URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Submission: On August 01 via api from US

Summary

This website contacted 15 IPs in 5 countries across 11 domains to perform 52 HTTP transactions. The main IP is 45.60.46.204, located in United States and belongs to INCAPSULA, US. The main domain is be.synxis.com.
TLS certificate: Issued by GlobalSign HV RSA DV SSL CA 2018 on July 21st 2020. Valid for: 6 months.
This is the only time be.synxis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 45.60.46.204 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 23.111.9.35 33438 (HIGHWINDS2)
2 45.60.155.144 19551 (INCAPSULA)
1 109.228.8.247 8560 (ONEANDONE...)
7 109.228.5.54 8560 (ONEANDONE...)
1 23.36.235.165 16625 (AKAMAI-AS)
2 10 2a00:1450:400... 15169 (GOOGLE)
1 4 2606:4700:20:... 13335 (CLOUDFLAR...)
4 5 2a00:1450:400... 15169 (GOOGLE)
4 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
52 15
Domain Requested by
15 be.synxis.com be.synxis.com
10 www.google-analytics.com 2 redirects www.googletagmanager.com
www.google-analytics.com
7 tower-2.navarinoservices.com www.googletagmanager.com
ajax.googleapis.com
5 stats.g.doubleclick.net 4 redirects
4 www.google.de
4 www.google.com 4 redirects
3 use.fontawesome.com be.synxis.com
ajax.googleapis.com
2 capture.gatag.it 1 redirects
2 be-cms-api.synxis.com be.synxis.com
2 ajax.googleapis.com be.synxis.com
www.googletagmanager.com
2 www.googletagmanager.com be.synxis.com
1 www.gatag.it gatag.it
1 ssl.google-analytics.com
1 google-analytics.com gatag.it
1 gatag.it be.synxis.com
1 icm.aexp-static.com be.synxis.com
1 tower-1.navarinoservices.com www.googletagmanager.com
1 fonts.googleapis.com be.synxis.com
52 18
Subject Issuer Validity Valid
imperva.com
GlobalSign HV RSA DV SSL CA 2018
2020-07-21 -
2021-01-20
6 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3
2020-07-28 -
2021-07-21
a year crt.sh
tower-1.navarinoservices.com
Encryption Everywhere DV TLS CA - G1
2020-01-28 -
2021-02-26
a year crt.sh
tower-2.navarinoservices.com
Encryption Everywhere DV TLS CA - G1
2020-02-03 -
2021-02-26
a year crt.sh
m.americanexpress.com
DigiCert SHA2 Extended Validation Server CA
2020-07-02 -
2021-07-07
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-03-19 -
2020-10-09
7 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh
www.google.de
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Frame ID: 44D0EA19E4326367C23D35FF92AC3B5A
Requests: 52 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

