www.sonesta.com Open in urlscan Pro
2606:4700::6810:5622 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.e.sonesta.com/?qs=37180840c96e8be4a88dc650fbba8a14feea5823b16b8bef1cc6deb88b45856cfdd0be046c1362151752b467e4c6...
Effective URL:
https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mi...
Submission: On March 06 via api (March 6th 2020, 7:14:13 pm UTC) from US

Summary HTTP 67 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 20 domains to perform 67 HTTP transactions. The main IP is 2606:4700::6810:5622, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sonesta.com.
TLS certificate: Issued by Trusted Secure Certificate Authority DV on November 14th 2018. Valid for: 2 years.

This is the only time www.sonesta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	68.232.203.70 68.232.203.70	22606 (EXACT-7) (EXACT-7)
25	2606:4700::68... 2606:4700::6810:5622	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::393	54113 (FASTLY) (FASTLY)
1 4	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE)
1	52.1.5.182 52.1.5.182	14618 (AMAZON-AES) (AMAZON-AES)
1	35.190.5.192 35.190.5.192	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
2	23.37.59.76 23.37.59.76	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2	104.193.82.55 104.193.82.55	63124 (IGNITIONO...) (IGNITIONONE-ASN)
1	2606:4700:10:... 2606:4700:10::6814:6a02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1 1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
2 2	185.33.223.218 185.33.223.218	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.95.105.148 34.95.105.148	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	31.186.247.145 31.186.247.145	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	104.193.80.56 104.193.80.56	63124 (IGNITIONO...) (IGNITIONONE-ASN)
7	35.193.75.18 35.193.75.18	15169 (GOOGLE) (GOOGLE)
67	24

1 68.232.203.70 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.s6.exacttarget.com

click.e.sonesta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700::6810:5622 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sonesta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::393 (Ascension Island)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.5.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-5-182.compute-1.amazonaws.com

track.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.5.192 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 192.5.190.35.bc.googleusercontent.com

cdn.b0e8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.59.76 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-59-76.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.193.82.55 (United States)

ASN63124 (IGNITIONONE-ASN, US)

com-sonesta.netmng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:6a02 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.218 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.105.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.105.95.34.bc.googleusercontent.com

a.b0e8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.186.247.145 (United Kingdom)

ASN30282 (AS-INAPCDN-OCY, US)

nan.netmng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.193.80.56 (United States)

ASN63124 (IGNITIONONE-ASN, US)

dms.netmng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.193.75.18 (United States)

ASN15169 (GOOGLE, US)
PTR: 18.75.193.35.bc.googleusercontent.com

sonesta-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	sonesta.com 1 redirects click.e.sonesta.com www.sonesta.com	569 KB
8	quantummetric.com cdn.quantummetric.com sonesta-app.quantummetric.com	79 KB
6	google-analytics.com www.google-analytics.com ssl.google-analytics.com	58 KB
4	netmng.com com-sonesta.netmng.com nan.netmng.com dms.netmng.com	6 KB
4	google.com 1 redirects www.google.com	860 B
3	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
3	sojern.com beacon.sojern.com pixel.sojern.com	1 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	facebook.com 1 redirects www.facebook.com	504 B
2	google.de www.google.de	219 B
2	facebook.net connect.facebook.net	142 KB
2	bing.com bat.bing.com	7 KB
2	typography.com cloud.typography.com
2	b0e8.com cdn.b0e8.com a.b0e8.com	22 KB
1	gstatic.com www.gstatic.com	92 KB
1	atdmt.com cx.atdmt.com	319 B
1	googleadservices.com www.googleadservices.com	10 KB
1	googletagmanager.com www.googletagmanager.com	44 KB
1	securedvisit.com track.securedvisit.com	22 KB
1	cloudinary.com res.cloudinary.com	23 KB
67	20

	Domain	Requested by
25	www.sonesta.com	www.sonesta.com cdn.quantummetric.com
7	sonesta-app.quantummetric.com	cdn.quantummetric.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.sonesta.com
4	www.google.com	1 redirects www.sonesta.com www.gstatic.com
2	ib.adnxs.com	2 redirects
2	pixel.sojern.com	www.sonesta.com
2	www.facebook.com	1 redirects www.sonesta.com
2	www.google.de	www.sonesta.com
2	ssl.google-analytics.com	www.googletagmanager.com www.sonesta.com
2	com-sonesta.netmng.com	www.sonesta.com com-sonesta.netmng.com
2	connect.facebook.net	www.sonesta.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com www.sonesta.com
2	cloud.typography.com	www.sonesta.com
1	dms.netmng.com	com-sonesta.netmng.com
1	nan.netmng.com	com-sonesta.netmng.com
1	www.gstatic.com	www.google.com
1	cx.atdmt.com	www.sonesta.com
1	a.b0e8.com	www.sonesta.com
1	cm.g.doubleclick.net	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	1 redirects
1	cdn.quantummetric.com	www.sonesta.com
1	beacon.sojern.com	www.sonesta.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.sonesta.com
1	cdn.b0e8.com	www.sonesta.com
1	track.securedvisit.com	www.sonesta.com
1	res.cloudinary.com	www.sonesta.com
1	click.e.sonesta.com	1 redirects
67	29

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
www.microsoft.com
support.apple.com
gc.synxis.com
secure.bankofamerica.com
www.shopsonesta.com
www.youtube.com
www.twitter.com
www.facebook.com
www.pinterest.com
www.instagram.com
privacyportal-cdn.onetrust.com

Subject Issuer	Validity	Valid
*.sonesta.com Trusted Secure Certificate Authority DV	`2018-11-14` - `2020-10-31`	2 years	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2018-07-01` - `2020-06-22`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
securedvisit.com Amazon	`2020-01-31` - `2021-02-28`	a year	crt.sh
cdn.b0e8.com GTS CA 1D2	`2020-03-02` - `2020-05-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.typography.com DigiCert SHA2 Secure Server CA	`2019-03-23` - `2020-06-21`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.sojern.com DigiCert SHA2 High Assurance Server CA	`2018-12-11` - `2020-12-10`	2 years	crt.sh
*.netmng.com Go Daddy Secure Certificate Authority - G2	`2020-02-10` - `2021-02-23`	a year	crt.sh
ssl513445.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-01` - `2020-08-09`	6 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
b0e8.com GTS CA 1D2	`2020-02-21` - `2020-05-21`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-01-20` - `2020-04-19`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-28` - `2021-02-13`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Frame ID: 24639EE74FBD6A09D5DE6D45A0055337
Requests: 66 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfO2JIUAAAAAKrDHFGxP0cfrmejDzzXKi626WwL&co=aHR0cHM6Ly93d3cuc29uZXN0YS5jb206NDQz&hl=en&v=v1QHzzN92WdopzN_oD7bUO2P&size=invisible&cb=c8gmnqfmjryk
Frame ID: 3DED6AC82F752E46F49AF03DAE849F70
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click.e.sonesta.com/?qs=37180840c96e8be4a88dc650fbba8a14feea5823b16b8bef1cc6deb88b45856cfdd0be04... HTTP 302
https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40... Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

67
Requests

100 %
HTTPS

54 %
IPv6

20
Domains

29
Subdomains

24
IPs

7
Countries

1079 kB
Transfer

3904 kB
Size

15
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome
Title:

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/new/
Title:

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/download/internet-explorer.aspx
Title:

Search URL Search Domain Scan URL

URL: https://support.apple.com/downloads/safari
Title:

Search URL Search Domain Scan URL

URL: https://gc.synxis.com/rez.aspx?Chain=5157&dest=ALL&filter=Retail
Title: Check availability

