bookings.omnihotels.com Open in urlscan Pro
2606:4700::6812:1a5d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.em.omnihotels.com/?qs=479116881524b698b24b5ff88317c68ee1d8f4dc0fa0a853c1d47f02742521c8da1e5d705f91d59c00c7c4c3b396...
Effective URL:
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24...
Submission: On September 24 via api (September 24th 2024, 8:49:38 pm UTC) from US — Scanned from DE

Summary HTTP 147 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 60 IPs in 6 countries across 43 domains to perform 147 HTTP transactions. The main IP is 2606:4700::6812:1a5d, located in United States and belongs to CLOUDFLARENET, US. The main domain is bookings.omnihotels.com. The Cisco Umbrella rank of the primary domain is 290851.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 27th 2024. Valid for: a year.

This is the only time bookings.omnihotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.234.80 13.111.234.80	14340 (SALESFORCE) (SALESFORCE)
31	2606:4700::68... 2606:4700::6812:1a5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:8b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	18.64.103.51 18.64.103.51	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.66.112.127 18.66.112.127	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
5	104.126.37.138 104.126.37.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.17.100.224 2.17.100.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
3	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:226... 2600:9000:2260:8800:9:7c30:be80:21	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	192.132.33.67 192.132.33.67	18568 (BIDTELLECT) (BIDTELLECT)
2	2a02:26f0:470... 2a02:26f0:4700:19d::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:e30... 2a02:26f0:e300::5f64:9251	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
4	18.193.54.173 18.193.54.173	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.111.33 34.120.111.33	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 7	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 3	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	54.246.144.89 54.246.144.89	16509 (AMAZON-02) (AMAZON-02)
1 2	3.72.133.76 3.72.133.76	16509 (AMAZON-02) (AMAZON-02)
2	54.82.155.25 54.82.155.25	14618 (AMAZON-AES) (AMAZON-AES)
2	54.92.198.16 54.92.198.16	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
6	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	192.132.33.68 192.132.33.68	18568 (BIDTELLECT) (BIDTELLECT)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.220.11.62 54.220.11.62	16509 (AMAZON-02) (AMAZON-02)
1	34.98.115.224 34.98.115.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.225.92 35.244.225.92	15169 (GOOGLE) (GOOGLE)
1	34.107.168.197 34.107.168.197	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.32.101.95 23.32.101.95	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.149.130.207 34.149.130.207	15169 (GOOGLE) (GOOGLE)
1	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	52.55.232.119 52.55.232.119	() ()
147	60

1 13.111.234.80 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.em.omnihotels.com

click.em.omnihotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700::6812:1a5d (United States)

ASN13335 (CLOUDFLARENET, US)

bookings.omnihotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8b77 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.103.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-51.txl50.r.cloudfront.net

pixel-library.pmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.112.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-127.fra56.r.cloudfront.net

schema.apolloplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.apolloplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-138.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.100.224 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-224.deploy.static.akamaitechnologies.com

aa.trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2260:8800:9:7c30:be80:21 (United States)

ASN16509 (AMAZON-02, US)

d1n00d49gkbray.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.67.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:4700:19d::1931 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:e300::5f64:9251 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

cdn.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fledge.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.193.54.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-54-173.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com

api.edkt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.38 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.144.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-144-89.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.72.133.76 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-133-76.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.155.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-155-25.compute-1.amazonaws.com

a7tglno5hj.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.92.198.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-198-16.compute-1.amazonaws.com

514013529.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

9945854.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.68.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.11.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-11-62.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.115.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.115.98.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.225.92 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 92.225.244.35.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.168.197 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 197.168.107.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.101.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-101-95.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.130.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.130.149.34.bc.googleusercontent.com

pd.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.232.119 (None, )

ASN- ()

tr2.smarterhq.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	omnihotels.com 1 redirects click.em.omnihotels.com — Cisco Umbrella Rank: 453699 bookings.omnihotels.com — Cisco Umbrella Rank: 290851	687 KB
12	doubleclick.net 7 redirects ad.doubleclick.net — Cisco Umbrella Rank: 155 cm.g.doubleclick.net — Cisco Umbrella Rank: 297 9945854.fls.doubleclick.net — Cisco Umbrella Rank: 239439 stats.g.doubleclick.net — Cisco Umbrella Rank: 152	3 KB
7	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2881 api.bounceexchange.com — Cisco Umbrella Rank: 3120	140 KB
7	bttrack.com bttrack.com — Cisco Umbrella Rank: 1122 cdn.bttrack.com — Cisco Umbrella Rank: 11988	7 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 351	149 KB
7	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 389 region1.analytics.google.com — Cisco Umbrella Rank: 4111	1 KB
6	teads.tv p.teads.tv — Cisco Umbrella Rank: 6295 cm.teads.tv — Cisco Umbrella Rank: 5068 fledge.teads.tv — Cisco Umbrella Rank: 8647 t.teads.tv — Cisco Umbrella Rank: 3486	7 KB
5	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1647 insight.adsrvr.org — Cisco Umbrella Rank: 1140 match.adsrvr.org — Cisco Umbrella Rank: 413	6 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 821	137 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 981	4 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 358 px4.ads.linkedin.com — Cisco Umbrella Rank: 6989	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3026	10 KB
4	apolloplatform.com schema.apolloplatform.com — Cisco Umbrella Rank: 162633 cdn.apolloplatform.com — Cisco Umbrella Rank: 212785	26 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	379 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 515 p.typekit.net — Cisco Umbrella Rank: 683	45 KB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 5861 page.cdnbasket.net — Cisco Umbrella Rank: 5872 view.cdnbasket.net — Cisco Umbrella Rank: 5873	1014 B
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 520 ib.adnxs.com — Cisco Umbrella Rank: 292	3 KB
3	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 6937 pixel.sojern.com — Cisco Umbrella Rank: 10387	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 378	15 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	21 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	260 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	3 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 679	1 KB
2	igodigital.com 514013529.collect.igodigital.com — Cisco Umbrella Rank: 245035 nova.collect.igodigital.com — Cisco Umbrella Rank: 8602	3 KB
2	amazonaws.com a7tglno5hj.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 189376	271 B
2	w55c.net 1 redirects tags.w55c.net — Cisco Umbrella Rank: 5564	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 957 script.hotjar.com — Cisco Umbrella Rank: 1386	61 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1103	25 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 196	71 KB
1	smarterhq.io tr2.smarterhq.io	127 B
1	cdnwidget.com pd.cdnwidget.com — Cisco Umbrella Rank: 4452	288 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 7195	171 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 550	312 B
1	google.de www.google.de — Cisco Umbrella Rank: 9833	63 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1753	508 B
1	edkt.io api.edkt.io — Cisco Umbrella Rank: 7941	754 B
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4135	5 KB
1	cloudfront.net d1n00d49gkbray.cloudfront.net	26 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 906	14 KB
1	trkn.us aa.trkn.us — Cisco Umbrella Rank: 21348	166 B
1	pmg.com pixel-library.pmg.com — Cisco Umbrella Rank: 58709	7 KB
1	fontawesome.com ka-f.fontawesome.com — Cisco Umbrella Rank: 6366	76 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	832 B
147	43

	Domain	Requested by
31	bookings.omnihotels.com	bookings.omnihotels.com
7	ad.doubleclick.net	6 redirects bookings.omnihotels.com
7	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org bookings.omnihotels.com
6	assets.bounceexchange.com	tag.wknd.ai assets.bounceexchange.com
5	bttrack.com	www.googletagmanager.com bookings.omnihotels.com cdn.bttrack.com bttrack.com
5	analytics.tiktok.com	bookings.omnihotels.com analytics.tiktok.com
4	ct.pinterest.com	s.pinimg.com
4	tags.srv.stackadapt.com	bookings.omnihotels.com tags.srv.stackadapt.com
4	www.googletagmanager.com	bookings.omnihotels.com www.googletagmanager.com
3	cdn.apolloplatform.com	schema.apolloplatform.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	insight.adsrvr.org	bookings.omnihotels.com js.adsrvr.org
3	adservice.google.com	bookings.omnihotels.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com bookings.omnihotels.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com bookings.omnihotels.com
3	use.typekit.net	bookings.omnihotels.com use.typekit.net
2	t.teads.tv	p.teads.tv bookings.omnihotels.com
2	www.facebook.com	bookings.omnihotels.com
2	cm.teads.tv	p.teads.tv bookings.omnihotels.com
2	region1.analytics.google.com	www.googletagmanager.com
2	9945854.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	c1.adform.net	2 redirects
2	pixel.sojern.com	bookings.omnihotels.com
2	cm.g.doubleclick.net	bookings.omnihotels.com
2	a7tglno5hj.execute-api.us-east-1.amazonaws.com	bookings.omnihotels.com
2	tags.w55c.net	1 redirects bookings.omnihotels.com
2	secure.adnxs.com	1 redirects bookings.omnihotels.com
2	cdn.bttrack.com	www.googletagmanager.com
2	s.pinimg.com	bookings.omnihotels.com s.pinimg.com
2	connect.facebook.net	bookings.omnihotels.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	bookings.omnihotels.com www.gstatic.com
1	tr2.smarterhq.io	d1n00d49gkbray.cloudfront.net
1	api.bounceexchange.com	assets.bounceexchange.com
1	pd.cdnwidget.com	assets.bounceexchange.com
1	fledge.teads.tv	p.teads.tv
1	nova.collect.igodigital.com	bookings.omnihotels.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	content.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.google.de	bookings.omnihotels.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	px4.ads.linkedin.com	bookings.omnihotels.com
1	match.adsrvr.org	bookings.omnihotels.com
1	ib.adnxs.com	1 redirects
1	514013529.collect.igodigital.com	bookings.omnihotels.com
1	sp.analytics.yahoo.com	bookings.omnihotels.com
1	api.edkt.io	bookings.omnihotels.com
1	tag.wknd.ai	bookings.omnihotels.com
1	static.hotjar.com	bookings.omnihotels.com
1	p.teads.tv	www.googletagmanager.com
1	d1n00d49gkbray.cloudfront.net	bookings.omnihotels.com
1	beacon.sojern.com	bookings.omnihotels.com
1	js.adsrvr.org	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	aa.trkn.us	bookings.omnihotels.com
1	schema.apolloplatform.com	www.googletagmanager.com
1	pixel-library.pmg.com	bookings.omnihotels.com
1	www.gstatic.com	www.google.com
1	ka-f.fontawesome.com	bookings.omnihotels.com
1	p.typekit.net	bookings.omnihotels.com
1	fonts.googleapis.com	bookings.omnihotels.com
1	click.em.omnihotels.com	1 redirects
147	66

This site contains links to these domains. Also see Links.

Domain
omnihotels.com
www.omnihotels.com
www.facebook.com
www.instagram.com
www.tiktok.com
www.pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
*.omnihotels.com Go Daddy Secure Certificate Authority - G2	`2024-02-27` - `2025-03-30`	a year	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
ka-f.fontawesome.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
pmg.com Amazon RSA 2048 M03	`2024-02-08` - `2025-03-07`	a year	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
cdn.apolloplatform.com Amazon RSA 2048 M02	`2023-11-23` - `2024-12-21`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
cert1-prod.aut.a24365.net R11	`2024-09-20` - `2024-12-19`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-21`	5 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-04` - `2024-10-02`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-01` - `2025-04-01`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-02` - `2025-08-07`	a year	crt.sh
cdn.bttrack.com E5	`2024-08-23` - `2024-11-21`	3 months	crt.sh
teads.tv R10	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2024-08-09` - `2025-09-07`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
tag.wknd.ai R11	`2024-09-15` - `2024-12-14`	3 months	crt.sh
edkt.io WR3	`2024-08-03` - `2024-11-01`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2025-01-22`	6 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M02	`2024-06-23` - `2025-07-21`	a year	crt.sh
*.collect.igodigital.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-09-11` - `2025-03-11`	6 months	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.de WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
assets.bounceexchange.com WR3	`2024-09-15` - `2024-12-14`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
data.cdnbasket.net WR3	`2024-08-30` - `2024-11-28`	3 months	crt.sh
page.cdnbasket.net WR3	`2024-09-07` - `2024-12-06`	3 months	crt.sh
view.cdnbasket.net WR3	`2024-09-08` - `2024-12-07`	3 months	crt.sh
pd.cdnwidget.com R11	`2024-09-08` - `2024-12-07`	3 months	crt.sh
*.wunderkind.co R10	`2024-08-02` - `2024-10-31`	3 months	crt.sh
smarterhq.io Amazon RSA 2048 M02	`2024-07-19` - `2025-08-17`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Frame ID: 8B5911E473BFB53A8DCF6DDAAC8B6A3C
Requests: 139 HTTP requests in this frame

Frame: https://bttrack.com/Pixel/Conversion/15411/pmg_ohr_pageview
Frame ID: D83A3167A3C19ECDEF9A4E918F321912
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le97XwpAAAAAP1OicOTNou9XwqgwMbSdBGLHYBF&co=aHR0cHM6Ly9ib29raW5ncy5vbW5paG90ZWxzLmNvbTo0NDM.&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=vxdnonnvbmao
Frame ID: 4F6F35EDBB4DB41BE317DD52EE866C3D
Requests: 1 HTTP requests in this frame

Frame: https://9945854.fls.doubleclick.net/activityi;dc_pre=CPHBk6S63IgDFQ-4_Qcdk7E82Q;src=9945854;type=rtgco0;cat=globa0;ord=4168893504374;npa=1;auiddc=1142554019.1727210973;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1435971946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686684;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail
Frame ID: D16D91CB75B46F4E31B842CA78531002
Requests: 1 HTTP requests in this frame

Frame: https://fledge.teads.tv/v1/interest-group/tag.html
Frame ID: EDBDF4A8FB923A2B007D0508C59BAB24
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: A5B7EF23180327443AB00504BF5AE245
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 4053CEA5C2757603E7C23F6E1342466B
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=yfvavnx&ref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&upid=s2p53hs&upv=1.1.0&paapi=1
Frame ID: A3FB855D23FD2C8818E5D7287BF21F0D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=wn5plxq&ref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&upid=0cbz3wn&upv=1.1.0&paapi=1
Frame ID: 5FDE40EBFC278B66D5274B925B3A2943
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Omni Hotels & Resorts

Page URL History Show full URLs

https://click.em.omnihotels.com/?qs=479116881524b698b24b5ff88317c68ee1d8f4dc0fa0a853c1d47f02742521c8da1e5d70... HTTP 302
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-p... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

147
Requests

94 %
HTTPS

39 %
IPv6

43
Domains

66
Subdomains

60
IPs

6
Countries

2195 kB
Transfer

6403 kB
Size

55
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://omnihotels.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://omnihotels.com/destinations
Title: All Hotels & Resorts

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/loyalty

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/specials
Title: offers

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/culinary
Title: dining

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/destinations/golf
Title: golf

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/destinations/spa
Title: spa

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/forms/contact-us
Title: contact us

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/shop/gift-cards
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/media-center
Title: Media Center

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/travel-agents
Title: Travel Agents

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/about-omni-hotels
Title: About Omni Hotels

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.facebook.com/omnihotels/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/omnihotels/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@omnihotels

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/omnihotels/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/omnihotels

Search URL Search Domain Scan URL

URL: https://omnihotels.com/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://omnihotels.com/site-map
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://omnihotels.com/terms-of-use
Title: Terms

Search URL Search Domain Scan URL

URL: https://omnihotels.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://omnihotels.com/forms/personal-data-request
Title: Do Not Share My Personal Data

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/reservations/faq
Title: Reservation FAQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.em.omnihotels.com/?qs=479116881524b698b24b5ff88317c68ee1d8f4dc0fa0a853c1d47f02742521c8da1e5d705f91d59c00c7c4c3b396258d054ededb1ea97340f899c365fbc256eb HTTP 302
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://ad.doubleclick.net/ddm/activity/src=12702588;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=121452793 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=12702588;dc_pre=CLLWjqS63IgDFcbMOwIdD8AfbQ;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=121452793 HTTP 302
https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CLLWjqS63IgDFcbMOwIdD8AfbQ;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=121452793

