60.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 1 KB
593 B 50ms
49ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/60.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f4db85527c3283b14b9b89fceda3392c43f6c289fcbef60e4e306a85507425e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 139305
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:22 GMT
server: cloudflare
etag: W/"5e462222-4aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659ddae1f9bbdc8-AMS
expires: Mon, 24 Feb 2020 05:18:19 GMT

GET
H2 200 cookie.html
s.acquire.io/ Frame D693 0
0 109ms
108ms Document
text/html 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/cookie.html

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.acquire.io
:scheme: https
:path: /cookie.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://bookingscozumel.palaceresorts.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://bookingscozumel.palaceresorts.com/

Response headers

status: 200
date: Sat, 15 Feb 2020 20:00:04 GMT
content-type: text/html
set-cookie: __cfduid=d72085e35fe90a9d530dacc8a1cfa9db91581796804; expires=Mon, 16-Mar-20 20:00:04 GMT; path=/; domain=.acquire.io; HttpOnly; SameSite=Lax; Secure
cf-ray: 5659ddae2fb9bdc8-AMS
cache-control: max-age=1209600, public, max-age=1209600
expires: Sat, 29 Feb 2020 20:00:04 GMT
last-modified: Mon, 27 May 2019 13:18:00 GMT
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
server: cloudflare
content-encoding: gzip

GET
H2 200 new_chat_LB.png
media.acquire.io/be477/ Frame 3822 3 KB
4 KB 49ms
40ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_LB.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e41b897b2018e5ba2c01ec39256a5fad1030826b28c9a539c9b5d19fd6af20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 20:00:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 375151
cf-polished: origFmt=png, origSize=5765
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_LB.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3550
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:45 GMT
server: cloudflare
etag: 0x8D79F3C12559E1C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: 4a08ecae-601e-00dc-622d-dfe445000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659ddae781ebdc8-AMS
cf-bgj: imgq:100

GET
H2 200 new_chat_MP.png
media.acquire.io/be477/ Frame 3822 3 KB
3 KB 44ms
35ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_MP.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c21c645dec6e9f3dce4f7fe7c4ceb25ebe572625b1c8ad09c5274c2fbe986fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 20:00:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 375151
cf-polished: origFmt=png, origSize=5632
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_MP.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3058
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:44 GMT
server: cloudflare
etag: 0x8D79F3C1245BBC2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: f3cb74c2-801e-007c-4cac-dd2b23000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659ddae7821bdc8-AMS
cf-bgj: imgq:100

GET
H2 200 new_chat_PR.png
media.acquire.io/be477/ Frame 3822 3 KB
3 KB 44ms
35ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_PR.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b84922cc94f5d93337babc2da0649a8409156c927cb00d2d529be959dcd225a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 20:00:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 375151
cf-polished: origFmt=png, origSize=5572
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_PR.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3180
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:44 GMT
server: cloudflare
etag: 0x8D79F3C1243230C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: 10245a08-201e-0071-1df5-dcc42f000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659ddae781bbdc8-AMS
cf-bgj: imgq:100

OPTIONS
H/1.1 200
OK events Show response
apm-server.seekda.com/intake/v2/rum/ 0
422 B 42ms
42ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-server.seekda.com/intake/v2/rum/events

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.68 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://bookingscozumel.palaceresorts.com
Referer: https://bookingscozumel.palaceresorts.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 15 Feb 2020 20:00:05 GMT
X-Content-Type-Options: nosniff
Vary: Origin
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://bookingscozumel.palaceresorts.com
Access-Control-Expose-Headers: Etag
Access-Control-Max-Age: 3600
Strict-Transport-Security: max-age=31536000;
Access-Control-Allow-Headers: Content-Type, Content-Encoding, Accept
Content-Length: 0

POST
H/1.1 202
Accepted events Show response
apm-server.seekda.com/intake/v2/rum/ 0
232 B 75ms
74ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-server.seekda.com/intake/v2/rum/events

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.68 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
Origin: https://bookingscozumel.palaceresorts.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-ndjson

Response headers

Access-Control-Allow-Origin: https://bookingscozumel.palaceresorts.com
Date: Sat, 15 Feb 2020 20:00:05 GMT
X-Content-Type-Options: nosniff
Content-Length: 0
Strict-Transport-Security: max-age=31536000;