Search URL Search Domain Scan URL

URL: https://gc.synxis.com/rez.aspx?adult=1&child=0&filter=Retail&arrive=12%2f20%2f2016&depart=12%2f21%2f2016&start=availresults&hotel=&Chain=5157
Title: book now

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/applynow/initialize-workflow.go?requesttype=C&campaignid=4041596&productoffercode=V9&genericvariables=861~header
Title: Apply now

Search URL Search Domain Scan URL

URL: https://gc.synxis.com/rez.aspx?chain=5157&hotel=&locale=en-US&start=searchres
Title: Modify/Cancel a Reservation

Search URL Search Domain Scan URL

URL: https://gc.synxis.com/rez.aspx?chain=5157&locale=en-US&start=searchres
Title: Modify/Cancel a Reservation

Search URL Search Domain Scan URL

URL: https://www.shopsonesta.com/
Title: Shop Sonesta

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SonestaHotels
Title:

Search URL Search Domain Scan URL

URL: http://www.twitter.com/SonestaHotels
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/SonestaHotels
Title:

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/sonestahotels/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sonestahotels/
Title:

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/applynow/initialize-workflow.go?requesttype=C&campaignid=4041596&productoffercode=V9&genericvariables=861~footer
Title: Apply now

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/d87ccc70-c287-4d3f-9c26-4120905f881e/a3bf6262-c2a5-4d00-aebe-6d5376f8f428.html
Title: do not sell my information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.e.sonesta.com/?qs=37180840c96e8be4a88dc650fbba8a14feea5823b16b8bef1cc6deb88b45856cfdd0be046c1362151752b467e4c6afa54875fcf9b2011780 HTTP 302
https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-733428-1&cid=1670421886.1583522035&jid=515995634&gjid=828679623&_gid=1268247279.1583522035&_u=aGDAgEADQ~&z=267972161 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=1670421886.1583522035&jid=515995634&_v=j81&z=267972161 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=1670421886.1583522035&jid=515995634&_v=j81&z=267972161&slf_rd=1&random=2743213996

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=sojern__adx_open_bidder_seat&google_hm=zOSFFrO316l2GF2Mo6RS6A&google_cm&google_sc&sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&sjrn_ula=518232766 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&sjrn_ula=518232766&google_gid=CAESEDBF4HukBYFpS-l6MoxLBHs&google_cver=1

Request Chain 47

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&id=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fsjrn_id%3DYq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4%26id%3D%24UID HTTP 302
https://pixel.sojern.com/idsync/apn?sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&id=3882356864181879861

Request Chain 49

https://www.facebook.com/tr/?id=510300539145559&ev=Microdata&dl=https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%2520Pass%2520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&rl=&if=false&ts=1583522035729&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Point%20Expiration%20Confirmation%20%7C%20Sonesta%20Travel%20Pass%22%2C%22meta%3Adescription%22%3A%22*%2F%20Thank%20you%20for%20confirming!%C2%A0%20Your%20account%20will%20be%20credited%20100%20bonus%20points.%20Your%20points%20are%20active%20and%20free%20to%20redeem!%C2%A0%20Every%20time%20you%20stay%2C%20earn%2C%20or%20redeem%2C%20your%20points%20will%20remain%20active%20for%20another%2024%20months%20Sign%20into%20your%20account%20and%20view%20your%20point%20status!%20Log%20In%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Sonesta%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%22%2C%22og%3Atitle%22%3A%22Point%20Expiration%20Confirmation%22%2C%22og%3Aupdated_time%22%3A%222020-03-03T11%3A37%3A56-05%3A00%22%2C%22article%3Apublished_time%22%3A%222020-02-28T16%3A19%3A48-05%3A00%22%2C%22article%3Amodified_time%22%3A%222020-03-03T11%3A37%3A56-05%3A00%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1583522035225.100136520&it=1583522035123&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=4549426103958130865&f=AYzedqjr_J5CyDCo9YFFfZqCQfXf6C2nVNGyymusfd6egRHflpoiaczWXWeIUQhhOTWvZ1lZb5umSfaU2ueDKkxB&id=510300539145559&l=3&v=0

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request point-expiration-confirmation Show response
www.sonesta.com/travel-pass/
Redirect Chain

http://click.e.sonesta.com/?qs=37180840c96e8be4a88dc650fbba8a14feea5823b16b8bef1cc6deb88b45856cfdd0be046c1362151752b467e4c6afa54875fcf9b2011780
https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_...

180 KB
58 KB

844ms
804ms

Document
text/html

2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540b21d01f5c2bfa033258b98a5fec8e1986cfe0774d709cf02df1ac229a8880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin

Request headers

:method: GET
:authority: www.sonesta.com
:scheme: https
:path: /travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 06 Mar 2020 19:13:54 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dfed467cb5427c13924ee1cdcfff45c3d1583522033; expires=Sun, 05-Apr-20 19:13:53 GMT; path=/; domain=.sonesta.com; HttpOnly; SameSite=Lax; Secure
x-drupal-cache: MISS
x-content-type-options: nosniff
x-frame-options: SameOrigin
content-language: en
x-generator: Drupal 7 (https://www.drupal.org)
link: <https://www.sonesta.com/travel-pass/point-expiration-confirmation>; rel="canonical",<https://www.sonesta.com/node/70651>; rel="shortlink"
cache-control: public, max-age=21600
last-modified: Fri, 06 Mar 2020 19:09:52 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
vary: Cookie,Accept-Encoding
x-request-id: v-0eac3e5a-5fde-11ea-8a04-7b2122819d73
x-ah-environment: prod
age: 239
via: varnish
x-cache: HIT
x-cache-hits: 1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56fe6583984e175a-FRA
content-encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Date: Fri, 06 Mar 2020 19:13:52 GMT
X-Cnection: close
Content-Length: 439

GET
H2 200 css_Vts0XjaQXkIwBk9HNAoJwrvmmE9lw6S9oxqJuhh0OB0.css
www.sonesta.com/sites/default/files/css/ 734 B
432 B 728ms
727ms Stylesheet
text/css 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/default/files/css/css_Vts0XjaQXkIwBk9HNAoJwrvmmE9lw6S9oxqJuhh0OB0.css

Requested by

Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56db345e36905e4230064f47340a09c2bbe6984f65c3a4bda31a89ba1874381d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 06 Mar 2020 19:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213890
x-cache: HIT
status: 200
x-cache-hits: 71727
x-ah-environment: prod
content-length: 305
x-request-id: v-9e90603a-5dec-11ea-affc-c3555a94152d
last-modified: Tue, 18 Feb 2020 17:12:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe6588abba175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 css_hSKDWfih61rjKDeOMezPAjuRskVAgJtHmNgKbeApZ8c.css
www.sonesta.com/sites/default/files/css/ 20 KB
4 KB 662ms
661ms Stylesheet
text/css 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/default/files/css/css_hSKDWfih61rjKDeOMezPAjuRskVAgJtHmNgKbeApZ8c.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85228359f8a1eb5ae328378e31eccf023b91b24540809b4798d80a6de02967c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 06 Mar 2020 19:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213890
x-cache: HIT
status: 200
x-cache-hits: 71703
x-ah-environment: prod
content-length: 4377
x-request-id: v-9e921f92-5dec-11ea-aac8-1f103916ffc3
last-modified: Wed, 12 Feb 2020 18:52:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe6588abbf175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 css_VuvLEzCdwg-srK1j60-TgoWtmcck7zzZqQ1NigWXqaE.css
www.sonesta.com/sites/default/files/css/ 1 KB
607 B 644ms
644ms Stylesheet
text/css 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/default/files/css/css_VuvLEzCdwg-srK1j60-TgoWtmcck7zzZqQ1NigWXqaE.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56ebcb13309dc20facacad63eb4f938285ad99c724ef3cd9a90d4d8a0597a9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 06 Mar 2020 19:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213890
x-cache: HIT
status: 200
x-cache-hits: 71301
x-ah-environment: prod
content-length: 438
x-request-id: v-9e933a9e-5dec-11ea-95ce-8f8b8377488d
last-modified: Tue, 18 Feb 2020 17:12:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe6588abc3175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 travelpass.css
www.sonesta.com/sites/all/themes/sonesta/css/standalones/ 9 KB
2 KB 660ms
659ms Stylesheet
text/css 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/all/themes/sonesta/css/standalones/travelpass.css?q6dltf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4746556591313e5463a5f43f9ae554677063007311dd981aa040a3a67af219