Request Chain 66

https://secure.adnxs.com/px?id=1648638&seg=32474541&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1648638%26seg%3D32474541%26t%3D2

Request Chain 69

https://tags.w55c.net/rs?id=b753d945b20448378a2f2e7c15f10576&t=homepage HTTP 302
https://tags.w55c.net/rs?sccid=25aabecd-f1f9-d80f-c72d-4a1f7c10ee3b&scc=1&id=b753d945b20448378a2f2e7c15f10576&t=homepage

Request Chain 70

https://ad.doubleclick.net/ddm/activity/src=12702588;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=2070271900 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=12702588;dc_pre=CL7Zj6S63IgDFU3wOwIdDhwZAw;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=2070271900 HTTP 302
https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CL7Zj6S63IgDFU3wOwIdDhwZAw;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=2070271900

Request Chain 77

https://ad.doubleclick.net/ddm/activity/src=9197352;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9197352;dc_pre=CMS3kqS63IgDFYjLOwIdDrUbcQ;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN HTTP 302
https://adservice.google.com/ddm/fls/z/src=9197352;dc_pre=CMS3kqS63IgDFYjLOwIdDrUbcQ;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN

Request Chain 80

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=JCo3MzCfHOy2HRUlbX2BOm9PBzjd0F8Fmc455oRb0A7NGL44uFaS7bzE0Oy67g1r HTTP 302
https://pixel.sojern.com/idsync/apn?id=1157216424423562898&sjrn_id=JCo3MzCfHOy2HRUlbX2BOm9PBzjd0F8Fmc455oRb0A7NGL44uFaS7bzE0Oy67g1r

Request Chain 82

https://c1.adform.net/serving/cookie/match?cid=e0ded849-b70a-6aad-0891-9de3bd74962f&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=e0ded849-b70a-6aad-0891-9de3bd74962f&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=4854264713943888295&cid=e0ded849-b70a-6aad-0891-9de3bd74962f

Request Chain 84

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1727210973251&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1727210973251&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&e_ipv6=AQJjczYY0qqgMwAAAZIly-lDVJEggX2Wq-zUgYDqeDDegtvyVxrHRYAKLdpj7R5qZy1-znKY62zqjKLVkCzuTxY4ED-CGQ

Request Chain 90

https://9945854.fls.doubleclick.net/activityi;src=9945854;type=rtgco0;cat=globa0;ord=4168893504374;npa=1;auiddc=1142554019.1727210973;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1435971946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686684;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail HTTP 302
https://9945854.fls.doubleclick.net/activityi;dc_pre=CPHBk6S63IgDFQ-4_Qcdk7E82Q;src=9945854;type=rtgco0;cat=globa0;ord=4168893504374;npa=1;auiddc=1142554019.1727210973;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1435971946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686684;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail

147 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request login Show response
bookings.omnihotels.com/
Redirect Chain

https://click.em.omnihotels.com/?qs=479116881524b698b24b5ff88317c68ee1d8f4dc0fa0a853c1d47f02742521c8da1e5d705f91d59c00c7c4c3b396258d054ededb1ea97340f899c365fbc256eb
https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=...

42 KB
10 KB

944ms
860ms

Document
text/html

2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.3.11

Resource Hash

964c9f31bdcc1106d43ba126acf06b868c23889c4d086de2de2bec961be98ad4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
access-control-allow-methods: GET, POST
access-control-max-age: 1000
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8c85a43eca52996f-FRA
content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Tue, 24 Sep 2024 20:49:32 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15638400
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.3.11
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 759
Content-Type: text/html; charset=utf-8
Date: Tue, 24 Sep 2024 20:49:31 GMT
Location: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
832 B 55ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap

Requested by

Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b90cf481a2ad169e12b9828c0d230570ad18116830d66d37aebcebdcd32b8bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 20:49:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 24 Sep 2024 20:44:01 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 jquery-ui.min.css
bookings.omnihotels.com/css/ 30 KB
8 KB 27ms
25ms Stylesheet
text/css 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/css/jquery-ui.min.css?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cafe94ba60283d2f3973530b64b9b615585263b4cc08cc8687521fb892b75538

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d0372-7851"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: text/css
last-modified: Mon, 17 Apr 2023 08:29:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a4442f58996f-FRA
server: cloudflare

GET
H3 200 bootstrap.min.css
bookings.omnihotels.com/css/ 158 KB
24 KB 30ms
28ms Stylesheet
text/css 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/css/bootstrap.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65b24a3a-279d8"
age: 10145
access-control-allow-methods: GET, POST
expires: Wed, 25 Sep 2024 00:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: text/css
last-modified: Thu, 25 Jan 2024 11:47:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=14400
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
via: 1.1 google
cf-ray: 8c85a4442f5a996f-FRA
access-control-allow-origin: https://www.omnihotels.com
server: cloudflare

GET
H3 200 slick.min.css
bookings.omnihotels.com/css/ 1 KB
991 B 27ms
25ms Stylesheet
text/css 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/css/slick.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ec747afc45612c45573a7101ecf9adf6dee6e98c2620b22ee3f70144f9548e

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d0373-52f"
age: 9212
access-control-allow-methods: GET, POST
expires: Wed, 25 Sep 2024 00:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: text/css
last-modified: Mon, 17 Apr 2023 08:29:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=14400
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
via: 1.1 google
cf-ray: 8c85a4442f5c996f-FRA
access-control-allow-origin: https://www.omnihotels.com
server: cloudflare

GET
H3 200 slick-theme.min.css
bookings.omnihotels.com/css/ 4 KB
1 KB 39ms
37ms Stylesheet
text/css 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/css/slick-theme.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4bc789142ca61c2faae60acec10c04360e92f0995c4bc6d29b076e39d09e2c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d0373-e78"
age: 4166
access-control-allow-methods: GET, POST
expires: Wed, 25 Sep 2024 00:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: text/css
last-modified: Mon, 17 Apr 2023 08:29:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=14400
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
via: 1.1 google
cf-ray: 8c85a4442f5e996f-FRA
access-control-allow-origin: https://www.omnihotels.com
server: cloudflare

GET
H3 200 font-awesome.min.css
bookings.omnihotels.com/css/ 30 KB
7 KB 41ms
39ms Stylesheet
text/css 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/css/font-awesome.min.css?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d032c-7918"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: text/css
last-modified: Mon, 17 Apr 2023 08:28:28 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a4442f60996f-FRA
server: cloudflare

GET
H3 200 datepicker.min.css
bookings.omnihotels.com/vuedatepicker/ 4 KB
2 KB 39ms
38ms Stylesheet
text/css 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/vuedatepicker/datepicker.min.css?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7888999fa80868a7f03f4afcc1ab6f9bc8cf16113794978fde1ba006c961ce8

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6446afda-10ac"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: text/css
last-modified: Mon, 24 Apr 2023 16:35:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a4442f61996f-FRA
server: cloudflare

GET
H2 200 gsx0mqu.css
use.typekit.net/ 5 KB
1 KB 57ms
11ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gsx0mqu.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

73b7f2f8725690c65daa20ee5336d595b4e1369dd42dc4c6baa11bd1fe1df90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 930
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H3 200 styles.css
bookings.omnihotels.com/css/scss/ 479 KB
64 KB 44ms
43ms Stylesheet
text/css 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/css/scss/styles.css?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21aaad728c1b8b705148d9263f61c70d51d8092b0bcd62c3f9e5b45ee34418d1

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e2b9d0-77ad5"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: text/css
last-modified: Thu, 12 Sep 2024 09:52:16 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a4442f62996f-FRA
server: cloudflare

GET
H3 200 jquery-3.6.1.min.js Show response
bookings.omnihotels.com/js/ 88 KB
31 KB 42ms
41ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/jquery-3.6.1.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d0373-15e40"
age: 58193
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 17 Apr 2023 08:29:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a4442f64996f-FRA
server: cloudflare

GET
H3 200 omnihotels.svg
bookings.omnihotels.com/images/logos/ 7 KB
3 KB 30ms
30ms Image
image/svg+xml 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bookings.omnihotels.com/images/logos/omnihotels.svg?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32984fcae927955ad21b22eba413e78d35b6f75613a52d1ff6cbf9c5c139d0ac

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65f2c2b9-1a80"
age: 33331
access-control-allow-methods: GET, POST
expires: Thu, 24 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Mar 2024 09:26:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=2592000
cross-origin-opener-policy: same-origin
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a4446f90996f-FRA
server: cloudflare

GET
H3 200 omnihotels.svg
bookings.omnihotels.com/images/logos/ 7 KB
3 KB 27ms
25ms Image
image/svg+xml 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bookings.omnihotels.com/images/logos/omnihotels.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32984fcae927955ad21b22eba413e78d35b6f75613a52d1ff6cbf9c5c139d0ac

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65f2c2b9-1a80"
age: 395693
access-control-allow-methods: GET, POST
expires: Thu, 24 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Mar 2024 09:26:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=2592000
cross-origin-opener-policy: same-origin
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a4447f96996f-FRA
server: cloudflare

GET
H3 200 login.svg
bookings.omnihotels.com/images/icons/p3/ 358 B
770 B 22ms
22ms Image
image/svg+xml 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bookings.omnihotels.com/images/icons/p3/login.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1faec96c5766cc5da452b7c0b8b078b32275ac7ad8dec805a8a25961a9b43df

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"649ab323-166"
age: 2287115
access-control-allow-methods: GET, POST
expires: Wed, 25 Sep 2024 00:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Jun 2023 10:00:03 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=14400
access-control-allow-credentials: true
referrer-policy: same-origin
via: 1.1 google
cf-ray: 8c85a444afbb996f-FRA
access-control-allow-origin: https://www.omnihotels.com
server: cloudflare

GET
H3 200 omni-select-logo.svg
bookings.omnihotels.com/membersarea/images/ 6 KB
3 KB 25ms
25ms Image
image/svg+xml 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bookings.omnihotels.com/membersarea/images/omni-select-logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1bd791dbae37c7eb4a2c35b384be01328236f5088a9237d020eeda521fac99f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6596993a-16dd"
age: 2558026
access-control-allow-methods: GET, POST
expires: Thu, 24 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: image/svg+xml
last-modified: Thu, 04 Jan 2024 11:40:42 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=2592000
cross-origin-opener-policy: same-origin
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444afbd996f-FRA
server: cloudflare

GET
H3 200 toggle-validation-classes.js Show response
bookings.omnihotels.com/js/form-scripts/ 2 KB
1 KB 40ms
38ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/form-scripts/toggle-validation-classes.js?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2780ede9598614a57b1265fbfbc739c2c36f0cb7656bb59aa86a08e8ca5a1b95

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d0373-70b"
age: 33310
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 17 Apr 2023 08:29:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444e80c996f-FRA
server: cloudflare

GET
H3 200 password-reveal.js Show response
bookings.omnihotels.com/js/form-scripts/ 2 KB
1 KB 40ms
38ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/form-scripts/password-reveal.js?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d998de525e2f49633d799353b5cfcdcc930241f375300401ae3bb52c85ea58

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6698d97c-6a9"
age: 30828
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 18 Jul 2024 08:59:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444e80f996f-FRA
server: cloudflare

GET
H3 200 sign-in-banner.png
bookings.omnihotels.com/images/ 220 KB
221 KB 31ms
31ms Image
image/png 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bookings.omnihotels.com/images/sign-in-banner.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3724d91d386a94f5f996109e99b924baa373c2baa4ef06f664a89a023241a251

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
cf-cache-status: HIT
etag: "643d0373-36fe8"
age: 2558025
access-control-allow-methods: GET, POST
expires: Thu, 24 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: image/png
last-modified: Mon, 17 Apr 2023 08:29:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=2592000
cross-origin-opener-policy: same-origin
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444cfe3996f-FRA
accept-ranges: bytes
content-length: 225256
server: cloudflare

GET
H3 200 popper.min.js Show response
bookings.omnihotels.com/js/ 19 KB
7 KB 33ms
32ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/popper.min.js?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

625b022a42ed5d9c39911e42050f4fd9834ea039af978b7716f7800ade95eb55

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d0373-4afd"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 17 Apr 2023 08:29:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444dfeb996f-FRA
server: cloudflare

GET
H3 200 slick.min.js Show response
bookings.omnihotels.com/js/ 43 KB
11 KB 37ms
37ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/slick.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c53bd4fb46505b90b10e21b4c6e477a14abb0ed61eab0a7b44ee0c351de5b5a

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d0373-aa39"
age: 4165
access-control-allow-methods: GET, POST
expires: Wed, 25 Sep 2024 00:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 17 Apr 2023 08:29:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=14400
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
via: 1.1 google
cf-ray: 8c85a444effa996f-FRA
access-control-allow-origin: https://www.omnihotels.com
server: cloudflare

GET
H3 200 lazyload.min.js Show response
bookings.omnihotels.com/js/ 6 KB
3 KB 37ms
36ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/lazyload.min.js?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cae0b9d70b27cc19083606d3249728c06e567271cef4692d9aa2e6f1e787f96

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6446afda-164f"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 24 Apr 2023 16:35:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444effd996f-FRA
server: cloudflare

GET
H3 200 jquery-ui.min.js Show response
bookings.omnihotels.com/js/ 249 KB
66 KB 58ms
55ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/jquery-ui.min.js?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c340313fbf7869da6c98fa2d5904983db6d7a1eb5bed7c114c98355eef779ec0

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d0373-3e467"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 17 Apr 2023 08:29:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444efff996f-FRA
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
bookings.omnihotels.com/js/ 61 KB
15 KB 40ms
38ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/bootstrap.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65b24a3a-f463"
age: 141173
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 25 Jan 2024 11:47:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444e800996f-FRA
server: cloudflare

GET
H3 200 input-mask.min.js Show response
bookings.omnihotels.com/js/ 3 KB
2 KB 40ms
38ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/input-mask.min.js?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

591c6bf7ae2840dc3c4bb1da23a9ee7da4a783e78026eda46ce3fcee561422e9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d0373-c9d"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 17 Apr 2023 08:29:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444e801996f-FRA
server: cloudflare

GET
H3 200 p3core.js Show response
bookings.omnihotels.com/js/ 7 KB
3 KB 40ms
38ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/p3core.js?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27325ea16f0df99976e67b268976c6d4562a6824c86d3bc2edf4e04776c5034d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6698d97c-1b7d"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 18 Jul 2024 08:59:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444e802996f-FRA
server: cloudflare

GET
H3 200 bootstrap-multiselect.js Show response
bookings.omnihotels.com/js/ 67 KB
13 KB 49ms
46ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/bootstrap-multiselect.js?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

821e680e0e3aaf1443afd405e277a193550d50b434e4485b33dc0e7ab125c117

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"643d0373-10d85"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 17 Apr 2023 08:29:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444e806996f-FRA
server: cloudflare

GET
H3 200 jquery.validate.min.js Show response
bookings.omnihotels.com/js/ 24 KB
8 KB 48ms
46ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/jquery.validate.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65b11b97-6019"
age: 7975
access-control-allow-methods: GET, POST
expires: Wed, 25 Sep 2024 00:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 24 Jan 2024 14:15:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=14400
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
via: 1.1 google
cf-ray: 8c85a444e807996f-FRA
access-control-allow-origin: https://www.omnihotels.com
server: cloudflare

GET
H3 200 custom.js Show response
bookings.omnihotels.com/js/ 20 KB
6 KB 43ms
41ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/custom.js?95d72f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9c5cd537f4f793c78efd5acf796522a5b2449afbe28da4d6e51f1b6fe4c3f8

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66584615-4e35"
age: 33722
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 30 May 2024 09:25:41 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444e809996f-FRA
server: cloudflare