52
Requests

100 %
HTTPS

63 %
IPv6

11
Domains

18
Subdomains

15
IPs

5
Countries

2410 kB
Transfer

6857 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-82926213-1&cid=704485876.1596249211&jid=1021155669&gjid=581748445&_gid=1152736862.1596249211&_u=YGDAiAALB~&z=369729809 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=1021155669&_v=j83&z=369729809 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=1021155669&_v=j83&z=369729809&slf_rd=1&random=85188339
Request Chain 38
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=374405110&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&dp=sbe%2F4270%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Manor%20House%20Hotel%20Alsager%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Impression&_u=aGDACAALB~&jid=888306678&gjid=1939919539&cid=704485876.1596249211&tid=UA-82926213-1&_gid=1152736862.1596249211&_r=1&gtm=2wg7m1WXWN8RM&z=1106425442 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-82926213-1&cid=704485876.1596249211&jid=888306678&_gid=1152736862.1596249211&gjid=1939919539&_v=j83&z=1106425442 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=888306678&_v=j83&z=1106425442 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=888306678&_v=j83&z=1106425442&slf_rd=1&random=2180868807
Request Chain 42
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-106819988-1&cid=704485876.1596249211&jid=1728754496&gjid=605173601&_gid=1152736862.1596249211&_u=aGDAiAALB~&z=1131802368 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=1728754496&_v=j83&z=1131802368 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=1728754496&_v=j83&z=1131802368&slf_rd=1&random=4060473188
Request Chain 43
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=374405110&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&dp=ngbe%2F4270%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Manor%20House%20Hotel%20Alsager%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Impression&_u=aGDACAALB~&jid=454267129&gjid=1173906235&cid=704485876.1596249211&tid=UA-106819988-1&_gid=1152736862.1596249211&_r=1&gtm=2wg7m1W866TTJ&cd1=4270&cd2=5301&cd3=NAV%20-%20Navarino%20Services&cd4=Manor%20House%20Hotel%20Alsager&cd29=MAN&cd30=LOY&z=1219775125 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106819988-1&cid=704485876.1596249211&jid=454267129&_gid=1152736862.1596249211&gjid=1173906235&_v=j83&z=1219775125 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=454267129&_v=j83&z=1219775125 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=454267129&_v=j83&z=1219775125&slf_rd=1&random=1352953947
Request Chain 49
  • https://capture.gatag.it/?act=0&cid=0&apikey=%3FYXZkew%253D%253D&type=look&name=Manor%20House%20Hotel%20Alsager&promo=AIRLIQUIDE&iata=&group=&arrival=2020%2F08%2F01&depart=2020%2F08%2F02&template=NGBE&chain=5301&hotel=4270&language=en-US&session=704485876&date=2020-08-1%2002%3A33%3A31&campaign=direct&keyword=&medium=none&source=direct&visits=1&ref=&ref2=&cookies=1&extra1=&extra4=1&extra5=1013&window=&device=not%20set&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36 HTTP 302
  • https://capture.gatag.it/smile.gif

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
be.synxis.com/
478 KB
97 KB
Document
General
Full URL
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6221e0ebdc5a81f2b04f073eb64963807a2331eccb9f6aefcf5a542ecd384467
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
be.synxis.com
:scheme
https
:path
/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 01 Aug 2020 02:33:26 GMT
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
set-cookie
sessionID=I0jX0SJINh1Nj9q_eusMfy5_; Path=/ apisession=MDAxMTZ-eC91UzFhR0NVZGlGVmVUaEdDN1c0NVp0RUhlR0E3WkhmeEZtejBpT0YzSzAxcndhUXdtbUtuNDZ1Z2JyRHhhOHMzdDg2Y3NwY1VvSXUrclpqemx4UHkvUy82Z05mMWQwMGdUM1F2NFNIU3BXbTBzd0kvUGhUcmZGaWE4T1Fha21CaVY2ZnVyMUdWVW5YdmxWdHJGdUx5YkdyRGpLeFhyaStnanpLS3VYUkdyenpkQ2dwVDU3Z3Z6Z2tYUVVtdXVJWStwYWM3U2dBUnlZMWZNejN1VjhxMDA1Z0tjZXZZVFdyOVJLVkJIWHhlendvcURlQXlmRXV0amJ5M3Zxd0hLUVBvY2VlOUdzSXVPR1FuYy91bENwb1F4NGMrdG5jSWVUMlNCZFRDRWxiUEJlK1hleHROaDIwc1dReDRGNFhBeFo; Domain=.synxis.com; Path=/; HttpOnly; Secure; SameSite=Strict visid_incap_1215874=Wgd1q8piQECWgsDEnm1RvXXUJF8AAAAAQUIPAAAAAAA0Zj7vGYcTlyIUJA3E8J4G; expires=Sat, 31 Jul 2021 12:19:50 GMT; HttpOnly; path=/; Domain=.synxis.com; Secure; SameSite=None nlbi_1215874=lRGUJzC/bwjdKdpLnAADWwAAAAC4CbWIXBsvT6EotNrxXnho; path=/; Domain=.synxis.com; Secure; SameSite=None incap_ses_324_1215874=385iQtLKEkYE0bZdnBR/BHbUJF8AAAAAV4JuYhKtcKUzmc5EaOqaYQ==; path=/; Domain=.synxis.com; Secure; SameSite=None
content-security-policy-report-only
img-src data: *; font-src data: *; media-src *; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.gatag.it gatag.it *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.triptease.io triptease.io *.thehotelsnetwork.com thehotelsnetwork.com *.facebook.net facebook.net *.googleadservices.com googleadservices.com *.navarinoservices.com *.fontawesome.com *.bing.com *.veinteractive.com *.typekit.net *.doubleclick.net *.facebook.com *.abouthotelier.com; report-uri /reports?hid=4270&cid=5301&sid=I0jX0SJINh1Nj9q_eusMfy5_
content-encoding
gzip
x-cdn
Incapsula
x-iinfo
2-6367174-6367175 NNNN CT(169 344 0) RT(1596249205670 0) q(0 0 5 0) r(10 10) U12
NotoSans-Regular.ttf
be.synxis.com/assets/chain/5301/hotel/4270/fileStorage/font/
405 KB
406 KB
Font
General
Full URL
https://be.synxis.com/assets/chain/5301/hotel/4270/fileStorage/font/NotoSans-Regular.ttf
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9e9b4c53bd25cad9c04d370f133a5e32d166d0d54e2a9ad6cba4a31fcd382d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Origin
https://be.synxis.com