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 06 Mar 2020 19:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213562
x-cache: HIT
status: 200
x-cache-hits: 19531
x-ah-environment: prod
content-length: 2232
x-request-id: v-62014c00-5ded-11ea-ad66-138d2634e6a8
last-modified: Thu, 31 Oct 2019 14:29:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe6588abc5175a-FRA
expires: Wed, 18 Mar 2020 07:54:32 GMT

GET
H2 200 css_QNgAMAnoS3EF01wOcfZxOFhGfUVW9yGm6VXpZowDAkE.css
www.sonesta.com/sites/default/files/css/ 290 KB
44 KB 837ms
836ms Stylesheet
text/css 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/default/files/css/css_QNgAMAnoS3EF01wOcfZxOFhGfUVW9yGm6VXpZowDAkE.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40d8003009e84b7105d35c0e71f6713858467d4556f721a6e955e9668c030241

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 06 Mar 2020 19:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213890
x-cache: HIT
status: 200
x-cache-hits: 71848
x-ah-environment: prod
content-length: 44370
x-request-id: v-9e92acaa-5dec-11ea-89d3-efc2d566f6c7
last-modified: Thu, 27 Feb 2020 16:12:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe6588abc8175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 email-decode.min.js Show response
www.sonesta.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
830 B 38ms
14ms Script
application/javascript 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:54 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 06 Mar 2020 12:22:46 GMT
server: cloudflare
etag: W/"5e624096-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 56fe6588dce6175a-FRA
expires: Sun, 08 Mar 2020 19:13:54 GMT

GET
H2 200 css_47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU.css
www.sonesta.com/sites/default/files/css/ 0
123 B 664ms
664ms Stylesheet
text/css 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/default/files/css/css_47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 06 Mar 2020 19:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213890
x-cache: HIT
status: 200
x-cache-hits: 70847
x-ah-environment: prod
content-length: 20
x-request-id: v-9e9ea136-5dec-11ea-a474-e766ba31c90f
last-modified: Tue, 18 Feb 2020 17:12:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe6588dcea175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 sonesta-logo.svg
www.sonesta.com/sites/all/themes/sonesta/images/ 14 KB
5 KB 178ms
178ms Image
image/svg+xml 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sonesta.com/sites/all/themes/sonesta/images/sonesta-logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b226c2dd5ddc1c70d115b17ce476202c476f4a017e16d6ee33c3a695aea2b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:54 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213883
x-cache: HIT
status: 200
x-cache-hits: 53927
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-a2921714-5dec-11ea-b8c7-6bebd9028dff
last-modified: Tue, 23 Jul 2019 06:37:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 56fe65898854175a-FRA
expires: Wed, 18 Mar 2020 07:49:10 GMT

GET
H2 200 https%3A%2F%2Fwww.sonesta.com%2Fsites%2Fdefault%2Ffiles%2Fmastheads%2F020A0887-B_Low_Res.jpg
res.cloudinary.com/sonesta/image/fetch/c_crop,x_0,y_143,w_1200,h_250,q_auto:good,f_auto,fl_force_strip.lossy.progressive/c_scale,w_1920/ 23 KB
23 KB 52ms
8ms Image
image/webp 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/sonesta/image/fetch/c_crop,x_0,y_143,w_1200,h_250,q_auto:good,f_auto,fl_force_strip.lossy.progressive/c_scale,w_1920/https%3A%2F%2Fwww.sonesta.com%2Fsites%2Fdefault%2Ffiles%2Fmastheads%2F020A0887-B_Low_Res.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8e1c1937318e90f4d7d521cefe98c7f2bc75704d9b81c51827f0947490dacdb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
strict-transport-security: max-age=604800
status: 200
content-disposition: inline; filename="020A0887-B_Low_Res.webp"
server-timing: cloudinary;dur=15;start=2020-03-04T22:16:10.124Z,fastly;dur=1;total=2;start=2020-03-06T19:13:55.058Z;desc=HIT,rtt;dur=5
content-length: 23268
last-modified: Fri, 28 Feb 2020 21:24:11 GMT
server: Cloudinary
etag: "92bde41acc21d7db0cfb71b86869373d"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,Vary
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 check-tag.png
www.sonesta.com/sites/all/themes/sonesta/components/booking-widget/ 2 KB
2 KB 651ms
648ms Image
image/png 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sonesta.com/sites/all/themes/sonesta/components/booking-widget/check-tag.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c85de9f5ded20ea2f367b4e81be19058ff2969d25759389a98368b93095eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213891
x-cache: HIT
status: 200
x-cache-hits: 66110
x-ah-environment: prod
content-length: 1762
x-request-id: v-9e9f47ee-5dec-11ea-8c42-171158867347
last-modified: Tue, 23 Jul 2019 06:53:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658edace175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 youtube.png
www.sonesta.com/sites/all/themes/sonesta/images/ 407 B
566 B 179ms
177ms Image
image/png 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sonesta.com/sites/all/themes/sonesta/images/youtube.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c3d698bbde6de0c4aa735eae5af62b316842ffebd8387505a183e8d1a85f975

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213890
x-cache: HIT
status: 200
x-cache-hits: 64767
x-ah-environment: prod
content-length: 407
x-request-id: v-9ea1a75a-5dec-11ea-b241-4f9483d95448
last-modified: Tue, 23 Jul 2019 06:22:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658edad0175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 twitter.png
www.sonesta.com/sites/default/files/ 742 B
868 B 635ms
632ms Image
image/png 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sonesta.com/sites/default/files/twitter.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0370314abc5fbb2cbfdf7aa3ff4e16a2314985f2c9daf3d1073f7bc091d1f386

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213891
x-cache: HIT
status: 200
x-cache-hits: 64608
x-ah-environment: prod
content-length: 742
x-request-id: v-9e9fdb64-5dec-11ea-9767-6f245bdd3c52
last-modified: Thu, 31 Mar 2016 02:56:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658edad3175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 facebook.png
www.sonesta.com/sites/default/files/ 527 B
658 B 633ms
631ms Image
image/png 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sonesta.com/sites/default/files/facebook.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

248b82483f6d8d123fd9589de1d34015c499fe6e3096d2bbe440298de57e3e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213891
x-cache: HIT
status: 200
x-cache-hits: 64905
x-ah-environment: prod
content-length: 527
x-request-id: v-9ea18176-5dec-11ea-8698-af4542686d27
last-modified: Thu, 31 Mar 2016 02:55:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658edad5175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 pinterest.png
www.sonesta.com/sites/default/files/ 954 B
1 KB 177ms
174ms Image
image/png 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sonesta.com/sites/default/files/pinterest.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd541b9365d9916a8767f77f9e20dbd3d613830d1128b6a115ac05dca2c2192

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213779
x-cache: HIT
status: 200
x-cache-hits: 38456
x-ah-environment: prod
content-length: 954
x-request-id: v-e12771cc-5dec-11ea-9985-778f0d7c79c5
last-modified: Thu, 31 Mar 2016 02:54:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658edad6175a-FRA
expires: Wed, 18 Mar 2020 07:50:55 GMT