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1021 B 40ms
20ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=onloadCallbackOfRecaptchaEnterprise

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0fa2284661e131a7ec2335404e89fc39f3e6a16eb653a21aacdc57fa021ba3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 20:49:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Tue, 24 Sep 2024 20:49:32 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 recaptcha.js Show response
bookings.omnihotels.com/js/ 5 KB
2 KB 48ms
46ms Script
application/javascript 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/js/recaptcha.js?3f72447

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e7dd6901dded3ec83c1358e84b7020185757fe5318df4fa948800e3dd9d4e0

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6698d97c-12ad"
age: 33310
access-control-allow-methods: GET, POST
expires: Tue, 01 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 18 Jul 2024 08:59:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
pragma: public
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444e80a996f-FRA
server: cloudflare

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 41ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=gsx0mqu&ht=tk&f=44870.44872.44873.44874.44875.45404.45407&a=137763107&app=typekit&e=css
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/css/scss/styles.css?95d72f2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=604800
etag: "6649f74c-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: text/css
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 480 KB
132 KB 104ms
69ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f353fedca26ee919313f87234be8288e116fae0b62dbe531b01695d025c03728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
expires: Tue, 24 Sep 2024 20:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 134803
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 icon-dropdown-arrow.svg
bookings.omnihotels.com/images/icons/p3/ 401 B
816 B 45ms
44ms Image
image/svg+xml 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bookings.omnihotels.com/images/icons/p3/icon-dropdown-arrow.svg

Requested by

Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/css/scss/styles.css?95d72f2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abe92e0a271866d066c160619d758d8106cfba28bea8193b1fa5c6d87722702e

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/css/scss/styles.css?95d72f2

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"64b7c892-191"
age: 1302824
access-control-allow-methods: GET, POST
expires: Wed, 25 Sep 2024 00:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Jul 2023 11:27:14 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=14400
access-control-allow-credentials: true
referrer-policy: same-origin
via: 1.1 google
cf-ray: 8c85a444e810996f-FRA
access-control-allow-origin: https://www.omnihotels.com
server: cloudflare

GET
H3 200 loyalty-banner.webp
bookings.omnihotels.com/images/ 164 KB
164 KB 44ms
43ms Image
image/webp 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bookings.omnihotels.com/images/loyalty-banner.webp

Requested by

Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/css/scss/styles.css?95d72f2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4eefde7fc63bf7b20cff2575cb6698bc83a313c4b99794f096dbda1bd9c908

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/css/scss/styles.css?95d72f2

Response headers

access-control-max-age: 1000
cf-cache-status: HIT
etag: "6596993a-28f98"
age: 2454715
access-control-allow-methods: GET, POST
expires: Thu, 24 Oct 2024 20:49:32 GMT
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: image/webp
last-modified: Thu, 04 Jan 2024 11:40:42 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=2592000
cross-origin-opener-policy: same-origin
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a444e811996f-FRA
accept-ranges: bytes
content-length: 167832
server: cloudflare

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bookings.omnihotels.com
Referer: https://fonts.googleapis.com/

Response headers

age: 45305
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 08:14:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 08:14:27 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H2 200 l
use.typekit.net/af/b65d74/00000000000000007735c62d/30/ 21 KB
21 KB 24ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b65d74/00000000000000007735c62d/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsx0mqu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a334534614782c0e1ff21a6d9870e45372fd008677911a4195c517404b503443

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bookings.omnihotels.com
Referer: https://use.typekit.net/gsx0mqu.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "25dfbce677e3f0f86fc3cf6a56b2e1bfccf2796a"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 21472
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/font-woff2
server: nginx

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bookings.omnihotels.com
Referer: https://fonts.googleapis.com/

Response headers

age: 43494
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 08:44:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 08:44:38 GMT
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23236
x-xss-protection: 0
server: sffe

GET
H3 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
76 KB 43ms
26ms Font
font/woff2 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/css/scss/styles.css?95d72f2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bookings.omnihotels.com
Referer

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "4f5ec865a8274ab291b6a42b5f70639e"
age: 147064
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yaZHebenc%2BqVPTzGL%2B4RijI5Pbkl8zys4PCY%2FfIksXFn82A9xFC2mUMgIOwo2aZYvMBkRYQxcjr7g7E8nf9j7zqQbNoa4B%2FknZdh56%2B9dcUxLK7kb2J4ClJUMfHw6pVKUK6%2BRKZlCnBLLhH1TpBe00OBvg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 0ZpmpbptlBAhre3AwFbr5xhik9WBsxhXttI9ax-Gn-PvZAUEMq8avg==
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: font/woff2
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
vary: Accept-Encoding
access-control-allow-headers: fa-kit-token
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
cf-ray: 8c85a4454eff6919-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76736
x-amz-cf-pop: FRA56-C2
server: cloudflare

GET
H2 200 l
use.typekit.net/af/e74318/00000000000000007735c620/30/ 22 KB
22 KB 8ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e74318/00000000000000007735c620/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsx0mqu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 522e7fe1c9a58bc6742ffc993f258039f8e466de5f696ec0357e06004cbcec28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bookings.omnihotels.com
Referer: https://use.typekit.net/gsx0mqu.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "a9f3a1be5ba95f324a68c1fcee1fe99bdd5a72ec"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22716
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/font-woff2
server: nginx

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 541 KB
215 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=onloadCallbackOfRecaptchaEnterprise

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bookings.omnihotels.com
Referer

Response headers

content-encoding: gzip
age: 45123
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 08:17:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 08:17:30 GMT
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 219745
x-xss-protection: 0
server: sffe

GET
H3 200 eye.webp
bookings.omnihotels.com/images/icons/p3/ 416 B
926 B 25ms
24ms Image
image/webp 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bookings.omnihotels.com/images/icons/p3/eye.webp

Requested by

Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/css/scss/styles.css?95d72f2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4019587a58b47600b0c345b48fd9f58af0d1f80ddeecdd67838bf30d72cb882

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/css/scss/styles.css?95d72f2

Response headers

access-control-max-age: 1000
cf-cache-status: HIT
etag: "64c122a8-1a0"
age: 1294954
access-control-allow-methods: GET, POST
expires: Wed, 25 Sep 2024 00:49:33 GMT
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/webp
last-modified: Wed, 26 Jul 2023 13:42:00 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=14400
access-control-allow-credentials: true
referrer-policy: same-origin
via: 1.1 google
cf-ray: 8c85a4458876996f-FRA
accept-ranges: bytes
access-control-allow-origin: https://www.omnihotels.com
content-length: 416
server: cloudflare

GET
H2 200 alli-lib Show response
pixel-library.pmg.com/ 26 KB
7 KB 65ms
20ms Script
application/javascript 18.64.103.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-library.pmg.com/alli-lib
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-51.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e26115d5d30637c0bb28de8548e8dba25eee5be273cd7647c8e528d60a013240

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: W/"2acca1d0036b90667020ea6a806895fa"
age: 1665
via: 1.1 351bb5fb1bd6097be2e9d8a05c34165c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ZLfBCpfssRBIC-DjR80nveuPwuAny4lkbE0-y_pwfdAsg5GEpAXdTw==
date: Tue, 24 Sep 2024 20:22:09 GMT
content-type: application/javascript
last-modified: Tue, 05 Sep 2023 19:37:36 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
vary: Accept-Encoding

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 46ms
29ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5: jwlUUXc1HMPClYXMpY+NPQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCDBEEB2005B25
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 47162
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 16:42:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 90e1678a-501e-001f-2ee9-0d489a000000
cf-ray: 8c85a44629bf3642-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6881
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 apolloDQ.js Show response
schema.apolloplatform.com/clientJS/ 79 KB
22 KB 30ms
7ms Script
application/javascript 18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://schema.apolloplatform.com/clientJS/apolloDQ.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cb34277a5434f95f67e8db342273633beb965b1e4151781e11145a76526437a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: W/"50f83e3656b9a14af6c7186e53c14586"
age: 134
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 5tAbwnBjpalxz_wKl0Ar0M_SBqetUUhxRAoPqlu-x4A7B4ZZsUqu1A==
date: Tue, 24 Sep 2024 20:47:41 GMT
content-type: application/javascript
last-modified: Thu, 17 Mar 2022 17:53:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
content-encoding: gzip
age: 4765
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 21:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
date: Tue, 24 Sep 2024 19:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
server: Golfe2
vary: Accept-Encoding

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 171ms
141ms Script
application/javascript 104.126.37.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHH59LBC77U6OCP0SEB0&lib=ttq
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 91d066d6119ab29f915a93ca6142a883a243de5aef33bbcde60f566f43dda569

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
expires: Tue, 24 Sep 2024 20:49:33 GMT
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=10, origin; dur=118
x-cache: TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 17602934
x-tt-trace-host: 01ca5754d83224ad6ee886f811f6500308fde0c10a0c6df1cd27a93871bf2142a9fff7d18baa22cc91aca315dbe78154ccf037031c52f73fd3ca0e934d30899594d5ec03d0978d7d89629b6ead96f07c946fa4e3deed3d62417adfe047ee0fa8e4
x-origin-response-time: 119,104.126.37.172
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2409242049333672C2BF1B75F6FD7C2A-0B11A21350171CA3-00
content-length: 1783
x-tt-logid: 202409242049333672C2BF1B75F6FD7C2A
server: nginx

GET
H/1.1 204
No Content cs.js Show response
aa.trkn.us/1/e/ 0
166 B 69ms
10ms Script
text/plain 2.17.100.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.trkn.us/1/e/cs.js?cid=c013&evid=3c5e0548-25ae-4ed8-8b01-c4dba7a076f8&suu=1&dmn=bookings.omnihotels.com
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Expires: Tue, 24 Sep 2024 21:49:33 GMT
Cache-Control: private, max-age=3600
Date: Tue, 24 Sep 2024 20:49:33 GMT
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12702588

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

deab1ba605f42bed06ae47ed46cfdd7ae5e71a69fae0db145e12bdf445bfe447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
expires: Tue, 24 Sep 2024 20:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 78966
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
92 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BELGX2HEXN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04f8932e43fbac5c1eed9a1283f7f6fdcdcb97bdd8ea736ebcde30ae9cb4d4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 24 Sep 2024 20:49:33 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94661
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
15 KB 66ms
29ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "803483b3aaadb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4DE5C8B24E9242A2B865163E100B7556 Ref B: FRA31EDGE0518 Ref C: 2024-09-24T20:49:33Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14402
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:43:41 GMT
vary: Accept-Encoding

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 32ms
6ms Script
application/javascript 2a02:26f0:3500:10::210:a9b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=70830
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Tue, 24 Sep 2024 20:49:33 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9945854&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aa52a4ddf9dbff6f1d48f4fafe31fdc8d4c13cd24653e1008b7bfad4a1849bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
expires: Tue, 24 Sep 2024 20:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 78974
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 14 KB
6 KB 34ms
8ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71d18af9ee879a36717e1ea3367b669031e3f6b12cb0aa1373fd200d278c4e6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: W/"0a898f6edf2d77595f7378557dd8fb96"
Age: 61816
Connection: keep-alive
Via: 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: ikOB7GTWk6NoON6FT-ZN13Hk-glgz9ZID0JB1DibhB2Tegh-qAbd3g==
Date: Tue, 24 Sep 2024 03:39:18 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 11 Sep 2024 19:27:43 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 193971 Show response
beacon.sojern.com/pixel/p/ 4 KB
1 KB 40ms
18ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/193971?f_v=v6_js&p_v=2&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: aeab072ee770d824b8db5177656e236751c36d00e807d5fe951ffefc9e039893

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 815
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-expires: 0

GET
H2 200 omni.js Show response
d1n00d49gkbray.cloudfront.net/js/ 76 KB
26 KB 67ms
21ms Script
application/javascript 2600:9000:2260:8800:9:7c30:be80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1n00d49gkbray.cloudfront.net/js/omni.js
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2260:8800:9:7c30:be80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2c0e1aebf907b85c8790c7910529e00521037df698079cef17489cd7ff37a97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: UKgwtaOgohRi53SBv_KYuUM0SS730YAz
etag: W/"ba07639de361d72b2d682bae718f1dd7"
age: 73008
via: 1.1 d2182626bf7a31d463bb4b9335724f24.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: gLZdueHUJ-AyyXBojy2D8KFCGVWrqPcWcG1vmAi5XJ272l6UlMo1ug==
date: Tue, 24 Sep 2024 00:32:46 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 03 Nov 2021 21:46:51 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4466, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 8u4sYpUQ1qeMZhe8bNZ1Q4h1RsMjkcNUTExMb4bHhy5XI0iPD5O0EAWXLCw9/tk8LrCqwOLLjDl0S/yy61Sq5Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 58953
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 pmg_ohr_pageview
bttrack.com/Pixel/Conversion/15411/ Frame D83A 0
0 298ms
97ms Document
text/html 192.132.33.67
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL

https://bttrack.com/Pixel/Conversion/15411/pmg_ohr_pageview

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.67 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

NET-33-132-192.67.bidtellect.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private,no-cache
content-length: 105
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 20:48:43 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000;
x-servername: Track001-iad

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 70ms
17ms Script
application/javascript 2a02:26f0:4700:19d::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:4700:19d::1931 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
cache-control: max-age=7200
access-control-expose-headers: X-CDN
content-encoding: br
etag: "b37f6fea55e9029c9c9d413c47f69cb7"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
access-control-allow-origin: *
content-length: 1878
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 44641 Show response
cdn.bttrack.com/universal/ 3 KB
3 KB 82ms
13ms Script
application/javascript 2a02:26f0:e300::5f64:9251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/universal/44641
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:9251 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 36ff8562b6eb7a71acaeb673fe704baefd260365cdd37c9e23bb73c82263b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=181
content-length: 2779
x-servername: assets01-iad
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript; charset=utf-8

GET
H2 200 analytics.min.js Show response
cdn.bttrack.com/js/15411/analytics/1.0/ 599 B
716 B 70ms
15ms Script
text/javascript 2a02:26f0:e300::5f64:9251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/js/15411/analytics/1.0/analytics.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:9251 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cf83c170fc992166303ac5ee3ad9353ebeff4e41f0bf72f104cc843cc8958471

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=48130
content-length: 599
x-servername: assets02-iad
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 17 KB
6 KB 49ms
17ms Script
application/javascript 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DN3NR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 653c605223792518e8d7a382812f876321c916845a3f249b022ce16b892f5427

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2: gSkXmDemcTLCnvX4jvseQYm0pBji6Q8/5qWJ8ItjrO7v5g0Q3295aCMMsetoUI/CfdGwb4Cik0o=
Vary: Accept-Encoding
Cache-Control: max-age=224
Content-Encoding: gzip
ETag: "8308c4ca0f38b20101f1aa83176a264c"
Connection: keep-alive
x-amz-request-id: 6AM204JF3Y2FJW08
Accept-Ranges: bytes
Content-Length: 5806
Date: Tue, 24 Sep 2024 20:49:33 GMT
Last-Modified: Tue, 02 Jul 2024 13:21:36 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 130ms
100ms Script
text/javascript 18.193.54.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.193.54.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-54-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8328ab6f79391967a95d2c7052bc7f3dbe6b9b921dab7cd74cda22248b7a42b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
cache-control: max-age=5
content-encoding: gzip
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: text/javascript

GET
H2 200 hotjar-3621851.js Show response
static.hotjar.com/c/ 13 KB
6 KB 39ms
11ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3621851.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

3fab4e9ef8abde6ed9a8721d0e8d4e215fc5c74757b24a4f505716bd3be98e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: W/007a9f4961130bf2215a9fcb79101449
age: 39
x-content-type-options: nosniff
x-cache-hit: 1
x-cache: Hit from cloudfront
x-amz-cf-id: FOZVyukPhX4a78qK8ddvfLC4iAVY4p1wpuuVzm9ixA0GRdQjNlJo6A==
date: Tue, 24 Sep 2024 20:48:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2

GET
H2 200 i.js Show response
tag.wknd.ai/5615/ 13 KB
5 KB 44ms
9ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/5615/i.js
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 68cdccd0e95ed968635f15adab2070a367bf6b011dd02bfeb68be10fb9ded1de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: 4bbdc3bf61cf47
age: 82
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 20:48:11 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
cache-control: public,max-age=60
timing-allow-origin: *
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-router.tag-router.svc.cluster.local:80/*
via: 1.1 google
access-control-allow-origin: *
content-length: 4361
server: istio-envoy
x-region: us-central1

GET
H2 204 trigger
api.edkt.io/nexus/api/v1/attribution/ 0
754 B 82ms
44ms Image
image/gif 34.120.111.33
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.edkt.io/nexus/api/v1/attribution/trigger?apgId=50&pixId=118
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 33.111.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
via: 1.1 google
expires: 0
cache-id: FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
attribution-reporting-register-trigger: {"event_trigger_data":[{"priority":"1","trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x00000000000000000000000000000000","source_keys":["199","200"]}],"aggregatable_values":{"199":32768,"200":32768},"debug_key":"5142717369927466837","debug_reporting":true,"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com"}
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/gif
x-cloud-trace-context: 2fc96df29420e0868357b362ec7ddefb
server: Google Frontend
cache-status: disabled

GET
H3

200

src=12702588;dc_pre=CLLWjqS63IgDFcbMOwIdD8AfbQ;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=12702588;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord...
https://ad.doubleclick.net/ddm/activity/src=12702588;dc_pre=CLLWjqS63IgDFcbMOwIdD8AfbQ;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...
https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CLLWjqS63IgDFcbMOwIdD8AfbQ;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...