GET
H/1.1 200
OK Cookie set rt=ifr
bcp.crwdcntrl.net/5/c=12310/rand=796238926/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/ Frame AF10 0
0 95ms
95ms Document
text/html 52.50.124.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=12310/rand=796238926/int=%23OpR%2381979%23bookingscozumel.palaceresorts%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12310/cc.js?ns=_cc12310
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.124.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-124-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://bookingscozumel.palaceresorts.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _cc_dc=1; _cc_id=8d3fecea29868f8bf7629b2a5c236f3b; _cc_cc="ACZ4nGNQsEgxTktNTk00srQws0izSEozNzOyTDJKNE02MjZLM05iAII4D98jv%2F7%2F%2F8%2FPAAM8Ux6el2aclsDwn5GRYXrnMxkY%2B9ZJdRjzwuI5LDD2uaOHmGHsB1N7GGHs5R8tYczLz%2B%2FIwtiHkbReOvWIDcZuXf%2BUG8bev%2FwoXD0AYn9A8Q%3D%3D"; _cc_aud="ABR4nGNgYGCI8%2FA9wgADzAysbT4gBltNLohibe4FkgBYnASW"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://bookingscozumel.palaceresorts.com/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 15 Feb 2020 20:00:05 GMT
Expires: 0
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_id=8d3fecea29868f8bf7629b2a5c236f3b;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 20:11:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQsEgxTktNTk00srQws0izSEozNzOyTDJKNE02MjZLM05iAII4D9%2BjP%2F%2F%2F%2F8%2FPAAM8Ux6el2aclsDwn5GRYXrnMxkY%2B9ZJdRjzwuI5LDD2uaOHmGHsB1N7GGHs5R8tYczLz%2B%2FIwtiHkbReOvWIDcZuXf%2BUG8bev%2FwoXD0AYoBA8Q%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 20:11:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCI8%2FA9ygADzAysbT4gBltNLohibe4FkgBYvASX";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 20:11:00 GMT;Max-Age=23328000;SameSite=None;Secure
Vary: Accept-Encoding
X-Server: 10.45.4.244
Content-Length: 159
Connection: keep-alive

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=628382487258338&ev=Microdata&dl=https%3A%2F%2Fbookingscozumel.palaceresorts.com%2F&rl=&if=false&ts=1581796805319&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Co...
https://cx.atdmt.com/?c=16154616917599227293&f=AYw6uem5OWq5Tggj-nJsUShCgf20YK5DB39a4g4_1zkATo2xBiSdF_mf9EefAgEL70MrUJAuxstpiR3-KCMpIrD4&id=628382487258338&l=3&v=0

42 B
431 B

475ms
39ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=16154616917599227293&f=AYw6uem5OWq5Tggj-nJsUShCgf20YK5DB39a4g4_1zkATo2xBiSdF_mf9EefAgEL70MrUJAuxstpiR3-KCMpIrD4&id=628382487258338&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 15 Feb 2020 20:00:05 GMT, Sat, 15 Feb 2020 20:00:05 GMT, Sat, 15 Feb 2020 20:00:05 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-24=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 20:00:05 GMT, Sat, 15 Feb 2020 20:00:05 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=16154616917599227293&f=AYw6uem5OWq5Tggj-nJsUShCgf20YK5DB39a4g4_1zkATo2xBiSdF_mf9EefAgEL70MrUJAuxstpiR3-KCMpIrD4&id=628382487258338&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-24=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 17.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 51 KB
15 KB 50ms
50ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/17.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c03962d551d9a86909c6fca2a2fcdc141302bccf46f7ef3ff93e3ec8b69bd11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 20:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 141880
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:19 GMT
server: cloudflare
etag: W/"5e46221f-cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659ddb5bfdabdc8-AMS
expires: Mon, 24 Feb 2020 04:35:26 GMT

GET
H2 200 loading-main.gif
s.acquire.io/asset/ Frame 3822 3 KB
3 KB 49ms
49ms Image
image/gif 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.acquire.io/asset/loading-main.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c070cc0bb1207c7c7e9d482e830fdf62dd9a771b97472dd2aab0bb08848bcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 20:00:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4544
cf-polished: origSize=21696, status=webp_bigger
status: 200
last-modified: Sat, 29 Dec 2018 08:59:21 GMT
strict-transport-security: max-age=15552000; preload
content-length: 2676
cf-bgj: imgq:100
server: cloudflare
etag: "5c273769-54c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=21600, public, max-age=21600
accept-ranges: bytes
cf-ray: 5659ddb5cfe4bdc8-AMS
expires: Sun, 16 Feb 2020 00:44:22 GMT

GET
H2 200 new_chat_LB.png
media.acquire.io/be477/ Frame 3822 3 KB
4 KB 40ms
40ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_LB.png