GET
H2 200 Instagram_0.png
www.sonesta.com/sites/default/files/ 688 B
813 B 644ms
641ms Image
image/png 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sonesta.com/sites/default/files/Instagram_0.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530b5f1f2046cfd0428c7b3e0ae242a80c53d214318fda43eadf99015eeb5c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213891
x-cache: HIT
status: 200
x-cache-hits: 60433
x-ah-environment: prod
content-length: 688
x-request-id: v-9e9f340c-5dec-11ea-9ed6-c7bcc60e9e18
last-modified: Wed, 08 Nov 2017 19:12:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658edad7175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 js_KRtkuDODhXI6VkjWk4uxDuVS1FOoG8em6IZryVYKAYc.js Show response
www.sonesta.com/sites/default/files/js/ 8 KB
4 KB 640ms
639ms Script
text/javascript 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/default/files/js/js_KRtkuDODhXI6VkjWk4uxDuVS1FOoG8em6IZryVYKAYc.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

291b64b8338385723a5648d6938bb10ee552d453a81bc7a6e8866bc9560a0187

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213890
x-cache: HIT
status: 200
x-cache-hits: 70392
x-ah-environment: prod
content-length: 3490
x-request-id: v-9e9fc3ae-5dec-11ea-bf7d-232784a593de
last-modified: Tue, 25 Feb 2020 22:33:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658abc4a175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 js_oo3bGw7tzXru8VPHsn1oZw1Vcua35FW9p9hpsOPeHn4.js Show response
www.sonesta.com/sites/default/files/js/ 99 KB
35 KB 336ms
335ms Script
text/javascript 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/default/files/js/js_oo3bGw7tzXru8VPHsn1oZw1Vcua35FW9p9hpsOPeHn4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a28ddb1b0eedcd7aeef153c7b27d68670d5572e6b7e455bda7d869b0e3de1e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213890
x-cache: HIT
status: 200
x-cache-hits: 70839
x-ah-environment: prod
content-length: 35855
x-request-id: v-9e9e882c-5dec-11ea-992e-076507460e5b
last-modified: Tue, 25 Feb 2020 22:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658cfcb1175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 js_gEKMbBUSWLN8nu4DDYXa-9Mqsw5ysh6hQmhfEX6ogeg.js Show response
www.sonesta.com/sites/default/files/js/ 22 KB
7 KB 196ms
196ms Script
text/javascript 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/default/files/js/js_gEKMbBUSWLN8nu4DDYXa-9Mqsw5ysh6hQmhfEX6ogeg.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80428c6c151258b37c9eee030d85dafbd32ab30e72b21ea142685f117ea881e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213890
x-cache: HIT
status: 200
x-cache-hits: 70279
x-ah-environment: prod
content-length: 7466
x-request-id: v-9e9fc9e4-5dec-11ea-bed9-1333d0a3a678
last-modified: Tue, 25 Feb 2020 22:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658eba53175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 js_GoRAamEFKIK7DbkE9fN5IURZ6bDvdCsNbWiDOhV6dG0.js Show response
www.sonesta.com/sites/default/files/js/ 2 KB
722 B 182ms
178ms Script
text/javascript 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/default/files/js/js_GoRAamEFKIK7DbkE9fN5IURZ6bDvdCsNbWiDOhV6dG0.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a84406a61052882bb0db904f5f379214459e9b0ef742b0d6d68833a157a746d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213890
x-cache: HIT
status: 200
x-cache-hits: 70049
x-ah-environment: prod
content-length: 618
x-request-id: v-9e9f561c-5dec-11ea-8508-e3861dac0043
last-modified: Tue, 25 Feb 2020 22:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658edac7175a-FRA
expires: Wed, 18 Mar 2020 07:49:04 GMT

GET
H2 200 flyout-menu-travelpass.js Show response
www.sonesta.com/sites/all/themes/sonesta/js/standalones/ 170 KB
46 KB 814ms
811ms Script
application/javascript 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/all/themes/sonesta/js/standalones/flyout-menu-travelpass.js?q6dltf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aceacdedd7b9269f6ced717c6cc4b9d670d024b252e5b9597bdb408f2e12f329

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213563
x-cache: HIT
status: 200
x-cache-hits: 19408
x-ah-environment: prod
content-length: 47304
x-request-id: v-62042862-5ded-11ea-865f-67c079e82b81
last-modified: Tue, 23 Jul 2019 06:20:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658edac9175a-FRA
expires: Wed, 18 Mar 2020 07:54:32 GMT

GET
H2 200 light-menu.js Show response
www.sonesta.com/sites/all/themes/sonesta/js/standalones/ 170 KB
46 KB 818ms
815ms Script
application/javascript 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/all/themes/sonesta/js/standalones/light-menu.js?q6dltf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c37594bc85951ae88bb421b5cb67729293a5d8e6231e905e3b95eb7f5133d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213563
x-cache: HIT
status: 200
x-cache-hits: 19418
x-ah-environment: prod
content-length: 47384
x-request-id: v-620481ea-5ded-11ea-a761-b326d1de21ff
last-modified: Thu, 21 Nov 2019 17:38:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658edaca175a-FRA
expires: Wed, 18 Mar 2020 07:54:32 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 708 B
572 B 19ms
16ms Script
text/javascript 2a00:1450:4001:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfO2JIUAAAAAKrDHFGxP0cfrmejDzzXKi626WwL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63df7c5ee0392cc2ea5360fe6311ef013104286133aa8300d7abe1ad6dbde953

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 478
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 19:13:55 GMT

GET
H2 200 bundle.js Show response
www.sonesta.com/sites/all/themes/sonesta/js/ 1 MB
305 KB 793ms
790ms Script
application/javascript 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/all/themes/sonesta/js/bundle.js?v=1583357614

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d4c2b583042a304604ba96a91be3c76a0eea0b835a537f1fd86d684327d8d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 164420
x-cache: HIT
status: 200
x-cache-hits: 23244
x-ah-environment: prod
content-length: 311650
x-request-id: v-cda5e9ee-5e5f-11ea-ad4b-3fb6b57b4d7e
last-modified: Wed, 04 Mar 2020 21:33:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 56fe658edacc175a-FRA
expires: Wed, 18 Mar 2020 21:33:35 GMT

GET
H/1.1 200
OK sv.js Show response
track.securedvisit.com/js/ 53 KB
22 KB 824ms
261ms Script
application/javascript 52.1.5.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.securedvisit.com/js/sv.js
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.5.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-5-182.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 9e787d0463d13011ddc3562c43b8574af56a967cd8b2590890b52252fa3e8b22

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 06 Mar 2020 19:13:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Mar 2020 19:13:55 GMT
Server: nginx/1.16.1
ETag: W/"7187bc544b8236bb0d887bfe0eb3b510"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: proxy-revalidate, no-cache, private, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 21747
Expires: Fri, 06 Mar 2020 19:13:55 GMT

GET
H2 200 conv_v3.js Show response
cdn.b0e8.com/ 67 KB
22 KB 332ms
94ms Script
application/javascript 35.190.5.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.b0e8.com/conv_v3.js
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.5.192 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.5.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0bef13a0224703ced40e333c20c047395abdfb322d378609046a0e2f17464d2f

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 18:42:24 GMT
content-encoding: gzip
age: 1891
status: 200
x-guploader-uploadid: AEnB2Uqfw1RQ49qpruh25ObZBU17yk0fVVvezA7u_G8v2Z8g0yfZeuv5IrMeGyQ33UtO8HGXDgyKCeJzQL30NpWsBCqsrwNdeg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 21567
last-modified: Thu, 30 Jan 2020 19:58:35 GMT
server: UploadServer
etag: "733ecb18debc7550feb7bdba1f5c71d4"
vary: Accept-Encoding
x-goog-hash: crc32c=6OZwMw==, md5=cz7LGN68dVD+t726H1xx1A==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1580414315245335
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 21567
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 06 Mar 2020 19:42:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
44 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZ2W5C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0142863e4f165a6a5058eb0449747559973f4c899cff1a6481bdd753bc61d179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 45338
x-xss-protection: 0
last-modified: Fri, 06 Mar 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Mar 2020 19:13:55 GMT