42 B
63 B

64ms
41ms

Image
image/gif

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CLLWjqS63IgDFcbMOwIdD8AfbQ;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=121452793

Requested by

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 24 Sep 2024 20:49:33 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"16897983845938902220"}],"aggregatable_trigger_data":[{"filters":[{"14":["13639100"]}],"key_piece":"0x2257a5c81132e3","source_keys":["12","13","14","15","16","17","18","19","20","21","628579056","628579057","628579058","628579059","899991472","899991473","899991474","899991475"]},{"key_piece":"0xe8f19b216d8685ed","not_filters":{"14":["13639100"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628579056","628579057","628579058","628579059","899991472","899991473","899991474","899991475"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628579056":32,"628579057":32,"628579058":32,"628579059":3177,"899991472":32,"899991473":32,"899991474":32,"899991475":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2784298692793767179","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"16897983845938902220","filters":[{"14":["13639100"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"16897983845938902220","filters":[{"14":["13639100"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"16897983845938902220","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"16897983845938902220","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12702588"]}}
content-type: image/png
cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CLLWjqS63IgDFcbMOwIdD8AfbQ;type=invmedia;cat=omnih0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=121452793
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
server: cafe

GET 1673
bttrack.com/pixel/retarget/ 0
0

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1648638&seg=32474541&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1648638%26seg%3D32474541%26t%3D2

43 B
1 KB

48ms
47ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1648638%26seg%3D32474541%26t%3D2

Requested by

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.134; 138.199.38.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: f8775c8f-c07d-4118-9552-ecb697e97c99
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1648638%26seg%3D32474541%26t%3D2
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 138.199.38.134; 138.199.38.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 82a7beb8-404c-473a-afdd-1acb31c7d4c6
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 100ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=hxkjicc&ct=0:zmh3z57&fmt=3
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-length: 70
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
508 B 105ms
32ms Image
image/gif 54.246.144.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10193172&he={INSERT_MACRO_HERE}&auid={INSERT_MACRO_HERE}

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.246.144.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-144-89.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.134 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-cache, no-store, private, must-revalidate
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.134)
expires: Tue, 24 Sep 2024 20:49:33 GMT
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/gif
server: ATS/9.1.10.134
x-frame-options: DENY

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=b753d945b20448378a2f2e7c15f10576&t=homepage
https://tags.w55c.net/rs?sccid=25aabecd-f1f9-d80f-c72d-4a1f7c10ee3b&scc=1&id=b753d945b20448378a2f2e7c15f10576&t=homepage

42 B
752 B

9ms
8ms

Image
image/gif

3.72.133.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=25aabecd-f1f9-d80f-c72d-4a1f7c10ee3b&scc=1&id=b753d945b20448378a2f2e7c15f10576&t=homepage

Requested by

Protocol

HTTP/1.1

Server

3.72.133.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-133-76.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-813-g905b2fc#rel-ec2-master i-04ff546b3debcf0cf@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains
Access-Control-Max-Age: 3600
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Methods: GET,POST,OPTIONS
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 42
Date: Tue, 24 Sep 2024 20:49:33 GMT
Content-Type: image/gif
Server: Retargeting/v2.0.30-813-g905b2fc#rel-ec2-master i-04ff546b3debcf0cf@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Access-Control-Allow-Headers: Content-Type,X-Forwarded-Proto

Redirect headers

Strict-Transport-Security: max-age=2592000; includeSubDomains
Access-Control-Max-Age: 3600
Cache-Control: no-cache, must-revalidate
Location: https://tags.w55c.net/rs?sccid=25aabecd-f1f9-d80f-c72d-4a1f7c10ee3b&scc=1&id=b753d945b20448378a2f2e7c15f10576&t=homepage
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Methods: GET,POST,OPTIONS
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 24 Sep 2024 20:49:32 GMT
Server: Retargeting/v2.0.30-813-g905b2fc#rel-ec2-master i-04ff546b3debcf0cf@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Access-Control-Allow-Headers: Content-Type,X-Forwarded-Proto

GET
H3

200

src=12702588;dc_pre=CL7Zj6S63IgDFU3wOwIdDhwZAw;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=12702588;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
https://ad.doubleclick.net/ddm/activity/src=12702588;dc_pre=CL7Zj6S63IgDFU3wOwIdDhwZAw;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr...
https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CL7Zj6S63IgDFU3wOwIdDhwZAw;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_...

42 B
63 B

48ms
43ms

Image
image/gif

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CL7Zj6S63IgDFU3wOwIdDhwZAw;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=2070271900

Requested by

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 24 Sep 2024 20:49:33 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"5000171291776085275"}],"aggregatable_trigger_data":[{"filters":[{"14":["14396674"]}],"key_piece":"0xe054e7a35afbdb61","source_keys":["12","13","14","15","16","17","18","19","20","21","628579056","628579057","628579058","628579059","899991472","899991473","899991474","899991475"]},{"key_piece":"0xfc0b27b876fe9990","not_filters":{"14":["14396674"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628579056","628579057","628579058","628579059","899991472","899991473","899991474","899991475"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628579056":32,"628579057":32,"628579058":32,"628579059":3177,"899991472":32,"899991473":32,"899991474":32,"899991475":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"616533907596731973","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5000171291776085275","filters":[{"14":["14396674"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5000171291776085275","filters":[{"14":["14396674"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5000171291776085275","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5000171291776085275","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12702588"]}}
content-type: image/png
cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=12702588;dc_pre=CL7Zj6S63IgDFU3wOwIdDhwZAw;type=invmedia;cat=omnih000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=2070271900
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 4F6F 0
0 43ms
29ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le97XwpAAAAAP1OicOTNou9XwqgwMbSdBGLHYBF&co=aHR0cHM6Ly9ib29raW5ncy5vbW5paG90ZWxzLmNvbTo0NDM.&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=vxdnonnvbmao

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hbHyjv9ZQwwckItxs7qWAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hbHyjv9ZQwwckItxs7qWAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Sep 2024 20:49:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel
a7tglno5hj.execute-api.us-east-1.amazonaws.com// 43 B
135 B 322ms
134ms Image
image/gif 54.82.155.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a7tglno5hj.execute-api.us-east-1.amazonaws.com//pixel?pid=&event=init
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.82.155.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-155-25.compute-1.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

apigw-requestid: eoLaqhuyIAMEMHA=
content-length: 43
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/gif

GET
H2 200 1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b.json Show response
cdn.cookielaw.org/consent/1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b/ 4 KB
2 KB 46ms
28ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b/1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0deb579f4758f3bb28fb6d75a3c0acf42a8d3c994dc8cfd3fd06af40fa24b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5: DHYW9DUGJ2p1mQcSvz2n5A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC96E5677175BF
age: 26007
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Wed, 25 Sep 2024 20:49:33 GMT
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/json
last-modified: Thu, 27 Jun 2024 20:12:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: db53de30-001e-008f-52ce-c8ddd6000000
cf-ray: 8c85a446e968d366-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1576
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 collect.js Show response
514013529.collect.igodigital.com/ 8 KB
2 KB 300ms
96ms Script
application/javascript 54.92.198.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://514013529.collect.igodigital.com/collect.js
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.198.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-198-16.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 18:45:58 GMT
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
151 B 19ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=107682597&t=pageview&_s=1&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&ul=de-de&de=UTF-8&dt=Login%20%7C%20Omni%20Hotels%20%26%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=809303184&gjid=792056370&cid=1837442788.1727210973&tid=UA-33986005-1&_gid=2042099199.1727210973&_r=1&_slc=1&gtm=45He49j0n81T9DN3NRv813109288za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=2078746581

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bookings.omnihotels.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
date: Tue, 24 Sep 2024 20:49:33 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 10ms
4ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=107682597&t=pageview&_s=1&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&ul=de-de&de=UTF-8&dt=Login%20%7C%20Omni%20Hotels%20%26%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=&gjid=&cid=1837442788.1727210973&tid=UA-33986005-1&_gid=2042099199.1727210973&gtm=45He49j0n81T9DN3NRv813109288za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=1450905200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
age: 29946
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
date: Tue, 24 Sep 2024 12:30:27 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
server: Golfe2

GET
H3

200

src=9197352;dc_pre=CMS3kqS63IgDFYjLOwIdDrUbcQ;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9197352;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
https://ad.doubleclick.net/ddm/activity/src=9197352;dc_pre=CMS3kqS63IgDFYjLOwIdDrUbcQ;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
https://adservice.google.com/ddm/fls/z/src=9197352;dc_pre=CMS3kqS63IgDFYjLOwIdDrUbcQ;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN

42 B
63 B

41ms
41ms

Image
image/gif

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9197352;dc_pre=CMS3kqS63IgDFYjLOwIdDrUbcQ;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN

Requested by

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 24 Sep 2024 20:49:33 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"4263641855270928314"}],"aggregatable_trigger_data":[{"filters":[{"14":["8311219"]}],"key_piece":"0xb9f75a7befe32266","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xe2567745e32b67e5","not_filters":{"14":["8311219"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"10184421754339799679","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"4263641855270928314","filters":[{"14":["8311219"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"4263641855270928314","filters":[{"14":["8311219"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"4263641855270928314","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"4263641855270928314","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9197352"]}}
content-type: image/png
cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=9197352;dc_pre=CMS3kqS63IgDFYjLOwIdDrUbcQ;type=track0;cat=omnih0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 59ms
19ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=ZTBkZWQ4NDktYjcwYS02YWFkLTA4OTEtOWRlM2JkNzQ5NjJm&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=JCo3MzCfHOy2HRUlbX2BOm9PBzjd0F8Fmc455oRb0A7NGL44uFaS7bzE0Oy67g1r&sjrn_ula=786550668

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 52ms
22ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=ZTBkZWQ4NDktYjcwYS02YWFkLTA4OTEtOWRlM2JkNzQ5NjJm&google_nid=sojern_adh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=JCo3MzCfHOy2HRUlbX2BOm9PBzjd0F8Fmc455oRb0A7NGL44uFaS7bzE0Oy67g1r
https://pixel.sojern.com/idsync/apn?id=1157216424423562898&sjrn_id=JCo3MzCfHOy2HRUlbX2BOm9PBzjd0F8Fmc455oRb0A7NGL44uFaS7bzE0Oy67g1r

42 B
271 B

20ms
17ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=1157216424423562898&sjrn_id=JCo3MzCfHOy2HRUlbX2BOm9PBzjd0F8Fmc455oRb0A7NGL44uFaS7bzE0Oy67g1r
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/gif
vary: Accept-Encoding
x-accel-expires: 0

Redirect headers

cache-control: no-store, no-cache, private
location: https://pixel.sojern.com/idsync/apn?id=1157216424423562898&sjrn_id=JCo3MzCfHOy2HRUlbX2BOm9PBzjd0F8Fmc455oRb0A7NGL44uFaS7bzE0Oy67g1r
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.134; 138.199.38.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 01757ff5-4510-4428-bd2e-513a6cad2fb9
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
148 B 45ms
39ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=JCo3MzCfHOy2HRUlbX2BOm9PBzjd0F8Fmc455oRb0A7NGL44uFaS7bzE0Oy67g1r&ttd_tpi=1
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-length: 70
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/gif
server: Kestrel

GET
H2

202

adf
pixel.sojern.com/idsync/
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=e0ded849-b70a-6aad-0891-9de3bd74962f&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=e0ded849-b70a-6aad-0891-9de3bd74962f&party=1296
https://pixel.sojern.com/idsync/adf?adfid=4854264713943888295&cid=e0ded849-b70a-6aad-0891-9de3bd74962f

0
234 B

16ms
16ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=4854264713943888295&cid=e0ded849-b70a-6aad-0891-9de3bd74962f
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-accel-expires: 0

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://pixel.sojern.com/idsync/adf?adfid=4854264713943888295&cid=e0ded849-b70a-6aad-0891-9de3bd74962f
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 20:49:33 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
816 B 228ms
184ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3868034&time=1727210973251&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 000622e3a48541554a382f969f3f7b93
x-msedge-ref: Ref A: DFA2AFB9A7804A86A3C8145B979F705C Ref B: FRAEDGE1210 Ref C: 2024-09-24T20:49:33Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYi46SFQVVKOC+Wnz97kw==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 24 Sep 2024 20:49:32 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1727210973251&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1727210973251&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-oh...