Response headers

date
Sat, 01 Aug 2020 02:33:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Jan 2019 15:02:08 GMT
x-cdn
Incapsula
etag
W/"414820-1548342128000"
x-frame-options
SAMEORIGIN
content-type
font/ttf
status
200
x-iinfo
2-6367183-6367184 NNNN CT(178 176 0) RT(1596249206907 0) q(0 0 3 -1) r(7 7) U12
strict-transport-security
max-age=31536000;includeSubDomains
accept-ranges
bytes
content-length
414820
x-xss-protection
1; mode=block
font-spark-icon-fill.woff2
be.synxis.com/public/js/
30 KB
30 KB
Font
General
Full URL
https://be.synxis.com/public/js/font-spark-icon-fill.woff2
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Origin
https://be.synxis.com

Response headers

date
Sat, 01 Aug 2020 02:33:27 GMT
content-encoding
gzip
last-modified
Mon, 20 Jul 2020 14:16:21 GMT
x-cdn
Incapsula
etag
"66305-9015219-1595254581000"
strict-transport-security
max-age=31536000
content-type
application/font-woff2
status
200
x-iinfo
2-6367185-6366129 2VNN RT(1596249206911 0) q(0 0 0 -1) r(7 7)
cache-control
max-age=1, public
content-length
31048
expires
Sat, 01 Aug 2020 02:33:28 GMT
font-spark-icon-line.woff2
be.synxis.com/public/js/
39 KB
39 KB
Font
General
Full URL
https://be.synxis.com/public/js/font-spark-icon-line.woff2
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Origin
https://be.synxis.com