GET
H/1.1 404
Not Found fonts.css
cloud.typography.com/6554094/7880952/css/ 0
0 961ms
547ms Stylesheet
text/html 23.37.59.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/6554094/7880952/css/fonts.css
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.59.76 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-59-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 06 Mar 2020 19:13:55 GMT
Cache-Control: must-revalidate, private
Server: Apache
Connection: keep-alive
Content-Length: 16
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 add-friend.svg
www.sonesta.com/sites/all/themes/sonesta/images/ 2 KB
1 KB 666ms
666ms Image
image/svg+xml 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sonesta.com/sites/all/themes/sonesta/images/add-friend.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93cc3d085c4d964bfeb76c8a6052882e77ae8d79e924083da58cf6a57a305be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/sites/default/files/css/css_QNgAMAnoS3EF01wOcfZxOFhGfUVW9yGm6VXpZowDAkE.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213516
x-cache: HIT
status: 200
x-cache-hits: 17107
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-7e3adaf8-5ded-11ea-b34f-1701f0500232
last-modified: Tue, 23 Jul 2019 06:37:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 56fe658eeb14175a-FRA
expires: Wed, 18 Mar 2020 07:55:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ2W5C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4905
date: Fri, 06 Mar 2020 17:52:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 06 Mar 2020 19:52:10 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 28ms
27ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ2W5C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:54 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref: Ref A: 43E581DF5FA843CDBA39F3FD6EFFCB63 Ref B: FRAEDGE0306 Ref C: 2020-03-06T19:13:55Z
access-control-allow-origin: *
etag: "8087c39c79d8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7295

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 145ms
145ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ2W5C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

c3631ac1c623c7498c038ddf390931387f2b76e517675efed274b1c95bd80b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9943
x-xss-protection: 0
server: cafe
etag: 4339192439078300971
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Mar 2020 19:13:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: 7wxSfyPjShaitbU4rpVTFFUieqeoq9Di/ZWXKcuoomEWcIqAeCJa8tZv2ZpNoHnOARUm0740nas6XsYDKkwWXg==
x-fb-trip-id: 1850256238
date: Fri, 06 Mar 2020 19:13:55 GMT, Fri, 06 Mar 2020 19:13:55 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 105 Show response
beacon.sojern.com/pixel/cp/ 2 KB
783 B 293ms
99ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/105?f_v=cp_v1_js&p_v=1&hpid=&pt=TRACKING
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.244.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 8044c0cab17aa1115877e9af044979a1d8145a21ae89973c9344740f5a997692

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
status: 200
content-type: application/javascript
alt-svc: clear
content-length: 512
via: 1.1 google

GET
H/1.1 200
OK / Show response
com-sonesta.netmng.com/ 6 KB
3 KB 917ms
225ms Script
text/javascript 104.193.82.55
IGNITIONONE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://com-sonesta.netmng.com/?aid=5908&siclientid=104266&p1=undefined&p3=undefined&p4=undefined&p5=undefined&p6=undefined
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.193.82.55 , United States, ASN63124 (IGNITIONONE-ASN, US),
Reverse DNS
Software: Apache/2.2.22 /
Resource Hash: 9e0d10a677dc46a35e44e7f7bf964a8071343d839de6f0ad44d3162a909d92a6

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 06 Mar 2020 19:13:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Mar 2020 19:13:55 GMT
Server: Apache/2.2.22
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 2176
Expires: Wed, 04 Mar 2020 19:13:55 GMT

GET
H2 200 quantum-sonesta.js Show response
cdn.quantummetric.com/qscripts/ 230 KB
78 KB 75ms
20ms Script
text/javascript 2606:4700:10::6814:6a02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-sonesta.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6a02 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4946b6f3c99b35cde75a918a5fd8fc4bd93157a14d122ccbaa5f4995d4f75a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1245
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000
cf-ray: 56fe658fbfae96b0-FRA

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 61 KB
23 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P2G82CQ&t=gtm1&cid=1670421886.1583522035

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb6a26c4c37f5c68992b37112c64de7645939d68b694942804f603ca26f90510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23073
x-xss-protection: 0
last-modified: Fri, 06 Mar 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Mar 2020 19:13:55 GMT

GET
H2 200 510300539145559 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 68ms
68ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/510300539145559?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7333246396db38528d31cd0b0f8712ae0ffd511bd7ef30b0ce3759b7b47b3b10

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: +BQTt1j9GgE9ujhBMw974cBp0FR3y7TigM4xF6l+wLk41msQW4FoFNUDOHu3dpsZ3BJKJYqW/4LkW3NqYr/JOg==
x-fb-trip-id: 1850256238
date: Fri, 06 Mar 2020 19:13:55 GMT, Fri, 06 Mar 2020 19:13:55 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
94 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=23002108&Ver=2&mid=6e20ad87-cfe4-1c6d-3424-a635371b1d5b&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Point%20Expiration%20Confirmation%20%7C%20Sonesta%20Travel%20Pass&p=https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%2520Pass%2520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&r=&evt=pageLoad&msclkid=N&rn=93784
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Fri, 06 Mar 2020 19:13:54 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 5C45D495FFDA4C41B1997B8BAC84ADF3 Ref B: FRAEDGE0306 Ref C: 2020-03-06T19:13:55Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ2W5C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3532
date: Fri, 06 Mar 2020 18:15:03 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Fri, 06 Mar 2020 20:15:03 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=464863591&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%2520Pass%2520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&ul=en-us&de=UTF-8&dt=Point%20Expiration%20Confirmation%20%7C%20Sonesta%20Travel%20Pass&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEADQ~&jid=515995634&gjid=828679623&cid=1670421886.1583522035&tid=UA-733428-1&_gid=1268247279.1583522035&gtm=2wg2q2WZ2W5C&z=1557251041

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 05:59:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2639678
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-733428-1&cid=1670421886.1583522035&jid=515995634&gjid=828679623&_gid=1268247279.1583522035&_u=aGDAgEADQ~&z=267972161
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=1670421886.1583522035&jid=515995634&_v=j81&z=267972161
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=1670421886.1583522035&jid=515995634&_v=j81&z=267972161&slf_rd=1&random=2743213996

42 B
109 B

18ms
17ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=1670421886.1583522035&jid=515995634&_v=j81&z=267972161&slf_rd=1&random=2743213996

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Mar 2020 19:13:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Mar 2020 19:13:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=1670421886.1583522035&jid=515995634&_v=j81&z=267972161&slf_rd=1&random=2743213996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
199 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=942565252&utmhn=www.sonesta.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Point%20Expiration%20Confirmation%20%7C%20Sonesta%20Travel%20Pass&utmhid=464863591&utmr=-&utmp=%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%252520Pass%252520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&utmht=1583522035212&utmac=UA-41848973-1&utmgtm=2wg2q2WZ2W5C&utmcc=__utma%3D166108092.1670421886.1583522035.1583522035.1583522035.1%3B%2B__utmz%3D166108092.1583522035.1.1.utmcsr%3DTravel%2520Pass%2520Emails%7Cutmccn%3D030420-TPPointExpiration-1%7Cutmcmd%3Demail%3B&utmjid=1075296061&utmredir=1&utmu=q2AAAABAAAGBAAAAAgABAAAE~