0
264 B

594ms
557ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1727210973251&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&e_ipv6=AQJjczYY0qqgMwAAAZIly-lDVJEggX2Wq-zUgYDqeDDegtvyVxrHRYAKLdpj7R5qZy1-znKY62zqjKLVkCzuTxY4ED-CGQ
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4D42915DBCE843328190FFAFA8654722 Ref B: FRAEDGE1514 Ref C: 2024-09-24T20:49:33Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYi46SQiEn4FVOc9YaIew==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1727210973251&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&e_ipv6=AQJjczYY0qqgMwAAAZIly-lDVJEggX2Wq-zUgYDqeDDegtvyVxrHRYAKLdpj7R5qZy1-znKY62zqjKLVkCzuTxY4ED-CGQ
x-msedge-ref: Ref A: FE3D466E547B4BE7A7BC4837BF8D1F98 Ref B: DUS30EDGE0920 Ref C: 2024-09-24T20:49:33Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYi46SHEocFKYZci9R/Pg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 24 Sep 2024 20:49:32 GMT

GET
H2 200 Page%20Load%20Started.json Show response
cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/ 1 KB
2 KB 32ms
7ms Fetch
application/octet-stream 18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/Page%20Load%20Started.json
Requested by: Host: schema.apolloplatform.com
URL: https://schema.apolloplatform.com/clientJS/apolloDQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8a99f7fa226be0d5bcc878f3ad41381727cb2d9dd9012c106e5cedff5e6a085

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

etag: "8a562bbb55c47c263c38b93aebb70dc2"
age: 66406
access-control-allow-methods: GET, HEAD
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 1272
x-amz-cf-id: mHI-64zTV_ksx03wKjpQd0Ae7UAMh-ElHaJwoF5ygXINQBGa86X4MQ==
date: Tue, 24 Sep 2024 02:22:47 GMT
content-type: application/octet-stream
last-modified: Wed, 26 Apr 2023 21:28:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256

GET
H2 200 User%20Detected.json Show response
cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/ 584 B
992 B 35ms
10ms Fetch
application/octet-stream 18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/User%20Detected.json
Requested by: Host: schema.apolloplatform.com
URL: https://schema.apolloplatform.com/clientJS/apolloDQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c919ed7913ac55a25e3b84f3995d8fb60de863d9fd4116880d975c2620373323

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

etag: "f41ff4a57b50f9eb1d3685d9c9778040"
age: 63896
access-control-allow-methods: GET, HEAD
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 584
x-amz-cf-id: SPFxFXBa0h3eaoOKKkHReZBPagnC4mgnmBaCJfloacOjQSDBqs-aUg==
date: Tue, 24 Sep 2024 03:04:38 GMT
content-type: application/octet-stream
last-modified: Wed, 26 Apr 2023 21:28:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256

GET
H2 200 Page%20Load%20Completed.json Show response
cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/ 289 B
696 B 33ms
8ms Fetch
application/octet-stream 18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.apolloplatform.com/app/bc866869-b4c9-4916-875d-d8fda445bb82/58b41a92-3880-4bc5-81b0-c32eb95726da/a72a26c6-14b5-46ac-9b9e-f8b8b7471f9f/Page%20Load%20Completed.json
Requested by: Host: schema.apolloplatform.com
URL: https://schema.apolloplatform.com/clientJS/apolloDQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ab8f34de3ccd3634518dd9188b7ec7cf08e00190b5e56e6606ad3ed2c92b2dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

etag: "4856c2ac363ca2cca9a78021417898b6"
age: 59286
access-control-allow-methods: GET, HEAD
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 289
x-amz-cf-id: _G-xAQ9C85HKnFFUyvu62Pkl8ciJ2Rutu1TsJ0MIQc5On_Xz5Dw2Kw==
date: Tue, 24 Sep 2024 04:21:28 GMT
content-type: application/octet-stream
last-modified: Wed, 26 Apr 2023 21:28:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256

GET
H2 200 pixel
a7tglno5hj.execute-api.us-east-1.amazonaws.com// 43 B
136 B 209ms
126ms Image
image/gif 54.82.155.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a7tglno5hj.execute-api.us-east-1.amazonaws.com//pixel?pid=&event=PageView&eventID=1727210973167.203781.19&url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.82.155.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-155-25.compute-1.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

apigw-requestid: eoLaqhSvoAMEYYQ=
content-length: 43
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/gif

GET
H3 200 210262292977069 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 105ms
104ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/210262292977069?v=2.9.167&r=stable&domain=bookings.omnihotels.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a834c359d925fdae29b90ecddb31d44f16a0171aafc87d91c59a9a7f40d34bf4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=72, mss=1232, tbw=67168, tp=63, tpl=0, uplat=97, ullat=0
pragma: public
x-fb-debug: Op8Xx0du8jLsA4K8JKOUDZLs9JJiaXfHklhV+E2MTBGRP1emn84X/+QN2PEiXjwV+GY0nHEXTidWcDjf1VnB7g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2

200

activityi;dc_pre=CPHBk6S63IgDFQ-4_Qcdk7E82Q;src=9945854;type=rtgco0;cat=globa0;ord=4168893504374;npa=1;auiddc=1142554019.1727210973;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;...
9945854.fls.doubleclick.net/ Frame D16D
Redirect Chain

https://9945854.fls.doubleclick.net/activityi;src=9945854;type=rtgco0;cat=globa0;ord=4168893504374;npa=1;auiddc=1142554019.1727210973;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefine...
https://9945854.fls.doubleclick.net/activityi;dc_pre=CPHBk6S63IgDFQ-4_Qcdk7E82Q;src=9945854;type=rtgco0;cat=globa0;ord=4168893504374;npa=1;auiddc=1142554019.1727210973;u1=undefined;u3=undefined;u4=...

0
0

28ms
26ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9945854.fls.doubleclick.net/activityi;dc_pre=CPHBk6S63IgDFQ-4_Qcdk7E82Q;src=9945854;type=rtgco0;cat=globa0;ord=4168893504374;npa=1;auiddc=1142554019.1727210973;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1435971946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686684;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9945854&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 835
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Sep 2024 20:49:33 GMT
expires: Tue, 24 Sep 2024 20:49:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Sep 2024 20:49:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9945854.fls.doubleclick.net/activityi;dc_pre=CPHBk6S63IgDFQ-4_Qcdk7E82Q;src=9945854;type=rtgco0;cat=globa0;ord=4168893504374;npa=1;auiddc=1142554019.1727210973;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1435971946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686684;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=9945854;type=rtgco0;cat=globa0;ord=4168893504374;npa=1;auiddc=1142554019.1727210973;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;...
ad.doubleclick.net/ 0
23 B 43ms
43ms Image
image/png 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9945854;type=rtgco0;cat=globa0;ord=4168893504374;npa=1;auiddc=1142554019.1727210973;u1=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u13=;u14=undefined;u15=undefined;u16=undefined;u18=undefined;u19=undefined;u20=undefined;u21=undefined;u24=undefined;u25=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail;u12=NA%7CNA%7CNA%7CNA;ps=1;pcor=1435971946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189991009z8813109288za201zb813109288;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686684;epver=2;~oref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 24 Sep 2024 20:49:33 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"8568999485081189705"}],"aggregatable_trigger_data":[{"filters":[{"14":["9389649"]}],"key_piece":"0x7428e40be56e669","source_keys":["12","13","14","15","16","17","18","19","20","21","18838136","18838137","18838138","18838139","20498656","20498657","20498658","20498659","22055080","22055081","22055082","22055083","628646972","628646973","628646974","628646975","628867828","628867829","628867830","628867831","628870292","628870293","628870294","628870295","634755436","634755437","634755438","634755439","638530408","638530409","638530410","638530411"]},{"key_piece":"0x12a6577fe90147c","not_filters":{"14":["9389649"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","18838136","18838137","18838138","18838139","20498656","20498657","20498658","20498659","22055080","22055081","22055082","22055083","628646972","628646973","628646974","628646975","628867828","628867829","628867830","628867831","628870292","628870293","628870294","628870295","634755436","634755437","634755438","634755439","638530408","638530409","638530410","638530411"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"18838136":59,"18838137":59,"18838138":59,"18838139":5778,"19":65,"20":65,"20498656":163,"20498657":163,"20498658":163,"20498659":15892,"21":6356,"22055080":50,"22055081":50,"22055082":50,"22055083":4889,"628646972":32,"628646973":32,"628646974":32,"628646975":3177,"628867828":32,"628867829":32,"628867830":32,"628867831":3177,"628870292":32,"628870293":32,"628870294":32,"628870295":3177,"634755436":32,"634755437":32,"634755438":32,"634755439":3177,"638530408":93,"638530409":93,"638530410":93,"638530411":9081},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"18229693576608296133","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"8568999485081189705","filters":[{"14":["9389649"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"8568999485081189705","filters":[{"14":["9389649"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"8568999485081189705","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"8568999485081189705","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9945854"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 53ms
18ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BELGX2HEXN&gtm=45je49j0h1v892865381z8813109288za200zb813109288&_p=1727210972933&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&ul=en&cid=1837442788.1727210973&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Fet_rid%3D64483253%26utm_term%3D%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&dp=%2Flogin&dt=Login&sid=1727210973&sct=1&seg=0&en=detect_user&_fv=1&_ss=1&ep.country=&ep.detailed_event=Page%20Load%20Completed&ep.name=User%20Sign%20In&ep.platform_version=Booking%20Engine&ep.site_section=booking%20engine&ep.weekday_or_weekend=weekday&ep.campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&ep.source=adhoc&ep.medium=email&ep.content=145656&up.custom_user_id=&up.loyalty_id=&up.user_login_state=logged%20out&tfd=2011
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BELGX2HEXN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bookings.omnihotels.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 58ms
17ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BELGX2HEXN&cid=1837442788.1727210973&gtm=45je49j0h1v892865381z8813109288za200zb813109288&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BELGX2HEXN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bookings.omnihotels.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 60ms
43ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BELGX2HEXN&cid=1837442788.1727210973&gtm=45je49j0h1v892865381z8813109288za200zb813109288&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=636479024

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 27003626.js Show response
bat.bing.com/p/action/ 369 B
425 B 32ms
31ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27003626.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D6A822BA13B34251AFF19C3E15CDA339 Ref B: FRA31EDGE0518 Ref C: 2024-09-24T20:49:33Z
x-cache: CONFIG_NOCACHE
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 51ms
27ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8c85a447be22d412-FRA
access-control-allow-origin: *
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 main.97c41ef3.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 26ms
22ms Script
application/javascript 2a02:26f0:4700:19d::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:4700:19d::1931 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
cache-control: max-age=1209600
access-control-expose-headers: X-CDN
content-encoding: br
etag: "e1539e83e14f862d3b381b23e74d63fa"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23701
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 modules.0721e7cf944cf9d78a0b.js Show response
script.hotjar.com/ 224 KB
56 KB 33ms
10ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3621851.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: none
content-encoding: br
etag: "ac12d2f9dbf41b678b7eb52a4d3e70f3"
age: 458846
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: mXDItm_safHze6GtKdHipuVcqsfA2HbHoPQ1rOC7IuBjypoQK706mQ==
date: Thu, 19 Sep 2024 13:22:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 13:21:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56508
x-amz-cf-pop: FRA60-P9

GET
H2 200 runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 908 B
1 KB 34ms
10ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/5615/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: etag, Content-Type
content-encoding: br
x-goog-hash: crc32c=zwy9lg==, md5=HCxXU9+1dkCoulTxEZNLMA==
etag: "1c2c5753dfb57640a8ba54f111934b30"
age: 1295933
ad-auction-allowed: true
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 509
date: Mon, 09 Sep 2024 20:50:40 GMT
last-modified: Mon, 09 Sep 2024 20:50:37 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljv653H8H6eJk5vMvYgEgVWU7DKNUGcde-a4zr1Y21N7XwaknHkGHd2ZWyNS5WEyXgzaKUQ
cache-control: public,max-age=31536000
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1725915037857422
content-length: 509
server: UploadServer

GET
H2 200 js Show response
bttrack.com/engagement/ 10 KB
4 KB 133ms
103ms Script
text/javascript 192.132.33.68
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL

https://bttrack.com/engagement/js?goalId=15411&cb=1727210973387

Requested by

Host: cdn.bttrack.com
URL: https://cdn.bttrack.com/js/15411/analytics/1.0/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

NET-33-132-192.68.bidtellect.com

Software

Resource Hash

8b75b067125175350431812ec8804de9121001f7cbef5bb5362257e76a4bf424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000;
cache-control: private,no-cache
content-encoding: gzip
x-servername: Track001-iad
pragma: no-cache
expires: -1
date: Tue, 24 Sep 2024 20:48:44 GMT
content-type: text/javascript; charset=utf-8

GET
H2 200 main.MWE3ZGFjMzZkMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 336 KB
94 KB 29ms
22ms Script
application/javascript 104.126.37.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHH59LBC77U6OCP0SEB0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c6403368f879c7beeac34230a15e8c034ffe4b53cb12e1aa164c5d40095f5c6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-24092412503179AC23744A239D3BD1E0-0A9E379C469A52DC-00
content-length: 95291
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024092412503179AC23744A239D3BD1E0
server: nginx
x-akamai-request-id: 17602c5a
x-tt-trace-host: 01d180fd28875b577fd5685ef9c7c0cedd9d9b11b1fccf0dd9177b8bb33822186546a6b3cb3965b4ddce4ed55d9a450f0a14bc116cfd2e93bafd7a09da91ef90be7f1f78aa11e2581b699394c00efb7a5e3d45a978d0a399d7858ae99dd2fc05872f21eb9e183e455575341848c998234c

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 109ms
98ms Stylesheet
text/css 18.193.54.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.193.54.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-54-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e5ba1a3e7815bd43da3e23992b21b8a53aab862dea28d1cb237262dce292ab4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 116ms
98ms Fetch
image/jpeg 18.193.54.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.193.54.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-54-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/jpeg

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 137 B
585 B 285ms
255ms Fetch
application/json 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&advertiser_id=31741
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b02878ce1eb22ab724074c95942a4fbd6af37101bef9fbaab916b1799094e2d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Observe-Browsing-Topics: ?1
Expires: Tue, 24 Sep 2024 20:49:33 GMT
Access-Control-Allow-Origin: https://bookings.omnihotels.com
Content-Length: 137
Date: Tue, 24 Sep 2024 20:49:33 GMT
Content-Type: application/json; charset=utf-8

GET
H2 204 0
bat.bing.com/action/ 0
179 B 40ms
33ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27003626&tm=gtm002&Ver=2&mid=1e1f121d-8989-4123-ab00-c46b8471ed03&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Login%20%7C%20Omni%20Hotels%20%26%20Resorts&p=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&r=&lt=1713&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=898873

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 75F8DCD0C1564A98B43CF656DD1DA0C7 Ref B: FRA31EDGE0518 Ref C: 2024-09-24T20:49:33Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 24 Sep 2024 20:49:33 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/ 451 KB
110 KB 22ms
21ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5: 7I5y/rp4ODu7ul89ty+epQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56F667161
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 80534
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 22:20:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: c05e064f-501e-009c-79cf-d7e837000000
cf-ray: 8c85a447ebc63642-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112027
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 54ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=210262292977069&ev=PageView&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&rl=&if=false&ts=1727210973431&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727210973429.553365837440469776&ler=empty&cdl=API_unavailable&it=1727210973283&coo=false&eid=1727210973167.203781.19&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2839, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 361ms
316ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=210262292977069&ev=PageView&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&rl=&if=false&ts=1727210973431&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727210973429.553365837440469776&ler=empty&cdl=API_unavailable&it=1727210973283&coo=false&eid=1727210973167.203781.19&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7418314643326058567"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ESIIY4bHEZL50nniPbff1BbtlCr9E8TJFHe7nWycA42+HVXisgatrkP6HK9el6XVyHSVQXQo9Qc3qW49S4SVvA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7418314643326058567", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=14, mss=1328, tbw=3156, tp=-1, tpl=-1, uplat=307, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 / Show response
ct.pinterest.com/user/ 321 B
772 B 76ms
36ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613054820814&cb=1727210973435&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

8257727cd4fa3be74e55fc11f7f6d0063bcf254f8616da30e97628101f8882de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 8306907b3f25696e6d81bf916997eab6
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=600
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU16TTNNV0V6TVdRdE9XTmhNeTAwWkdSaExXSmlNVEF0WmpZMVpUUmhNek5sWW1Jeg
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin: https://bookings.omnihotels.com
content-length: 186
akamai-grn: 0.dbd5ce17.1727210973.4e834be9
x-pinterest-rid: 7890798653392546

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
548 B 79ms
40ms Fetch
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2613054820814&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1727210973436

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-pinterest-rid-128bit: 94d23329d1c374e0f40ff99832ce05d5
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin: https://bookings.omnihotels.com
content-length: 35
akamai-grn: 0.dbd5ce17.1727210973.4e834bf0
x-pinterest-rid: 1758654950198778

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 25ms
24ms Script
application/javascript 104.126.37.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-240830022527CBF5A6BDAC95BF85457C-5FCCE23284D5383A-00
content-length: 39498
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20240830022527CBF5A6BDAC95BF85457C
server: nginx
x-akamai-request-id: 17602d07
x-tt-trace-host: 019cd81d430e382d22765268805daf2a1ed00bbf855ae9ed467d1da7885edad72cb00cb70985005c1de089a0a7fbb52c36fd8d02a4d9f7ae6ff597e3efb941b9bf875b60c3d790a2a84eec0c13cb20e8bea64ceb5ee2071c300573373bbc3698de