Response headers

date
Sat, 01 Aug 2020 02:33:27 GMT
content-encoding
gzip
last-modified
Mon, 20 Jul 2020 14:16:21 GMT
x-cdn
Incapsula
etag
"66305-16905850-1595254581000"
strict-transport-security
max-age=31536000
content-type
application/font-woff2
status
200
x-iinfo
2-6367186-6367187 2VNN RT(1596249206914 0) q(0 0 0 -1) r(0 7)
cache-control
max-age=1, public
content-length
39469
expires
Sat, 01 Aug 2020 02:33:28 GMT
css
fonts.googleapis.com/
7 KB
821 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 01 Aug 2020 02:17:44 GMT
server
ESF
date
Sat, 01 Aug 2020 02:33:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Aug 2020 02:33:27 GMT
gtm.js
www.googletagmanager.com/
146 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3fb3c1d0a567a32531ea51e6bf8d34961dd25ec06bdfc9385ff9723b35d4e5f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 02:33:27 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38741
x-xss-protection
0
last-modified
Sat, 01 Aug 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Aug 2020 02:33:27 GMT
client.js
be.synxis.com/public/js/
4 MB
1 MB
Script
General
Full URL
https://be.synxis.com/public/js/client.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
cf2082268de3d61a954f75b098953638d8fa5fec717e75a2adabd2617f12dfe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 02:33:27 GMT
content-encoding
gzip
last-modified
Mon, 20 Jul 2020 14:16:21 GMT
x-cdn
Incapsula
etag
"66305-4474622-1595254581000"
strict-transport-security
max-age=31536000
content-type
application/javascript
status
200
x-iinfo
2-6367190-6367191 2VNN RT(1596249207266 0) q(0 0 0 -1) r(0 6)
cache-control
max-age=1, public
content-length
1127913
expires
Sat, 01 Aug 2020 02:33:28 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 21:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1398811
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jul 2021 21:59:56 GMT
all.css
use.fontawesome.com/releases/v5.6.3/css/
52 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Origin
https://be.synxis.com

Response headers

date
Sat, 01 Aug 2020 02:33:27 GMT
content-encoding
gzip
last-modified
Thu, 20 Dec 2018 17:45:13 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"dc93d584e41f8417f6b7163320d34329"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
getProductAvailability
be.synxis.com/gw/product/v1/
476 B
1 KB
XHR
General
Full URL
https://be.synxis.com/gw/product/v1/getProductAvailability
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache-Coyote/1.1 / ASP.NET
Resource Hash
b5ec346cf3c52bbaaff32e7ef7020fe74a3248186663b7f59c3ad039eea41bc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-business-context
BE
Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
context
BE
ActivityID
I0jX0SJINh1Nj9q_eusMfy5_
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

origin
https://be.synxis.com
content-encoding
gzip
x-cdn
Incapsula
accept-language
en-US
status
200
x-iinfo
2-6367188-6367189 NNNN CT(171 171 0) RT(1596249207084 0) q(0 0 4 -1) r(8 8) U6
sec-fetch-dest
empty
pragma
no-cache
x-forwarded-host
be.synxis.com
x-amzn-trace-id
Root=1-5f24d477-5b122d3e3b0d3cf621c07f5e
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
activityid
I0jX0SJINh1Nj9q_eusMfy5_
access-control-allow-origin
https://be.synxis.com
cache-control
no-cache
context
BE
referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
sec-fetch-mode
cors
strict-transport-security
max-age=31536000
message-id
2g7s57fbl
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-forwarded-for
194.99.105.99, 198.143.55.2, 10.123.76.176
x-forwarded-proto
https
content-length
305
true-client-ip
194.99.105.99
x-business-context
BE
server
Apache-Coyote/1.1
access-control-max-age
3600
x-forwarded-port
443
x-xss-protection
1; mode=block
access-control-allow-credentials
true
incap-proxy-324
OK
sec-fetch-site
same-origin
conversation-id
5xplg8cn2
content-type
application/json;charset=UTF-8
date
Sat, 01 Aug 2020 02:33:27 GMT
_Incapsula_Resource
be.synxis.com/
129 KB
18 KB
Script
General
Full URL
https://be.synxis.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=726015375
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0a7f0277eac47824b3c85a6af11533683a84ff6d706fd51b8156d307d3ebdba8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
18651
content-type
application/javascript
gtm.js
www.googletagmanager.com/
112 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXWN8RM
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
428fe8a37c8fa9ee3240ed04457d777c7c581ce080b159df17a87cc8fa35b79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 02:33:27 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32754
x-xss-protection
0
last-modified
Sat, 01 Aug 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Aug 2020 02:33:27 GMT
logo.svg
be-cms-api.synxis.com/assets/chain/5301/hotel/4270/fileStorage/image/
141 KB
98 KB
Image
General
Full URL
https://be-cms-api.synxis.com/assets/chain/5301/hotel/4270/fileStorage/image/logo.svg
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.155.144 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f1a6eae486a9baa45145b516a9a135061558c27d18e217e4be7302bba9de27fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000;includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Jan 2019 15:00:28 GMT
x-cdn
Incapsula
etag
W/"144610-1548342028000"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
x-iinfo
9-1524039-1524040 NNYN CT(137 279 0) RT(1596249207250 0) q(0 0 4 0) r(6 6) U5
date
Sat, 01 Aug 2020 02:33:27 GMT
accept-ranges
bytes
x-xss-protection
1; mode=block
_Incapsula_Resource
be.synxis.com/
1 B
36 B
Image
General
Full URL
https://be.synxis.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5820752513923688
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
nxt_classes_3.02.001.js
tower-1.navarinoservices.com/api/V3.2/js/
51 KB
51 KB
Script
General
Full URL
https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXWN8RM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.228.8.247 , United Kingdom, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
server109-228-8-247.live-servers.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
e099549425ac4e7068d44b56a1a6827a9ee12c0f8dab4931af5ca41b2a442d05