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e41b897b2018e5ba2c01ec39256a5fad1030826b28c9a539c9b5d19fd6af20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 20:00:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 375153
cf-polished: origFmt=png, origSize=5765
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_LB.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3550
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:45 GMT
server: cloudflare
etag: 0x8D79F3C12559E1C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: 4a08ecae-601e-00dc-622d-dfe445000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659ddb6182bbdc8-AMS
cf-bgj: imgq:100

GET
H2 200 new_chat_MP.png
media.acquire.io/be477/ Frame 3822 3 KB
3 KB 51ms
50ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_MP.png

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c21c645dec6e9f3dce4f7fe7c4ceb25ebe572625b1c8ad09c5274c2fbe986fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 20:00:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 375153
cf-polished: origFmt=png, origSize=5632
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_MP.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3058
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:44 GMT
server: cloudflare
etag: 0x8D79F3C1245BBC2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: f3cb74c2-801e-007c-4cac-dd2b23000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659ddb6182cbdc8-AMS
cf-bgj: imgq:100

GET
H2 200 new_chat_PR.png
media.acquire.io/be477/ Frame 3822 3 KB
3 KB 58ms
58ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_PR.png

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b84922cc94f5d93337babc2da0649a8409156c927cb00d2d529be959dcd225a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 20:00:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 375153
cf-polished: origFmt=png, origSize=5572
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_PR.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3180
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:44 GMT
server: cloudflare
etag: 0x8D79F3C1243230C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: 10245a08-201e-0071-1df5-dcc42f000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659ddb6182dbdc8-AMS
cf-bgj: imgq:100

GET
H2 200 59.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 13 KB
3 KB 46ms
46ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/59.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

539c37262ed8fcc7a9f4be94c02e544369b773448c8160230975c5606cef7eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscozumel.palaceresorts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 20:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 139304
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:22 GMT
server: cloudflare
etag: W/"5e462222-338e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659ddb6e917bdc8-AMS
expires: Mon, 24 Feb 2020 05:18:22 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.palaceresorts.com/	1970-01-19 15:55:55	Name: _hjid Value: ac85e4a4-fcfe-4e8d-a4d1-20660441a682
.palaceresorts.com/	1970-01-19 09:32:52	Name: _fbp Value: fb.1.1581796803810.132300571
.bookingscozumel.palaceresorts.com/	1970-01-19 07:24:43	Name: _gid Value: GA1.3.640114589.1581796804
.bookingscozumel.palaceresorts.com/	1970-01-20 00:54:28	Name: _ga Value: GA1.3.946110933.1581796804
.bookingscozumel.palaceresorts.com/	1970-01-19 07:23:16	Name: _gat_UA-85687310-6 Value: 1
.palaceresorts.com/	1970-01-19 09:32:52	Name: _gcl_au Value: 1.1.2018931834.1581796804