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
720 B 283ms
279ms Ping
text/plain 104.126.37.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Tue, 24 Sep 2024 20:49:33 GMT
server-timing: inner; dur=31, cdn-cache; desc=MISS, edge; dur=11, origin; dur=118
x-cache: TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date: Tue, 24 Sep 2024 20:49:33 GMT
x-akamai-request-id: 17602d08
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01ca5754d83224ad6ee886f811f6500308fde0c10a0c6df1cd27a93871bf2142a98c71b9b5e4fff698f32cf551e30f7f6578b464ab4fc8fe09e5d9ec7fb741b2bba660b55bb0b07682955299d970f49b201a3ef2edeb265cf870d07ea79590d03c
x-origin-response-time: 119,104.126.37.172
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-240924204933B61033B86F7E926D0C90-0DC32DCA59473B68-00
content-length: 0
x-tt-logid: 20240924204933B61033B86F7E926D0C90
server: nginx

GET
H2 200 main-v2_b3e43e9d9119d1c39265af6ae80b133a.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 516 KB
113 KB 8ms
6ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_b3e43e9d9119d1c39265af6ae80b133a.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/5615/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3d8fc5b4e99fb3055bf0ecd82eb631ff71347fc318445ffc123a1f357062708e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: etag, Content-Type
content-encoding: br
x-goog-hash: crc32c=lL9VTA==, md5=ff+8OVCNJHXBRdfBbrhjUA==
etag: "7dffbc39508d2475c145d7c16eb86350"
age: 26443
ad-auction-allowed: true
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 114969
date: Tue, 24 Sep 2024 13:28:50 GMT
last-modified: Tue, 24 Sep 2024 13:28:41 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljs6hdgQrp_3Xzr8hUh_rTi3nxdr6UjT-x2AiWGjawl-TFDS_lIagK7cKETiSz9lrfZetkeKKzW4Ew
cache-control: public,max-age=31536000
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727184521373959
content-length: 114969
server: UploadServer

GET
H2 200 cjs_min_3a843477d8e318f67237a66d0a58c542.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 49 KB
16 KB 14ms
12ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/5615/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: etag, Content-Type
content-encoding: gzip
x-goog-hash: crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g==
etag: "1eb885454ea6bef1c9747800702959de"
age: 437750
ad-auction-allowed: true
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 15748
date: Thu, 19 Sep 2024 19:13:43 GMT
last-modified: Mon, 22 Apr 2024 20:59:52 GMT
content-type: text/javascript; charset=utf-8
x-guploader-uploadid: AD-8ljtLFWL873cUwtx4nX5cSARQ679QiMKUU_tw20bKuA-P4Z63wIsO7rwhmSgZwokmZ7BeQjc
cache-control: public,max-age=31536000,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1713819592631797
content-length: 15748
server: UploadServer

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b/ac28045b-6313-4aae-ae01-51ef06f8f87f/ 117 KB
22 KB 34ms
30ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1b83bbb8-2ce9-4b1b-b46a-2a5f8f5bef7b/ac28045b-6313-4aae-ae01-51ef06f8f87f/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15e407a994358c787157ad3a465ce12dcec6c51abf84337d097bc5d6840ef6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5: ZXTDBj5wsfNycnYf2m7pCw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC96E56949EF25
age: 4795
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Wed, 25 Sep 2024 20:49:33 GMT
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/json
last-modified: Thu, 27 Jun 2024 20:12:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 2244b4dc-001e-00ad-1fce-c8b3e0000000
cf-ray: 8c85a4483e2cd366-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22643
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 148ms
63ms XHR
application/json 54.220.11.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=3621851&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.220.11.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-11-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: eaac8ad531c92b8172695e953dfceb2572110f728a75910c6f201e06e93e7ad7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/json

GET
H3 200 inbox-v2_75060a85c1a4aebcc6f779b9e84db722.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 19 KB
5 KB 7ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_75060a85c1a4aebcc6f779b9e84db722.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_b3e43e9d9119d1c39265af6ae80b133a.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 183ae143a7f66c133f3948bdf61a0a9f97eb326be7de5947c1f19b93f3b9db24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: etag, Content-Type
content-encoding: br
x-goog-hash: crc32c=df/Fww==, md5=CihY9k4bsokmzU8kBOwKQw==
etag: "0a2858f64e1bb28926cd4f2404ec0a43"
age: 16692
ad-auction-allowed: true
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5475
date: Tue, 24 Sep 2024 16:11:21 GMT
last-modified: Tue, 24 Sep 2024 13:28:36 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljvZsCTonjt-gCODpuCq2l_1MPHx87dLNiW8LKKK8eBzFKmy8Bu6lbgS2LVPFv1kcfGfJg
cache-control: public,max-age=31536000
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727184515970602
content-length: 5475
server: UploadServer

GET
H3 200 onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 8ms
8ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_b3e43e9d9119d1c39265af6ae80b133a.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: etag, Content-Type
content-encoding: br
x-goog-hash: crc32c=YWhgXQ==, md5=E+t6bCqMhb3KnLqECwDbLA==
etag: "13eb7a6c2a8c85bdca9cba840b00db2c"
age: 1230166
ad-auction-allowed: true
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5039
date: Tue, 10 Sep 2024 15:06:47 GMT
last-modified: Mon, 09 Sep 2024 20:50:29 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljs3a7MDtQunl00QIXljKUZRQmopFsHgKSnf_eLHvQkKH7j0N149g89b3RGMxvHTjE7fLfs
cache-control: public,max-age=31536000
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1725915029715220
content-length: 5039
server: UploadServer

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 13 KB
3 KB 23ms
22ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5: sHJXWIgDpMKY35PyRRy4zQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56B3084E2
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 54006
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:19:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: e02b3de5-301e-002d-5c83-d8104a000000
cf-ray: 8c85a4494a14d366-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 24 KB
4 KB 19ms
19ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 54006
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 22:20:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: b94b99f7-601e-0053-3983-d88f85000000
cf-ray: 8c85a4494a16d366-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 380ms
121ms XHR
application/json 34.98.115.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.115.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.115.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 8dd5b5eb9e1aa026df243e8305c4f34555d6db0a59a1151dedf46705c9d4a8ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: keep-alive
Expires: 0
Access-Control-Allow-Origin: *
Date: Tue, 24 Sep 2024 20:49:33 GMT
Content-Type: application/json
Access-Control-Allow-Headers: Origin, Content-Type, Accept

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 373ms
121ms XHR
application/json 35.244.225.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.225.92 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.225.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 5174e7b46a5b421f4f0685b9393e679c0dad70b6d684cd5bd88ffd4795b6e466

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: keep-alive
Expires: 0
Access-Control-Allow-Origin: *
Date: Tue, 24 Sep 2024 20:49:33 GMT
Content-Type: application/json
Access-Control-Allow-Headers: Origin, Content-Type, Accept

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 415ms
120ms XHR
application/json 34.107.168.197
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.197 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 197.168.107.34.bc.googleusercontent.com
Software: /
Resource Hash: fd64080d249c3c18c619fe2d899c29447a6fe487a14570dba9a7d29228cdfd30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: keep-alive
Expires: 0
Access-Control-Allow-Origin: *
Date: Tue, 24 Sep 2024 20:49:34 GMT
Content-Type: application/json
Access-Control-Allow-Headers: Origin, Content-Type, Accept

GET
H2 200 event Show response
bttrack.com/engagement/ 0
126 B 283ms
97ms XHR
text/plain 192.132.33.68
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL

https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215411%22%2C%22sessionId%22%3A%22cb5da1c5-2d35-40af-aa5c-de2c9d462c22%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D

Requested by

Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15411&cb=1727210973387

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

NET-33-132-192.68.bidtellect.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000;
cache-control: private,no-cache
content-encoding: gzip
x-servername: Track004-iad
pragma: no-cache
expires: -1
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 20:48:43 GMT
content-type: text/plain

GET
H2 200 getpixels Show response
bttrack.com/engagement/ 0
65 B 284ms
98ms XHR
text/html 192.132.33.68
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL

https://bttrack.com/engagement/getpixels?gid=15411

Requested by

Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15411&cb=1727210973387

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

NET-33-132-192.68.bidtellect.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000;
cache-control: private,no-cache
content-encoding: gzip
x-servername: Track001-iad
pragma: no-cache
expires: -1
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 20:48:44 GMT
content-type: text/html

GET
H2 202 track_page_view
nova.collect.igodigital.com/c2/514013529/ 43 B
802 B 102ms
101ms Image
image/gif 54.92.198.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/514013529/track_page_view?payload=%7B%22title%22%3A%22Login%20%7C%20Omni%20Hotels%20%26%20Resorts%22%2C%22url%22%3A%22https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail%22%2C%22referrer%22%3A%22%22%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.198.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-92-198-16.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding
x-request-id: f449f07c-e3df-455c-ae62-26e399a7b8d4
cache-control: private
content-encoding: gzip
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
x-content-type-options: nosniff
x-download-options: noopen
referrer-policy: strict-origin-when-cross-origin
date: Tue, 24 Sep 2024 20:49:33 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
content-disposition: inline
x-runtime: 0.005837
x-frame-options: SAMEORIGIN

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
292 B 99ms
98ms XHR
text/plain 18.193.54.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=RyRCfsnbaVa9UDYqPKC--w&is_js=true&landing_url=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&t=Login%20%7C%20Omni%20Hotels%20%26%20Resorts&tip=0ZNXIuUp1D69E5KiGAkDTxQzHMfPZLkCbxlwxEtuA7Q&host=https%3A%2F%2Fbookings.omnihotels.com&sa_conv_data_css_value=%270-e9fed910-b8b8-5dcb-5a69-8e8bd7fa84f1%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9e9fed910b8b85dcb5a698e8bd7fa84f18ac72686&l_src=&l_src_d=&u_src=adhoc&u_src_d=2024-09-24T20%3A49%3A33.400Z&shop=false&sa-user-id-v3=s%253AAQAKIEjmM5_rCZjxwZWcPAPX9Fme0u5CiZGHQxEPwUs6yEq6ENYBGAQg3cvMtwYwAToEQN4Ii0IE2P1kPw.bZMr5k3PaX4ucz3hbnXaBSPCWI1sFcwHAdTHVsRiMpU&sa-user-id-v2=s%253A6f7ZELi4XctaaY6L1_qE8YrHJoY.CdDptb0TztTPnqfkQ3FqUapbpxGznCjAvuj2rZKALEY&sa-user-id=s%253A0-e9fed910-b8b8-5dcb-5a69-8e8bd7fa84f1.3Rjdp02CDKo8WUqFxNFdEgpDR2dzYItyOopz%252Fo50RaY
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.193.54.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-54-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-methods: GET
access-control-allow-origin: https://bookings.omnihotels.com
content-length: 94
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
601 B 22ms
22ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/

Response headers

content-md5: pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 18788
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Sep 2024 06:41:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 96ae05c6-a01e-006c-2897-0e3859000000
cf-ray: 8c85a4497da23642-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
721 B 208ms
206ms Ping
text/plain 104.126.37.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Tue, 24 Sep 2024 20:49:33 GMT
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=12, origin; dur=108
x-cache: TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date: Tue, 24 Sep 2024 20:49:33 GMT
x-akamai-request-id: 176030c1
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01ca5754d83224ad6ee886f811f6500308fde0c10a0c6df1cd27a93871bf2142a93685911b9edf8194469b66f49f3007ad18d0ae41fd0de19e3f3d8bdbc9738d0fb4ecb73557c410f502488462dd2efd055e39774793e04db2e51ab4e243ba67ee
x-origin-response-time: 108,104.126.37.172
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24092420493354563C6DFD594F73103E-37B4800820B20E98-00
content-length: 0
x-tt-logid: 2024092420493354563C6DFD594F73103E
server: nginx

GET
H/1.1 200
OK tag.html
fledge.teads.tv/v1/interest-group/ Frame EDBD 0
0 49ms
33ms Document
text/html 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fledge.teads.tv/v1/interest-group/tag.html
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Ad-Auction-Allowed: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 539
Content-Type: text/html; charset=utf-8
Date: Tue, 24 Sep 2024 20:49:33 GMT
Expires: Tue, 24 Sep 2024 20:49:33 GMT
Pragma: no-cache

GET
H2 200 track
t.teads.tv/ 23 B
0 69ms
39ms Fetch
image/gif 23.32.101.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.teads.tv/track?action=browser-topics&env=js-web&tag_version=6.20.0_03d6d47&provider=tag&advertiser_id=31741&referer=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%3Dundefined%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&user_session_id=5d372fc5-0cd4-41da-92b0-619bf370b337
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.101.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-101-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://bookings.omnihotels.com
content-length: 23
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 87ms
53ms Image
image/gif 23.32.101.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.20.0_03d6d47&provider=tag&advertiser_id=31741&referer=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%3Dundefined%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&user_session_id=5d372fc5-0cd4-41da-92b0-619bf370b337
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.101.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-101-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: image/gif

GET
H/1.1 200
OK conversion
cm.teads.tv/v3/ 0
529 B 109ms
91ms Image
text/plain 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=pageView&env=js-web&tag_version=6.20.0_03d6d47&provider=tag&advertiser_id=31741&referer=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%3Dundefined%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&user_session_id=5d372fc5-0cd4-41da-92b0-619bf370b337
Requested by: Host: bookings.omnihotels.com
URL: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Observe-Browsing-Topics: ?1
Expires: Tue, 24 Sep 2024 20:49:33 GMT
Content-Length: 0
Attribution-Reporting-Register-Trigger: {"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1727210973","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date: Tue, 24 Sep 2024 20:49:33 GMT

GET
H2 200 local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame A5B7 0
0 21ms
9ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_b3e43e9d9119d1c39265af6ae80b133a.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
ad-auction-allowed: true
age: 2556869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Mon, 26 Aug 2024 06:35:04 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Wed, 21 Aug 2024 15:38:06 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1724254685943919
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: AHxI1nOiu1INSUGIqtDfWIX1mUYN04sf2LZrPyQRq91ws05vUPWyg4nhuSE_TrliWqS2mHOe_ooJNG17eQ

GET
H2 200 lookup Show response
pd.cdnwidget.com/ 74 B
288 B 151ms
126ms XHR
application/json 34.149.130.207
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.cdnwidget.com/lookup?deviceID=undefined&bxwid=5615&bxdid=10704371676348852&visitID=1727210973803155&enableUID2=false
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_b3e43e9d9119d1c39265af6ae80b133a.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 207.130.149.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: f309b4b6297e8c886d8d6b1ff31decc2d09f6eecf7804e3325bf5a2d3a5eac55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-envoy-upstream-service-time: 4
x-envoy-decorator-operation: id-resolution.id-resolution.svc.cluster.local:9000/*
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
date: Tue, 24 Sep 2024 20:49:33 GMT
content-type: application/json
server: istio-envoy