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 01 Aug 2020 02:33:27 GMT
Last-Modified
Mon, 30 Jul 2018 13:30:01 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"ca8c-57237755c8c12"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
51852
nxt_sbe_3.02.003.js
tower-2.navarinoservices.com/hotels/4270/js/
23 KB
23 KB
Script
General
Full URL
https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXWN8RM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.228.5.54 , United Kingdom, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
server109-228-5-54.live-servers.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
c1fc65b5049c6d5c8020c7b0bbc7ab04be6b4be714a972d11947cc0626e48ec0

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 01 Aug 2020 02:33:28 GMT
Last-Modified
Tue, 14 Jan 2020 13:45:07 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"5a84-59c19ccc6dd98"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
23172
vendors~en.js
be.synxis.com/public/js/
32 KB
5 KB
Script
General
Full URL
https://be.synxis.com/public/js/vendors~en.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e99d1b3e951bed7d5dea1d300167159ff17c6c4dcc692849c21dcc39a9a784df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 02:33:28 GMT
content-encoding
gzip
last-modified
Mon, 20 Jul 2020 14:16:21 GMT
x-cdn
Incapsula
etag
"66305-9015297-1595254581000"
strict-transport-security
max-age=31536000
content-type
application/javascript
status
200
x-iinfo
2-6367195-6367151 2VNN RT(1596249208264 0) q(0 0 0 -1) r(7 7)
cache-control
max-age=1, public
content-length
5117
expires
Sat, 01 Aug 2020 02:33:29 GMT
nxt_sbe_3.02.003.css
tower-2.navarinoservices.com/hotels/4270/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://tower-2.navarinoservices.com/hotels/4270/css/nxt_sbe_3.02.003.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXWN8RM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.228.5.54 , United Kingdom, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
server109-228-5-54.live-servers.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
83b69734fcdcd01cea33f74a4f7f9d8ab80beba38a71da1ff71b577451250aa3

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 01 Aug 2020 02:33:28 GMT
Last-Modified
Tue, 14 Jan 2020 13:45:10 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"8b5-59c19ccf2df38"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2229
nxt.php
tower-2.navarinoservices.com/api/V3.2/
400 B
696 B
Script
General
Full URL
https://tower-2.navarinoservices.com/api/V3.2/nxt.php?id=4270&action=av&callback=jQuery33108236279694531952_1596249207578&_=1596249207579
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.228.5.54 , United Kingdom, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
server109-228-5-54.live-servers.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
cd6c2b8b141dade75c9e103dbcf81ea7ae5134495c574d7cfbf3041bb8918bb5