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: gtm pageLoaded [object Object]
console-api	log	(Line 1) Message: gtm searchBoxInit [object Object]
console-api	log	URL: https://s.acquire.io/main.js(Line 1) Message: Please update acquire widget code..
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apm-server.seekda.com
bcp.crwdcntrl.net
bookingscozumel.palaceresorts.com
cdn.polyfill.io
cloud.seekda.com
connect.facebook.net
cx.atdmt.com
d2jtzd336hs8un.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hbe-api.kognitiv.com
log.seekda.com
media.acquire.io
res.cloudinary.com
s.acquire.io
s.tagove.com
script.hotjar.com
static.hotjar.com
static.seekda.com
stats.g.doubleclick.net
tags.crwdcntrl.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.20.39.138
143.204.98.146
147.135.10.37
147.75.100.69
147.75.102.13
147.75.84.91
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2004
2a00:1450:4001:816::2003
2a00:1450:4001:818::2008
2a00:1450:4001:820::2003
2a00:1450:400c:c00::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::393
2a04:4e42:3::621
51.254.62.68
51.254.62.70
51.254.62.77
52.50.124.238
93.184.220.113
03e41b897b2018e5ba2c01ec39256a5fad1030826b28c9a539c9b5d19fd6af20
0850399b7ff25de33fec4f33a9ce53a08829f80519fe84963c9c7f236eca738e
0ba4e53e0f817a7314b9289e04dab9fec63db5813dc35b04d8ffe55847402aab
0c070cc0bb1207c7c7e9d482e830fdf62dd9a771b97472dd2aab0bb08848bcd7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c21c645dec6e9f3dce4f7fe7c4ceb25ebe572625b1c8ad09c5274c2fbe986fc
25941065c411f81473eb4e447130945ba13cab3b87bab7920e404b442eec7300
3114cffcc2fc4ad6c6912c03aad1b6908549013fba4a721340f5c6d8a1d3c2d9
35f15b99034de36c4b2cf42148015fb2df33be155e760ac8462063d016af7692
3af7c402bc8384fca2f386721a93b548cd653afd75ff03c94159d853b988234b
404ae79ad9b03e63047736ebaf77df9a759b0add1fa42e02bd6a4f362d64098e
42034e972610a048ced9b5a34666245d29a3a48dce8f8a0a5bc8051c7c03f339
50b950f2ad267e0e26e3deeb2f3e56b55c8d1541bcea842235b685daaf66f411
5318d9787d97afa58f1fd7c37de9e23f2f0e94985cf5fd35d448dd0e5e5389b5
539c37262ed8fcc7a9f4be94c02e544369b773448c8160230975c5606cef7eb0
58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5f4db85527c3283b14b9b89fceda3392c43f6c289fcbef60e4e306a85507425e
6004f0b7111e09c8acdae325b3e75d38f965d89d6321df8811dabaf44d76d5df
638edab9dc8582110d373f1db5fe53d2993dc03de261e8bcadc5e860775cf60d
63f277a42a1d0bd45b4a21ae64c53163a9e34baa781e502f407d9ab948b0d6fd
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7649ce6be20fce64c9154e7b9d8e59df09184f5cb62740f533c24b94776eceb1
7a80e9f85c96eb45ddca8f776e4bfd4083082a2526a9a88f8b4e54d02a590a99
7b84922cc94f5d93337babc2da0649a8409156c927cb00d2d529be959dcd225a
7b87291587957c928ca4ed4a8dc0c97fe937b0876e386c126cb0cc8c8c0e9d64
7c03962d551d9a86909c6fca2a2fcdc141302bccf46f7ef3ff93e3ec8b69bd11
7d291f6a021934a5ff5023c681ba2a29f482c1a6092d077edc32e2efe6b72ef7
7d9709cf5f304c960a35d2ddaa2a29f1208208aa0bb9bc94dc33df84333c4e30
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
90d01926f8ac90b9cb059f7207ef4bb431912d5fad10b469cc94a189c1bc3415
a7266287380057ccde528022ec92dfc5ac86791f30a1267fe3b77ea9441144d9
b0a30bcf035ffe41d39eda71670849b0cf0f1b7bfbaceda519f2676b3dbe8164
b3dd7835a67a74da51d59fce90e3c24f8dbe7acbab1e25406efc502c35326381
b41fd2074849a3aa762fafe5b92a5d2d518bfff78072e55e24d07665ea7ad039
b450e04fdc707956fd3f25f31d864263d7dd197d77bebe4204fc071ebdc9dc84
b4d086388f0ef8679a07e87bd3676e8222a56d1aa028984807b751e93db58616
ca59dd4386f3324ad7413bdc73c10d844bc0c28fe1170b4a6beda11c8b14f486
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d76eab2ff2b7e77df5fa335321cfd91e686b0e6f8bb229b7fae1f8deebf7ac8c
de1f40657caf399bca0d07e362f66a7976c547f303e05313db7e961630e2551e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecbea42fe84a1122cc5bd7cf6a724913ea242970fe999cb7ec34a3ae623f4570
eedb9a3791e6ce8a54f9a651c501a12a31f4a4f0372f7df1281c5ac9ba64d7c6
eeff6473ac9e40f8c431cb3a40d423d92c5d4bde8f6bc6e846ef05d361d1d6d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc571bd1d583f32b914081b6884b4d9876cda7f0b1a21cf54092111efd9269c
fb32146b22a6e7cdd5457a025ef35f88250f65971da3bde15d82aef631c63a04
fd15c1d08eecfa3bebd1c8a1e28836de2f04036509f7ee65e1945cc0decd725d

bookingscozumel.palaceresorts.com Open in urlscan Pro 51.254.62.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

63 Requests

100 %HTTPS

52 %IPv6

20 Domains

27 Subdomains

21 IPs

7 Countries

1796 kBTransfer

6068 kBSize

6 Cookies

0 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bookingscozumel.palaceresorts.com Open in urlscan Pro
51.254.62.70 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

52 %
IPv6

20
Domains

27
Subdomains

21
IPs

7
Countries

1796 kB
Transfer

6068 kB
Size

6
Cookies

63 HTTP transactions
1 data transactions