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 06 Mar 2020 19:13:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=510300539145559&ev=PageView&dl=https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%2520Pass%2520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&rl=&if=false&ts=1583522035226&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1583522035225.100136520&it=1583522035123&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT, Fri, 06 Mar 2020 19:13:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 06 Mar 2020 19:13:55 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/787485211/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787485211/?random=1583522035255&cv=9&fst=1583522035255&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2q2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%2520Pass%2520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&tiba=Point%20Expiration%20Confirmation%20%7C%20Sonesta%20Travel%20Pass&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa72d734ca9b25813252455336d99e84a59cb74602324e6537b175183d4f3269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 06 Mar 2020 19:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1182
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/787485211/ 42 B
110 B 24ms
24ms Image
image/gif 2a00:1450:4001:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/787485211/?random=1583522035255&cv=9&fst=1583521200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2q2&sendb=1&frm=0&url=https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%2520Pass%2520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&tiba=Point%20Expiration%20Confirmation%20%7C%20Sonesta%20Travel%20Pass&async=1&fmt=3&is_vtc=1&random=3603840728&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 06 Mar 2020 19:13:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/787485211/ 42 B
110 B 26ms
25ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/787485211/?random=1583522035255&cv=9&fst=1583521200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2q2&sendb=1&frm=0&url=https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%2520Pass%2520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&tiba=Point%20Expiration%20Confirmation%20%7C%20Sonesta%20Travel%20Pass&async=1&fmt=3&is_vtc=1&random=3603840728&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 06 Mar 2020 19:13:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sojern__adx_open_bidder_seat&google_hm=zOSFFrO316l2GF2Mo6RS6A&google_cm&google_sc&sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jj...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&sjrn_ula=518232766&google_gid=CAESEDBF4HukBYFpS-l6MoxLBHs&google_cver=1

42 B
289 B

106ms
105ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&sjrn_ula=518232766&google_gid=CAESEDBF4HukBYFpS-l6MoxLBHs&google_cver=1
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.244.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
status: 200
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 06 Mar 2020 19:13:55 GMT
server: HTTP server (unknown)
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&sjrn_ula=518232766&google_gid=CAESEDBF4HukBYFpS-l6MoxLBHs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&id=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fsjrn_id%3DYq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4%26id%3D%24UID
https://pixel.sojern.com/idsync/apn?sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&id=3882356864181879861

42 B
292 B

107ms
105ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&id=3882356864181879861
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.244.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
status: 200
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 06 Mar 2020 19:13:57 GMT
AN-X-Request-Uuid: 4f893a11-8d7e-4e56-9e46-a1a2220a830d
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://pixel.sojern.com/idsync/apn?sjrn_id=Yq1OlmihabSTTwrsHUDDVVIVQpiQWaq8LBwMQ72vNYBRVU1xIiSHBmuPky1jjgZ4&id=3882356864181879861
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.92.202.18; 81.92.202.18; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.43:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 brightedge3.php
a.b0e8.com/ 35 B
155 B 388ms
186ms Image
image/gif 34.95.105.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.b0e8.com/brightedge3.php?id=f00000000107146&p_id=48NNPA88NP2NR884N2J46RLARAAAAAAAAH&bf=7e23ba92c8912ac2e57dbc9b08d6c466&url=https%3A//www.sonesta.com/travel-pass/point-expiration-confirmation%3Fj%3D8261225%26e%3Dhr@alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%2520Pass%2520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&ref=&bn=1&bv=3.43&title=Point%20Expiration%20Confirmation%20%7C%20Sonesta%20Travel%20Pass&metadesc=*/%20Thank%20you%20for%20confirming%21%A0%20Your%20account%20will%20be%20credited%20100%20bonus%20points.%20Your%20points%20are%20active%20and%20free%20to%20redeem%21%A0%20Every%20time%20you%20stay%2C%20earn%2C%20or%20redeem%2C%20your%20points%20will%20remain%20active%20for%20another%2024%20months%20Sign%20into%20your%20account%20and%20view%20your%20point&metakeywords=&s_id=48NNPA88NP2NRJNAN4N46RLARAAAAAAAAH
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.105.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.105.95.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 06 Mar 2020 19:13:55 GMT
x-debug: default
server: Apache
content-type: image/gif
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 35
via: 1.1 google

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=510300539145559&ev=Microdata&dl=https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u...
https://cx.atdmt.com/?c=4549426103958130865&f=AYzedqjr_J5CyDCo9YFFfZqCQfXf6C2nVNGyymusfd6egRHflpoiaczWXWeIUQhhOTWvZ1lZb5umSfaU2ueDKkxB&id=510300539145559&l=3&v=0

42 B
319 B

39ms
39ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=4549426103958130865&f=AYzedqjr_J5CyDCo9YFFfZqCQfXf6C2nVNGyymusfd6egRHflpoiaczWXWeIUQhhOTWvZ1lZb5umSfaU2ueDKkxB&id=510300539145559&l=3&v=0
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 06 Mar 2020 19:13:55 GMT, Fri, 06 Mar 2020 19:13:55 GMT, Fri, 06 Mar 2020 19:13:55 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-27=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 06 Mar 2020 19:13:55 GMT, Fri, 06 Mar 2020 19:13:55 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=4549426103958130865&f=AYzedqjr_J5CyDCo9YFFfZqCQfXf6C2nVNGyymusfd6egRHflpoiaczWXWeIUQhhOTWvZ1lZb5umSfaU2ueDKkxB&id=510300539145559&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H/1.1 404
Not Found fonts.css
cloud.typography.com/6554094/7880952/css/ 0
0 191ms
190ms Stylesheet
text/html 23.37.59.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/6554094/7880952/css/fonts.css
Requested by: Host: www.sonesta.com
URL: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.59.76 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-59-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 06 Mar 2020 19:13:56 GMT
Cache-Control: must-revalidate, private
Server: Apache
Connection: keep-alive
Content-Length: 16
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/v1QHzzN92WdopzN_oD7bUO2P/ 259 KB
92 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/v1QHzzN92WdopzN_oD7bUO2P/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfO2JIUAAAAAKrDHFGxP0cfrmejDzzXKi626WwL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fafe784f7e1f13fccc7782f6c524a6f340b0b487b65c45aac414d09e6daded8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 18:23:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 05:05:22 GMT
server: sffe
age: 348646
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94503
x-xss-protection: 0
expires: Tue, 02 Mar 2021 18:23:10 GMT

GET
H/1.1 200
OK / Show response
nan.netmng.com/ 1 B
453 B 547ms
105ms Script
text/javascript 31.186.247.145
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://nan.netmng.com/?aid=5908&siclientid=104266&p1=undefined&p3=undefined&p4=undefined&p5=undefined&p6=undefined
Requested by: Host: com-sonesta.netmng.com
URL: https://com-sonesta.netmng.com/?aid=5908&siclientid=104266&p1=undefined&p3=undefined&p4=undefined&p5=undefined&p6=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 31.186.247.145 , United Kingdom, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 06 Mar 2020 19:13:56 GMT
Last-Modified: Wed, 04 Mar 2020 19:13:56 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Expires: Wed, 04 Mar 2020 19:13:56 GMT

GET
H/1.1 200
OK ClickTracking.aspx Show response
dms.netmng.com/si/CM/Tracking/ 663 B
1 KB 1132ms
243ms Script
text/html 104.193.80.56
IGNITIONONE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=104266&jscript=1
Requested by: Host: com-sonesta.netmng.com
URL: https://com-sonesta.netmng.com/?aid=5908&siclientid=104266&p1=undefined&p3=undefined&p4=undefined&p5=undefined&p6=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.193.80.56 , United States, ASN63124 (IGNITIONONE-ASN, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 971016c7e8bf0dcfa6b189cd2f58f647e5038b1befd0e695cc513917896803c5