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
400 B 91ms
48ms Script
text/html 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=1457&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYAmE-ABgE5CBmSgVks2AC8QoBafY8zAdwCmAIxypgAgPqoAJlHoA2fPUwAnAThAAbOGgwF55cgA9uh1QJgCValVGwBDTZtQIA5hLgrNUABbBgAA44AKQ0AILBxABikVFCICAA1i6uOAB0IAC2CKg+IOKa6UhZsZogri6hUTqZEpkC0qhwmaEAIgKZ9qiakfI1EhqeSAJt9tJ5SL39SPaZAV2uCG2NaigcID4qHB1dmhwBKiAB+2IiW3nO0vYAnjgDAgHEACy9AsASKjJt8k9PABw0Yj0GhTYC1QYqYZtHAwTKTYh9MEScQqFo0Vqg2rFBDiHFtfBPBQKTFSaRtASEJD4exPSjSDiUIhPDhPciUjj2eyMhl-P7EaRIKiEegCEYImFw0nfX4AoEg8WwpASewoVAANzE1y+6Pw8j+SBgPxoHBgxHw9P+hI4f0IT2N0hgf2kPHoTwJhHkJPqjWa5M63V6EqVYBAngQAmuUvRFKpNLpDKZLLZSA5XPwPL5AqFIrF8iDEhDYYjEgQsxG6LyHFRAlQ9g4mhUAQCRw4aBwQirG26YxwtwkAQET2IgcVytVGuAke1rV1+sNdpNZotfytNoXDqdLrdTw9I8lKrQE8jpfqbUr1dr9cbzeObY7hx83ekvbuA6He6V9hwODeUZnhPkYkFUlJAfHsBBwx6aN-U0TANVEd5iiSVABCgYJCAAIUiYhNACbDQgiYhiD8QIQjlQj6GiSJKLiBJkjcdIshyPICiKEogWiMoKiWOVqiRb0mhaOV2hg6iEX6CEoWEsYJjExEsVmeZUEWaj0RWAQ1g2LYdm6fZDmOAJThwc4tBkG47h-R4Xg4+Rf0+MlhJ+f5AWBOSJNDSExWBVogzcpEUSE7y-KxDBcWAVT-yJT0bP6L5hJjalaXpRlbSTdlOW5SheX5QVqBzOT8zi7ynNlVybPzA91U1IqdT1A0jUXc0WRXehrVte1HWdchXXdaLKPkuoGkEiKdJ6crR0LFRwynBzvISuNksTVl0rTDMcuzUUComjzppLMsIvPepLwbJsWzvTtH00Hs+zfYdxv3VV8OIABhbCVHw8InuHQhWmwOiULQzDsMaBzh0+oiKEIcg7UIXUPRof4-kop7XqIjVQYIohSDNIUaD+cgaCUehIlR4g1Q+iIgaIgQ1SsCQuNcBopB4sGwhgRwf3QjEXuwgJpCiVAVBwYAABkQDGCngBUOAxVJ6RXAp9CsKI1AcAABTUDVQxwZ64GFrIrAp9nCll7DVYAZTgEQkE+IRDaIgjjc5nmVZwAAVAQjGAS3rdt+3Wad02iJmUDJGAMjWaxshcYYP4ua5uD7CFgBtBmmZcABdWAOYEROU5pum0+kZms8Dv7kLDhJ6aTxns5NzAhACKBeDeJvk4zzAAnDuxijmZxwOGCQYCu1w7DVMCoCAA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_b3e43e9d9119d1c39265af6ae80b133a.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 13
x-envoy-decorator-operation: legacy-api-tier1.legacy-api.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date: Tue, 24 Sep 2024 20:49:34 GMT
content-type: text/html; charset=UTF-8

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
200 B 168ms
168ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7705B973F2104609AF8158BE64428793 Ref B: DUS30EDGE0920 Ref C: 2024-09-24T20:49:34Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYi46SS5uox9B3ggXDkrQ==
x-li-proto: http/2
access-control-allow-origin: https://bookings.omnihotels.com
x-cache: CONFIG_NOCACHE
date: Tue, 24 Sep 2024 20:49:33 GMT
vary: Origin

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 36ms
35ms Script
application/javascript 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: max-age=7200
content-encoding: gzip
etag: "16d5d552603d86726ae439fc61299d42"
x-cdn: akamai
content-length: 2114
date: Tue, 24 Sep 2024 20:49:34 GMT
akamai-grn: 0.dbd5ce17.1727210974.4e835aee
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 4053 0
0 49ms
34ms Document
text/html 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.dbd5ce17.1727210974.4e835ac7
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 20:49:34 GMT
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 6601936211845631
x-pinterest-rid-128bit: 68c3b23f4a4c441b5b9eca0190d8cc75

GET
H2 200 up
insight.adsrvr.org/track/ Frame A3FB 0
0 33ms
33ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=yfvavnx&ref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&upid=s2p53hs&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Tue, 24 Sep 2024 20:49:34 GMT
server: Kestrel

GET
H2 200 up
insight.adsrvr.org/track/ Frame 5FDE 0
0 32ms
32ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=wn5plxq&ref=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&upid=0cbz3wn&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Tue, 24 Sep 2024 20:49:34 GMT
server: Kestrel

GET
H3 200 favicon.ico
bookings.omnihotels.com/images/favicon/ 15 KB
4 KB 27ms
27ms Other
image/x-icon 2606:4700::6812:1a5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.omnihotels.com/images/favicon/favicon.ico?95d72f2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1a5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec33225de79266bd483b6fe0bca2d9fafbbb9155df5a25011fe0d669411416e9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bookings.omnihotels.com/login?utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&et_rid=64483253&utm_source=sfmc&utm_term=&utm_content=145656&utm_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_id=64483253&sfmc_activityid=168cf643-f21d-4845-8743-df8d20541476&utm_medium=email&sfmc_journey_id=e7c1a49d-9174-407c-aa91-9882dc0975ee&sfmc_journey_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_activity_id=168cf643-f21d-4845-8743-df8d20541476&sfmc_activity_name=ho-rmeia-lrppop-tisb-rohiladsys_pe42&sfmc_asset_id=145656&sfmc_channel=email

Response headers

access-control-max-age: 1000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"64b7c892-3c2e"
age: 33723
access-control-allow-methods: GET, POST
expires: Thu, 24 Oct 2024 20:49:34 GMT
date: Tue, 24 Sep 2024 20:49:34 GMT
content-type: image/x-icon
last-modified: Wed, 19 Jul 2023 11:27:14 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with,Origin,Content-Type,Accept,Authorization,Client-security-token
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.hotjar.com https://*.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
cache-control: public, max-age=2592000
cross-origin-opener-policy: same-origin
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8c85a44d2f0b996f-FRA
server: cloudflare

GET
H2 200 SmarterHandler.ashx Show response
tr2.smarterhq.io/app1/ 7 B
127 B 290ms
93ms Script
text/javascript 52.55.232.119

General

Check archive.org

Show headers Download Go to

Full URL: https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=964074131&i=7b2hrefqup-1&cb=_smtr.postprocess&cu=true&bv=2.7.14&utc=-120&utm_campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&pt=5&href=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&hostn=bookings.omnihotels.com&pathn=%2Flogin
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/omni.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.232.119 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 62d2b289923f4ac801870b808ea8fc97e60053b7659040e6787344512889b4f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store,no-cache
content-length: 7
date: Tue, 24 Sep 2024 20:49:38 GMT
pragma: no-cache
content-type: text/javascript
server: Kestrel

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 15ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BELGX2HEXN&gtm=45je49j0h1v892865381z8813109288za200zb813109288&_p=1727210972933&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&ul=en&cid=1837442788.1727210973&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&dl=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Fet_rid%3D64483253%26utm_term%3D%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&dp=%2Flogin&dt=Login&sid=1727210973&sct=1&seg=1&en=page_view&ep.country=&ep.detailed_event=Page%20Load%20Completed&ep.name=User%20Sign%20In&ep.platform_version=Booking%20Engine&ep.site_section=booking%20engine&ep.weekday_or_weekend=weekday&ep.campaign=direct-ohr-email-prop-pitbsr-holidays_sep24&ep.source=adhoc&ep.medium=email&ep.content=145656&ep.count_page_load_completed=1&_et=3&tfd=7015
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BELGX2HEXN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bookings.omnihotels.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 20:49:38 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 event Show response
bttrack.com/engagement/ 0
57 B 96ms
96ms XHR
text/plain 192.132.33.68
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL

https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215411%22%2C%22sessionId%22%3A%22cb5da1c5-2d35-40af-aa5c-de2c9d462c22%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A2%2C%22url%22%3A%22https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D

Requested by

Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15411&cb=1727210973387

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

NET-33-132-192.68.bidtellect.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000;
cache-control: private,no-cache
content-encoding: gzip
x-servername: Track003-iad
pragma: no-cache
expires: -1
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 20:48:49 GMT
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bttrack.com
URL: https://bttrack.com/pixel/retarget/1673

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 04:06:02	Name: _GRECAPTCHA Value: 09AGteOyoieaXM2yy7o7_uKww_KlU7DkR_gAPY1DvnRv-TznQ3wr_VKdhg4OOnXiezN8wPnzqCzMTpSNITI9mjrB4
bookings.omnihotels.com/	1970-01-21 08:32:26	Name: P3_GEO_2021 Value: eyJpdiI6Ikd1Ri9hSzMzWkxVWFFKcDRQRjZTQUE9PSIsInZhbHVlIjoiYnJuVm5hUDFaaG9GRjZ5bXZPMkwwRTlZamRSbUkyQ1ZSTDEweW92YTdJRHdrSHlYNDBITEUvUHdGQnRpMnN3T0NBbzA4bzZHSzd4L2RVQk9kUG5vRisyNVovRm1qelpJWDVnS0dFUFdVaXRPd2crMVRsMTNxNDJYd3lLNjUwekFGS2o1TzBweTdGZkxmUVVCdVRzSHdZdE1EVXZtL2NkdUNrY1Rhc2d6b1lIU0J6dHR2SEhJRFphY1oxck1hSmJuM1plN3J6OHZOR0VFSktURks3aWVYTThtUjdOZUFvM2ZZSGtNR21yOXJHbWloWXhOUUlpd0dFU0prRGlNc3VsRmpYWjdicnJ6RGx5Vk9hVWlDOFZrY0xBNzZFaXhKZ29ZMEh1RjV5dWVLUkhtZXBMTHlkRFF3TWxKbGNMeWc1QWY0Yk9YcnhRTldvRVJ0aHVwTG5ZZWlEMklxM3J4eWRRdDVzckpBRmZIRXovMm1xemlXbmpIeVNEd1FpTHRpYkU0eXRtRlBQSGlYenZvN1l5QXdTNnNSTVZIOU56VlVWcnNLc1FrTG13UzJEaEpVdnB1M0pSUlFURWozdDBJNmZVWVZlWms4cmxwOUNtUDRsTlU0bElDQ1gxQ1MvN2xDSm1HTng2a1pWMFVqS2Q4ajZ5TTRzd3BYc3dsZVZGQ2FZRS9aZ3ZCVm84TWVJdS9YNm0yT2J5YVdQa1hBcnc1NGZpZzBlenlKSDNhNzQwWEdvRzJRSGRrN2xCL0JYaVhNbWRqIiwibWFjIjoiYTZhZjAwMGFmODQ1MTA1M2E3OGU0ZDJlYjg1YWFmNzVjZjViMWYzYjc5YzM2NTFhOWRiMGYyNWRlZGU4YzRkYiIsInRhZyI6IiJ9
bookings.omnihotels.com/	1970-01-20 23:46:58	Name: XSRF-TOKEN Value: eyJpdiI6IklqYzNscTRvUlRGbjFQSnRuamF4Y3c9PSIsInZhbHVlIjoiTjNuR2lIeURaMWFqWm1STHZ3ZWdBUExNcldCZ1VRV1cydjNxOGx0M1NoQW5vZ2pXNHdNWklKcS9BUmlTMFFSdEtFQStYK3pXZVN4SDlOSi8wMi9jR2ZuVXRCdU9YVlRsa0QvWk9UcnJDQmFsKzk5dFRuOWgyWVFVZTBpaFR4SWoiLCJtYWMiOiI4YmQ0OTg1OGUzOGUyOTYyNmQ1YjE5ZGFkMDgwYzk2ZTc3M2YxOTNhNzVmMzk1OWU0MWY2YzcyZWM0YjRiYTcyIiwidGFnIjoiIn0%3D
bookings.omnihotels.com/	1969-12-31 23:59:59	Name: laravel_session Value: eyJpdiI6IjB1b3pLVnUrL0prVlZzQ1NuR1h4Z0E9PSIsInZhbHVlIjoiNU12blQ0OVdLQUZvSVFkekdqTWEwSE1uMnBJSFJta1FXRWd5RDhCSUJUN2hZbldneEg0SHBUYkYzbWtaeUp2QVhDOGl2ajRSOXdudkJkWmVobWk5eFdrZ3NXNDBMV1ZvdHBPSGVqMzNXRnhXNDEzOWhTb2s4WHVQbjZIRlpxVjAiLCJtYWMiOiJiZDBlMDg1NTViODI5ZDgwNjk3MzIxOGE0NGM1MThmYThlMzhhZDkwZGY5NDVmZDA1MDhiYTM1NWUwMzQ2YTNhIiwidGFnIjoiIn0%3D
.omnihotels.com/	1970-01-21 01:56:26	Name: _gcl_au Value: 1.1.1142554019.1727210973
.omnihotels.com/	1970-01-20 23:48:17	Name: _gid Value: GA1.2.2042099199.1727210973
.omnihotels.com/	1970-01-20 23:46:51	Name: _gat_UA-33986005-1 Value: 1
.bookings.omnihotels.com/	1970-01-21 09:22:50	Name: _ga Value: GA1.3.1837442788.1727210973
.bookings.omnihotels.com/	1970-01-20 23:48:17	Name: _gid Value: GA1.3.2042099199.1727210973
.omnihotels.com/	1970-01-20 23:46:52	Name: smtrsession Value: cameFromEmail%7Ctrue
.tiktok.com/	1970-01-21 09:08:26	Name: _ttp Value: 2mX7Gm3GtUKjoOzaE7mKQVPpPlp
.adnxs.com/	1970-01-21 01:56:26	Name: XANDR_PANID Value: 9NCd0yuAaTBuj11FFEAJLwkIHi2Xhg0RmA42SD6hy17jV-MwhGj3tef22m9koUJP92jZnmRkNypALozSxNvPeaJnV5cAErXixnlFjjSJeFk.
.adnxs.com/	1970-01-21 09:22:50	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 01:56:26	Name: uuid2 Value: 1157216424423562898
.w55c.net/	1970-01-21 09:16:14	Name: wfivefivec Value: Dk64hca81STctv2
api.edkt.io/	1970-01-21 00:30:02	Name: ar_debug Value: 1
api.edkt.io/	1970-01-21 04:06:02	Name: ar_debug_uuid Value: 5142717369927466837
tags.srv.stackadapt.com/	1970-01-21 08:32:26	Name: sa-user-id Value: s%3A0-e9fed910-b8b8-5dcb-5a69-8e8bd7fa84f1.3Rjdp02CDKo8WUqFxNFdEgpDR2dzYItyOopz%2Fo50RaY
.srv.stackadapt.com/	1970-01-21 08:32:26	Name: sa-user-id Value: s%3A0-e9fed910-b8b8-5dcb-5a69-8e8bd7fa84f1.3Rjdp02CDKo8WUqFxNFdEgpDR2dzYItyOopz%2Fo50RaY
tags.srv.stackadapt.com/	1970-01-21 08:32:26	Name: sa-user-id-v2 Value: s%3A6f7ZELi4XctaaY6L1_qE8YrHJoY.CdDptb0TztTPnqfkQ3FqUapbpxGznCjAvuj2rZKALEY
.srv.stackadapt.com/	1970-01-21 08:32:26	Name: sa-user-id-v2 Value: s%3A6f7ZELi4XctaaY6L1_qE8YrHJoY.CdDptb0TztTPnqfkQ3FqUapbpxGznCjAvuj2rZKALEY
tags.srv.stackadapt.com/	1970-01-21 08:32:26	Name: sa-user-id-v3 Value: s%3AAQAKIEjmM5_rCZjxwZWcPAPX9Fme0u5CiZGHQxEPwUs6yEq6ENYBGAQg3cvMtwYwAToEQN4Ii0IE2P1kPw.bZMr5k3PaX4ucz3hbnXaBSPCWI1sFcwHAdTHVsRiMpU
.srv.stackadapt.com/	1970-01-21 08:32:26	Name: sa-user-id-v3 Value: s%3AAQAKIEjmM5_rCZjxwZWcPAPX9Fme0u5CiZGHQxEPwUs6yEq6ENYBGAQg3cvMtwYwAToEQN4Ii0IE2P1kPw.bZMr5k3PaX4ucz3hbnXaBSPCWI1sFcwHAdTHVsRiMpU
.omnihotels.com/	1970-01-21 09:22:50	Name: _ga Value: GA1.1.1837442788.1727210973
.omnihotels.com/	1970-01-21 09:22:50	Name: _ga_BELGX2HEXN Value: GS1.1.1727210973.1.1.1727210973.60.0.0
.doubleclick.net/	1970-01-21 00:30:02	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 04:06:02	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 01:56:26	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GU$vXW`w!]tbP6j2F-XstGt!@DOP$cUMR
bookings.omnihotels.com/	1970-01-21 00:30:02	Name: sa-u-source Value: adhoc
bookings.omnihotels.com/	1970-01-21 00:30:02	Name: sa-u-date Value: 2024-09-24T20:49:33.400Z
bookings.omnihotels.com/	1970-01-21 08:32:26	Name: sa-user-id Value: s%253A0-e9fed910-b8b8-5dcb-5a69-8e8bd7fa84f1.3Rjdp02CDKo8WUqFxNFdEgpDR2dzYItyOopz%252Fo50RaY
bookings.omnihotels.com/	1970-01-21 08:32:26	Name: sa-user-id-v2 Value: s%253A6f7ZELi4XctaaY6L1_qE8YrHJoY.CdDptb0TztTPnqfkQ3FqUapbpxGznCjAvuj2rZKALEY
.sojern.com/	1970-01-21 08:32:26	Name: cid Value: e0ded849-b70a-6aad-0891-9de3bd74962f#1727136000000
.sojern.com/	1970-01-21 01:56:26	Name: apnid Value: 1157216424423562898
bookings.omnihotels.com/	1970-01-21 08:32:26	Name: sa-user-id-v3 Value: s%253AAQAKIEjmM5_rCZjxwZWcPAPX9Fme0u5CiZGHQxEPwUs6yEq6ENYBGAQg3cvMtwYwAToEQN4Ii0IE2P1kPw.bZMr5k3PaX4ucz3hbnXaBSPCWI1sFcwHAdTHVsRiMpU
.doubleclick.net/	1970-01-21 09:08:26	Name: IDE Value: AHWqTUlcJ_Lw8g70wCt0Ms19QbdZeWhDbuIT5AWnq9nG_VcHiYv5qTlL9QkojJZfjYE
.omnihotels.com/	1970-01-21 01:56:26	Name: _fbp Value: fb.1.1727210973429.553365837440469776
.omnihotels.com/	1970-01-21 09:08:26	Name: _tt_enable_cookie Value: 1
.omnihotels.com/	1970-01-21 09:08:26	Name: _ttp Value: PtRuhWr2XWyM6aFvvWLdl-y2SiC
.adform.net/	1970-01-21 00:30:02	Name: C Value: 1
.omnihotels.com/	1970-01-21 08:32:26	Name: _hjSessionUser_3621851 Value: eyJpZCI6IjgwZDNkNzk1LTY3ZTktNWU0Yy05NzU2LTg5MTRkZWNmYzE1MiIsImNyZWF0ZWQiOjE3MjcyMTA5NzM0OTUsImV4aXN0aW5nIjp0cnVlfQ==
.omnihotels.com/	1970-01-20 23:46:52	Name: _hjSession_3621851 Value: eyJpZCI6IjQ4M2VlMzg5LWMxMjEtNDg4Ny05NWJjLTJjMWVkNDI0YjExNCIsImMiOjE3MjcyMTA5NzM0OTYsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.pinterest.com/	1970-01-21 08:32:26	Name: ar_debug Value: 1
.adform.net/	1970-01-21 01:13:14	Name: uid Value: 4854264713943888295
.bookings.omnihotels.com/	1970-01-21 08:32:26	Name: _pin_unauth Value: dWlkPU16TTNNV0V6TVdRdE9XTmhNeTAwWkdSaExXSmlNVEF0WmpZMVpUUmhNek5sWW1Jeg
.sojern.com/	1970-01-21 08:32:26	Name: adfid Value: 4854264713943888295
.linkedin.com/	1970-01-21 08:32:26	Name: bcookie Value: "v=2&4eecabb1-49bb-4c3a-8bcc-40277cf42d82"
.linkedin.com/	1970-01-21 04:06:02	Name: li_gc Value: MTswOzE3MjcyMTA5NzM7MjswMjH9lVQRWo4jtkFHBH8OmXo7ai3c+0J9gYaodTN6xlKrdQ==
.linkedin.com/	1970-01-20 23:48:17	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2943:u=1:x=1:i=1727210973:t=1727297373:v=2:sig=AQEf-BkY_kF3yzOrULMS2Vck5TQGyhsn"
.omnihotels.com/	1970-01-21 08:32:26	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Sep+24+2024+22%3A49%3A33+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202406.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=ba8e946a-22a6-4bfe-a710-4846eae05711&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fbookings.omnihotels.com%2Flogin%3Futm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-email-prop-pitbsr-holidays_sep24%26et_rid%3D64483253%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D145656%26utm_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_id%3D64483253%26sfmc_activityid%3D168cf643-f21d-4845-8743-df8d20541476%26utm_medium%3Demail%26sfmc_journey_id%3De7c1a49d-9174-407c-aa91-9882dc0975ee%26sfmc_journey_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_activity_id%3D168cf643-f21d-4845-8743-df8d20541476%26sfmc_activity_name%3Dho-rmeia-lrppop-tisb-rohiladsys_pe42%26sfmc_asset_id%3D145656%26sfmc_channel%3Demail&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1%2CC0005%3A1
.omnihotels.com/	1970-01-20 23:46:52	Name: tfpsi Value: 5d372fc5-0cd4-41da-92b0-619bf370b337
.igodigital.com/	1970-01-21 09:22:50	Name: igodigitaltc2 Value: 80e8063c-7ab6-11ef-8eff-96efe89243f9
.igodigital.com/	1970-01-20 23:46:54	Name: igodigitalst_514013529 Value: 80e80df8-7ab6-11ef-8eff-96efe89243f9
.igodigital.com/	1970-01-20 23:46:54	Name: igodigitalstdomain Value: 2000028897
cm.teads.tv/	1969-12-31 23:59:59	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' https://.hotjar.com https://.hotjar.io; connect-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com always;
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