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

io-hbr: True
Content-Encoding: gzip
Date: Fri, 06 Mar 2020 19:13:56 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
io-u: feb81cce-f1c2-4152-b236-771764ad6bcc
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAa PSDa OUR LEG DSP NON COR COM NAV"
io-r: c15a2cf5-eb22-445d-85a3-084e04b78079
svc: S10
io-d: False
Content-Type: text/html; charset=utf-8
Content-Length: 503
Cache-Control: private

GET
H/1.1 200
OK / Show response
com-sonesta.netmng.com/ 0
1 KB 207ms
207ms Script
text/javascript 104.193.82.55
IGNITIONONE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://com-sonesta.netmng.com/?aid=5908&siclientid=104266&p1=undefined&p3=undefined&p4=undefined&p5=undefined&p6=undefined&function=browser_check&vid=pegymytwd0oqd&referer=&browserPixelRatio=1&browserWidth=1600&browserHeight=1200&r=6ced7d
Requested by: Host: com-sonesta.netmng.com
URL: https://com-sonesta.netmng.com/?aid=5908&siclientid=104266&p1=undefined&p3=undefined&p4=undefined&p5=undefined&p6=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.193.82.55 , United States, ASN63124 (IGNITIONONE-ASN, US),
Reverse DNS
Software: Apache/2.2.22 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 06 Mar 2020 19:13:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Mar 2020 19:13:56 GMT
Server: Apache/2.2.22
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 20
Expires: Wed, 04 Mar 2020 19:13:56 GMT

GET
H2 200 light-menu.html.twig Show response
www.sonesta.com/sites/all/themes/sonesta/standalone-components/light-menu/ 432 B
384 B 192ms
192ms XHR
text/html 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/sites/all/themes/sonesta/standalone-components/light-menu/light-menu.html.twig

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sonesta.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3758496209547168d50b9bad9dbf64f44cfa7d629672717adb7a6e58a7b4347

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 19:13:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 213563
x-cache: HIT
status: 200
x-cache-hits: 19781
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-623de73c-5ded-11ea-b262-330a6c12ace7
last-modified: Thu, 21 Nov 2019 17:37:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: max-age=1209600
cf-ray: 56fe65976fa5175a-FRA
expires: Wed, 18 Mar 2020 07:54:32 GMT

GET
H2 200 group-menu-441.json Show response
www.sonesta.com/api/menu/ 4 KB
933 B 308ms
307ms XHR
application/json 2606:4700::6810:5622
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sonesta.com/api/menu/group-menu-441.json

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sonesta.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1526ea8063252add2e6f9d196960605f05f4379fc9dca12c1762c688d061528c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin

Request headers

Accept: */*
Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 19:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 731
x-request-id: v-a04a96d6-5fde-11ea-ab77-5f90deeccf34
server: cloudflare
x-frame-options: SameOrigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
via: varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
cf-ray: 56fe65976fa8175a-FRA
x-drupal-cache: MISS
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 6ms
5ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=464863591&t=event&_s=2&dl=https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%2520Pass%2520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&ul=en-us&de=UTF-8&dt=Point%20Expiration%20Confirmation%20%7C%20Sonesta%20Travel%20Pass&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Google%20Optimize&ea=Optimize%20Initialized&_utma=166108092.1670421886.1583522035.1583522035.1583522035.1&_utmz=166108092.1583522035.1.1.utmcsr%3DTravel%2520Pass%2520Emails%7Cutmccn%3D030420-TPPointExpiration-1%7Cutmcmd%3Demail&_utmht=1583522036379&_u=aGDCiEADR~&jid=&gjid=&cid=1670421886.1583522035&tid=UA-733428-1&_gid=1268247279.1583522035&gtm=2wg2q2WZ2W5C&z=1139056330

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 05:59:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2639679
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 3DED 0
0 43ms
43ms Document
text/html 2a00:1450:4001:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfO2JIUAAAAAKrDHFGxP0cfrmejDzzXKi626WwL&co=aHR0cHM6Ly93d3cuc29uZXN0YS5jb206NDQz&hl=en&v=v1QHzzN92WdopzN_oD7bUO2P&size=invisible&cb=c8gmnqfmjryk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/v1QHzzN92WdopzN_oD7bUO2P/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ujhyfqnz9v7BCE9S55Xcow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfO2JIUAAAAAKrDHFGxP0cfrmejDzzXKi626WwL&co=aHR0cHM6Ly93d3cuc29uZXN0YS5jb206NDQz&hl=en&v=v1QHzzN92WdopzN_oD7bUO2P&size=invisible&cb=c8gmnqfmjryk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 06 Mar 2020 19:13:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-ujhyfqnz9v7BCE9S55Xcow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9544
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 / Show response
sonesta-app.quantummetric.com/ 90 B
430 B 549ms
170ms XHR
application/json 35.193.75.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sonesta-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.sonesta.com%2Ftravel-pass%2Fpoint-expiration-confirmation%3Fj%3D8261225%26e%3Dhr%40alertlogic.com%26l%3D40_HTML%26u%3D167141575%26mid%3D6260320%26jb%3D41%26utm_medium%3Demail%26utm_campaign%3D030420-TPPointExpiration-1%26utm_source%3DTravel%2520Pass%2520Emails%26src%3Demail_030420-TPPointExpiration-1%26sv_svemi%3D101114075&t=1583522036408&v=1583522036429&z=2&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sonesta.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

79269527eae4524d96465fc72a8b320d39bb93ed9de4b221e233a97b1fc2a7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Origin: https://www.sonesta.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Mar 2020 19:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonesta.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

POST
H2 200 / Show response
sonesta-app.quantummetric.com/ 0
164 B 910ms
384ms XHR
application/json 35.193.75.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sonesta.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Origin: https://www.sonesta.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Mar 2020 19:13:57 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.sonesta.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 / Show response
sonesta-app.quantummetric.com/ 28 B
250 B 188ms
188ms XHR
application/json 35.193.75.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sonesta-app.quantummetric.com/?s=dd7c69bd8bda0787a7766c5f03dba5bf&H=0d288174be52239bec14b943&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sonesta.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Origin: https://www.sonesta.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 19:13:57 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonesta.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

POST
H2 200 / Show response
sonesta-app.quantummetric.com/ 0
164 B 178ms
178ms XHR
application/json 35.193.75.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sonesta.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Origin: https://www.sonesta.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Mar 2020 19:13:57 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.sonesta.com
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
sonesta-app.quantummetric.com/ 0
164 B 183ms
182ms XHR
application/json 35.193.75.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sonesta.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Origin: https://www.sonesta.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Mar 2020 19:13:57 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.sonesta.com
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
sonesta-app.quantummetric.com/ 0
164 B 192ms
192ms XHR
application/json 35.193.75.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sonesta.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Origin: https://www.sonesta.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Mar 2020 19:14:01 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.sonesta.com
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
sonesta-app.quantummetric.com/ 0
164 B 192ms
192ms XHR
application/json 35.193.75.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-sonesta.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sonesta.com/travel-pass/point-expiration-confirmation?j=8261225&e=hr@alertlogic.com&l=40_HTML&u=167141575&mid=6260320&jb=41&utm_medium=email&utm_campaign=030420-TPPointExpiration-1&utm_source=Travel%20Pass%20Emails&src=email_030420-TPPointExpiration-1&sv_svemi=101114075
Origin: https://www.sonesta.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Mar 2020 19:14:01 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.sonesta.com
access-control-allow-credentials: true
content-length: 0

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sonesta.com/	1969-12-31 23:59:59	Name: QuantumMetricSessionID Value: dd7c69bd8bda0787a7766c5f03dba5bf
.sonesta.com/	1970-01-19 16:37:41	Name: QuantumMetricUserID Value: e9604e792153b680bbbfda7c7533974a
.sonesta.com/	1970-01-19 10:01:38	Name: _fbp Value: fb.1.1583522035225.100136520
.sonesta.com/	1970-01-19 07:52:03	Name: __utmb Value: 166108092.1.10.1583522035
.sonesta.com/	1969-12-31 23:59:59	Name: __utmc Value: 166108092
.sonesta.com/	1970-02-25 12:40:02	Name: BE_CLA3 Value: p_id%3D48NNPA88NP2NR884N2J46RLARAAAAAAAAH%26bf%3D7e23ba92c8912ac2e57dbc9b08d6c466%26bn%3D1%26bv%3D3.43%26s_expire%3D1583608435526%26s_id%3D48NNPA88NP2NRJNAN4N46RLARAAAAAAAAH
.sonesta.com/	1970-01-20 01:23:14	Name: _ga Value: GA1.2.1670421886.1583522035
.sonesta.com/	1970-01-19 12:14:50	Name: __utmz Value: 166108092.1583522035.1.1.utmcsr=Travel%20Pass%20Emails\|utmccn=030420-TPPointExpiration-1\|utmcmd=email
.sonesta.com/	1970-01-19 07:53:28	Name: _gid Value: GA1.2.1268247279.1583522035
.sonesta.com/	1970-01-19 07:52:02	Name: __utmt Value: 1
.sonesta.com/	1970-01-20 01:23:14	Name: __utma Value: 166108092.1670421886.1583522035.1583522035.1583522035.1
.sonesta.com/	1970-01-19 07:52:02	Name: _dc_gtm_UA-733428-1 Value: 1
.sonesta.com/	1970-01-19 10:01:38	Name: _gcl_au Value: 1.1.1569588154.1583522035
www.sonesta.com/	1969-12-31 23:59:59	Name: has_js Value: 1
.sonesta.com/	1970-01-19 08:35:14	Name: __cfduid Value: dfed467cb5427c13924ee1cdcfff45c3d1583522033

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.sonesta.com/sites/all/themes/sonesta/js/standalones/light-menu.js?q6dltf(Line 28) Message: ready
console-api	warning	URL: https://cdn.quantummetric.com/qscripts/quantum-sonesta.js(Line 320) Message: QM:: found incorrect timings, disregarding the dataset.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.b0e8.com
bat.bing.com
beacon.sojern.com
cdn.b0e8.com
cdn.quantummetric.com
click.e.sonesta.com
cloud.typography.com
cm.g.doubleclick.net
com-sonesta.netmng.com
connect.facebook.net
cx.atdmt.com
dms.netmng.com
googleads.g.doubleclick.net
ib.adnxs.com
nan.netmng.com
pixel.sojern.com
res.cloudinary.com
sonesta-app.quantummetric.com
ssl.google-analytics.com
stats.g.doubleclick.net
track.securedvisit.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.sonesta.com
104.193.80.56
104.193.82.55
107.178.244.119
172.217.22.2
172.217.23.162
185.33.223.218
23.37.59.76
2606:4700:10::6814:6a02
2606:4700::6810:5622
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:814::2002
2a00:1450:4001:81a::200e
2a00:1450:4001:821::2008
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::393
31.186.247.145
34.95.105.148
35.190.5.192
35.193.75.18
52.1.5.182
68.232.203.70
0142863e4f165a6a5058eb0449747559973f4c899cff1a6481bdd753bc61d179
0370314abc5fbb2cbfdf7aa3ff4e16a2314985f2c9daf3d1073f7bc091d1f386
0bef13a0224703ced40e333c20c047395abdfb322d378609046a0e2f17464d2f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
1526ea8063252add2e6f9d196960605f05f4379fc9dca12c1762c688d061528c
1a84406a61052882bb0db904f5f379214459e9b0ef742b0d6d68833a157a746d
248b82483f6d8d123fd9589de1d34015c499fe6e3096d2bbe440298de57e3e99
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
291b64b8338385723a5648d6938bb10ee552d453a81bc7a6e8866bc9560a0187
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
40d8003009e84b7105d35c0e71f6713858467d4556f721a6e955e9668c030241
4946b6f3c99b35cde75a918a5fd8fc4bd93157a14d122ccbaa5f4995d4f75a89
4d4c2b583042a304604ba96a91be3c76a0eea0b835a537f1fd86d684327d8d20
530b5f1f2046cfd0428c7b3e0ae242a80c53d214318fda43eadf99015eeb5c12
540b21d01f5c2bfa033258b98a5fec8e1986cfe0774d709cf02df1ac229a8880
56db345e36905e4230064f47340a09c2bbe6984f65c3a4bda31a89ba1874381d
56ebcb13309dc20facacad63eb4f938285ad99c724ef3cd9a90d4d8a0597a9a1
5a4746556591313e5463a5f43f9ae554677063007311dd981aa040a3a67af219
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5c3d698bbde6de0c4aa735eae5af62b316842ffebd8387505a183e8d1a85f975
63df7c5ee0392cc2ea5360fe6311ef013104286133aa8300d7abe1ad6dbde953
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7333246396db38528d31cd0b0f8712ae0ffd511bd7ef30b0ce3759b7b47b3b10
79269527eae4524d96465fc72a8b320d39bb93ed9de4b221e233a97b1fc2a7e2
7b226c2dd5ddc1c70d115b17ce476202c476f4a017e16d6ee33c3a695aea2b0b
7c37594bc85951ae88bb421b5cb67729293a5d8e6231e905e3b95eb7f5133d41
80428c6c151258b37c9eee030d85dafbd32ab30e72b21ea142685f117ea881e8
8044c0cab17aa1115877e9af044979a1d8145a21ae89973c9344740f5a997692
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85228359f8a1eb5ae328378e31eccf023b91b24540809b4798d80a6de02967c7
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
8e1c1937318e90f4d7d521cefe98c7f2bc75704d9b81c51827f0947490dacdb0
8fafe784f7e1f13fccc7782f6c524a6f340b0b487b65c45aac414d09e6daded8
93cc3d085c4d964bfeb76c8a6052882e77ae8d79e924083da58cf6a57a305be2
971016c7e8bf0dcfa6b189cd2f58f647e5038b1befd0e695cc513917896803c5
9e0d10a677dc46a35e44e7f7bf964a8071343d839de6f0ad44d3162a909d92a6
9e787d0463d13011ddc3562c43b8574af56a967cd8b2590890b52252fa3e8b22
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a28ddb1b0eedcd7aeef153c7b27d68670d5572e6b7e455bda7d869b0e3de1e7e
aceacdedd7b9269f6ced717c6cc4b9d670d024b252e5b9597bdb408f2e12f329
afd541b9365d9916a8767f77f9e20dbd3d613830d1128b6a115ac05dca2c2192
c3631ac1c623c7498c038ddf390931387f2b76e517675efed274b1c95bd80b68
d0c85de9f5ded20ea2f367b4e81be19058ff2969d25759389a98368b93095eea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3758496209547168d50b9bad9dbf64f44cfa7d629672717adb7a6e58a7b4347
fa72d734ca9b25813252455336d99e84a59cb74602324e6537b175183d4f3269
fb6a26c4c37f5c68992b37112c64de7645939d68b694942804f603ca26f90510

www.sonesta.com Open in urlscan Pro 2606:4700::6810:5622 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

54 %IPv6

20 Domains

29 Subdomains

24 IPs

7 Countries

1079 kBTransfer

3904 kBSize

15 Cookies

17 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sonesta.com Open in urlscan Pro
2606:4700::6810:5622 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

54 %
IPv6

20
Domains

29
Subdomains

24
IPs

7
Countries

1079 kB
Transfer

3904 kB
Size

15
Cookies

67 HTTP transactions
0 data transactions