514013529.collect.igodigital.com
9945854.fls.doubleclick.net
a7tglno5hj.execute-api.us-east-1.amazonaws.com
aa.trkn.us
ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
api.bounceexchange.com
api.edkt.io
assets.bounceexchange.com
bat.bing.com
beacon.sojern.com
bookings.omnihotels.com
bttrack.com
c1.adform.net
cdn.apolloplatform.com
cdn.bttrack.com
cdn.cookielaw.org
click.em.omnihotels.com
cm.g.doubleclick.net
cm.teads.tv
connect.facebook.net
content.hotjar.io
ct.pinterest.com
d1n00d49gkbray.cloudfront.net
data.cdnbasket.net
fledge.teads.tv
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
ka-f.fontawesome.com
match.adsrvr.org
nova.collect.igodigital.com
p.teads.tv
p.typekit.net
page.cdnbasket.net
pd.cdnwidget.com
pixel-library.pmg.com
pixel.sojern.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.pinimg.com
schema.apolloplatform.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
sp.analytics.yahoo.com
static.hotjar.com
stats.g.doubleclick.net
t.teads.tv
tag.wknd.ai
tags.srv.stackadapt.com
tags.w55c.net
tr2.smarterhq.io
use.typekit.net
view.cdnbasket.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
bttrack.com
104.126.37.138
107.178.244.119
13.107.42.14
13.111.234.80
13.33.187.74
142.250.185.134
142.250.186.34
142.250.186.38
15.197.193.217
18.172.103.101
18.193.54.173
18.64.103.51
18.66.102.51
18.66.112.127
185.89.210.122
192.132.33.67
192.132.33.68
2.16.97.41
2.17.100.224
2001:4860:4802:34::36
23.206.208.183
23.32.101.95
2600:9000:2260:8800:9:7c30:be80:21
2606:4700:3030::ac43:8b77
2606:4700:4400::ac40:9b77
2606:4700::6812:1a5d
2606:4700::6812:572a
2620:1ec:21::14
2620:1ec:33:1::10
2a00:1450:4001:800::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9a
2a02:26f0:3500:10::210:a9b
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
2a02:26f0:4700:19d::1931
2a02:26f0:e300::5f64:9251
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.72.133.76
34.107.168.197
34.111.8.32
34.120.111.33
34.120.253.250
34.149.130.207
34.98.115.224
34.98.72.95
35.244.225.92
37.157.6.254
52.223.40.198
52.55.232.119
54.220.11.62
54.246.144.89
54.82.155.25
54.92.198.16
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
04f8932e43fbac5c1eed9a1283f7f6fdcdcb97bdd8ea736ebcde30ae9cb4d4ff
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fa2284661e131a7ec2335404e89fc39f3e6a16eb653a21aacdc57fa021ba3da
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c
15e407a994358c787157ad3a465ce12dcec6c51abf84337d097bc5d6840ef6af
183ae143a7f66c133f3948bdf61a0a9f97eb326be7de5947c1f19b93f3b9db24
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cae0b9d70b27cc19083606d3249728c06e567271cef4692d9aa2e6f1e787f96
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21aaad728c1b8b705148d9263f61c70d51d8092b0bcd62c3f9e5b45ee34418d1
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
27325ea16f0df99976e67b268976c6d4562a6824c86d3bc2edf4e04776c5034d
2780ede9598614a57b1265fbfbc739c2c36f0cb7656bb59aa86a08e8ca5a1b95
2ab8f34de3ccd3634518dd9188b7ec7cf08e00190b5e56e6606ad3ed2c92b2dd
2cb34277a5434f95f67e8db342273633beb965b1e4151781e11145a76526437a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32984fcae927955ad21b22eba413e78d35b6f75613a52d1ff6cbf9c5c139d0ac
34e7dd6901dded3ec83c1358e84b7020185757fe5318df4fa948800e3dd9d4e0
36ff8562b6eb7a71acaeb673fe704baefd260365cdd37c9e23bb73c82263b855
3724d91d386a94f5f996109e99b924baa373c2baa4ef06f664a89a023241a251
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3aa52a4ddf9dbff6f1d48f4fafe31fdc8d4c13cd24653e1008b7bfad4a1849bb
3d8fc5b4e99fb3055bf0ecd82eb631ff71347fc318445ffc123a1f357062708e
3fab4e9ef8abde6ed9a8721d0e8d4e215fc5c74757b24a4f505716bd3be98e64
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
4b4eefde7fc63bf7b20cff2575cb6698bc83a313c4b99794f096dbda1bd9c908
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c53bd4fb46505b90b10e21b4c6e477a14abb0ed61eab0a7b44ee0c351de5b5a
50ec747afc45612c45573a7101ecf9adf6dee6e98c2620b22ee3f70144f9548e
5174e7b46a5b421f4f0685b9393e679c0dad70b6d684cd5bd88ffd4795b6e466
522e7fe1c9a58bc6742ffc993f258039f8e466de5f696ec0357e06004cbcec28
546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52
591c6bf7ae2840dc3c4bb1da23a9ee7da4a783e78026eda46ce3fcee561422e9
625b022a42ed5d9c39911e42050f4fd9834ea039af978b7716f7800ade95eb55
62d2b289923f4ac801870b808ea8fc97e60053b7659040e6787344512889b4f6
653c605223792518e8d7a382812f876321c916845a3f249b022ce16b892f5427
68cdccd0e95ed968635f15adab2070a367bf6b011dd02bfeb68be10fb9ded1de
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780
71d18af9ee879a36717e1ea3367b669031e3f6b12cb0aa1373fd200d278c4e6a
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
73b7f2f8725690c65daa20ee5336d595b4e1369dd42dc4c6baa11bd1fe1df90b
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
821e680e0e3aaf1443afd405e277a193550d50b434e4485b33dc0e7ab125c117
8257727cd4fa3be74e55fc11f7f6d0063bcf254f8616da30e97628101f8882de
8328ab6f79391967a95d2c7052bc7f3dbe6b9b921dab7cd74cda22248b7a42b5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8b75b067125175350431812ec8804de9121001f7cbef5bb5362257e76a4bf424
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd5b5eb9e1aa026df243e8305c4f34555d6db0a59a1151dedf46705c9d4a8ef
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f
91d066d6119ab29f915a93ca6142a883a243de5aef33bbcde60f566f43dda569
964c9f31bdcc1106d43ba126acf06b868c23889c4d086de2de2bec961be98ad4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
a334534614782c0e1ff21a6d9870e45372fd008677911a4195c517404b503443
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a3d998de525e2f49633d799353b5cfcdcc930241f375300401ae3bb52c85ea58
a7888999fa80868a7f03f4afcc1ab6f9bc8cf16113794978fde1ba006c961ce8
a834c359d925fdae29b90ecddb31d44f16a0171aafc87d91c59a9a7f40d34bf4
a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4bc789142ca61c2faae60acec10c04360e92f0995c4bc6d29b076e39d09e2c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abe92e0a271866d066c160619d758d8106cfba28bea8193b1fa5c6d87722702e
ac9c5cd537f4f793c78efd5acf796522a5b2449afbe28da4d6e51f1b6fe4c3f8
aeab072ee770d824b8db5177656e236751c36d00e807d5fe951ffefc9e039893
b02878ce1eb22ab724074c95942a4fbd6af37101bef9fbaab916b1799094e2d2
b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b90cf481a2ad169e12b9828c0d230570ad18116830d66d37aebcebdcd32b8bf8
c340313fbf7869da6c98fa2d5904983db6d7a1eb5bed7c114c98355eef779ec0
c6403368f879c7beeac34230a15e8c034ffe4b53cb12e1aa164c5d40095f5c6f
c919ed7913ac55a25e3b84f3995d8fb60de863d9fd4116880d975c2620373323
cafe94ba60283d2f3973530b64b9b615585263b4cc08cc8687521fb892b75538
cf83c170fc992166303ac5ee3ad9353ebeff4e41f0bf72f104cc843cc8958471
d1bd791dbae37c7eb4a2c35b384be01328236f5088a9237d020eeda521fac99f
d2c0e1aebf907b85c8790c7910529e00521037df698079cef17489cd7ff37a97
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
d8a99f7fa226be0d5bcc878f3ad41381727cb2d9dd9012c106e5cedff5e6a085
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deab1ba605f42bed06ae47ed46cfdd7ae5e71a69fae0db145e12bdf445bfe447
e0deb579f4758f3bb28fb6d75a3c0acf42a8d3c994dc8cfd3fd06af40fa24b75
e1faec96c5766cc5da452b7c0b8b078b32275ac7ad8dec805a8a25961a9b43df
e26115d5d30637c0bb28de8548e8dba25eee5be273cd7647c8e528d60a013240
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4019587a58b47600b0c345b48fd9f58af0d1f80ddeecdd67838bf30d72cb882
e5ba1a3e7815bd43da3e23992b21b8a53aab862dea28d1cb237262dce292ab4d
eaac8ad531c92b8172695e953dfceb2572110f728a75910c6f201e06e93e7ad7
ec33225de79266bd483b6fe0bca2d9fafbbb9155df5a25011fe0d669411416e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f309b4b6297e8c886d8d6b1ff31decc2d09f6eecf7804e3325bf5a2d3a5eac55
f353fedca26ee919313f87234be8288e116fae0b62dbe531b01695d025c03728
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fd64080d249c3c18c619fe2d899c29447a6fe487a14570dba9a7d29228cdfd30
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

bookings.omnihotels.com Open in urlscan Pro 2606:4700::6812:1a5d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

94 %HTTPS

39 %IPv6

43 Domains

66 Subdomains

60 IPs

6 Countries

2195 kBTransfer

6403 kBSize

55 Cookies

26 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bookings.omnihotels.com Open in urlscan Pro
2606:4700::6812:1a5d Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

94 %
HTTPS

39 %
IPv6

43
Domains

66
Subdomains

60
IPs

6
Countries

2195 kB
Transfer

6403 kB
Size

55
Cookies

147 HTTP transactions
0 data transactions