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 01 Aug 2020 02:33:28 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Access-Control-Allow-Methods
GET,POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
close
Content-Length
400
nxt.php
tower-2.navarinoservices.com/api/V3.2/
72 B
367 B
Script
General
Full URL
https://tower-2.navarinoservices.com/api/V3.2/nxt.php?id=4270&action=ct&callback=jQuery33108236279694531952_1596249207580&_=1596249207581
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.228.5.54 , United Kingdom, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
server109-228-5-54.live-servers.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
94d977ac021858abb8fd84e55356de8dc54c55829488ace7c68af1534f72d5d1

Request headers

Referer
https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 01 Aug 2020 02:33:28 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Access-Control-Allow-Methods
GET,POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
close
Content-Length
72
getProductAvailability
be.synxis.com/gw/product/v1/
476 B
637 B
Fetch
General
Full URL
https://be.synxis.com/gw/product/v1/getProductAvailability
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache-Coyote/1.1 / ASP.NET
Resource Hash
e848d3a11a3cfc0cfddfc3c094bc153e6dfc119f36e5b0516b8ed3e52d3171f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json,application/x-javascript
Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
Context
BE
ActivityID
I0jX0SJINh1Nj9q_eusMfy5_
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

origin
https://be.synxis.com
content-encoding
gzip
x-cdn
Incapsula
accept-language
en-US
status
200
x-iinfo
2-6367199-6367184 PNNN RT(1596249209252 0) q(0 0 0 -1) r(4 4) U6
sec-fetch-dest
empty
pragma
no-cache
x-forwarded-host
be.synxis.com
x-amzn-trace-id
Root=1-5f24d479-a3d5ecca204793bc9bfc927a
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
activityid
I0jX0SJINh1Nj9q_eusMfy5_
access-control-allow-origin
https://be.synxis.com
cache-control
no-cache
context
BE
referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
sec-fetch-mode
cors
strict-transport-security
max-age=31536000
message-id
pt5wgpyqa
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-forwarded-for
194.99.105.99, 198.143.55.2, 10.123.77.116
x-forwarded-proto
https
content-length
306
true-client-ip
194.99.105.99
server
Apache-Coyote/1.1
access-control-max-age
3600
x-forwarded-port
443
x-xss-protection
1; mode=block
access-control-allow-credentials
true
incap-proxy-324
OK
sec-fetch-site
same-origin
conversation-id
248kwnwip
content-type
application/json;charset=UTF-8
date
Sat, 01 Aug 2020 02:33:29 GMT
6.js
be.synxis.com/public/js/
102 KB
19 KB
Script
General
Full URL
https://be.synxis.com/public/js/6.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f80967ad97c07757e0d8e6759f756a8c9e6994cc33cd12d301c3d0a92dda5363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 02:33:29 GMT
content-encoding
gzip
last-modified
Mon, 20 Jul 2020 14:16:21 GMT
x-cdn
Incapsula
etag
"66305-4482545-1595254581000"
strict-transport-security
max-age=31536000
content-type
application/javascript
status
200
x-iinfo
2-6367200-6367151 2VNN RT(1596249209260 0) q(0 0 0 -1) r(2 2)
cache-control
max-age=1, public
content-length
19422
expires
Sat, 01 Aug 2020 02:33:30 GMT
AEC.js
icm.aexp-static.com/Internet/IMDC/AmexExpressCheckout/js/2.0/
62 KB
18 KB
Script
General
Full URL
https://icm.aexp-static.com/Internet/IMDC/AmexExpressCheckout/js/2.0/AEC.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.235.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-235-165.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f59b70a16da70dbdabc90db7e7919e8497c35e3d9658a4bd0bb50702ec8b659d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 02:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 21:13:13 GMT
server
Akamai Resource Optimizer
status
200
etag
"f946-570c0b830c8cd-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, must-revalidate, max-age=5455
accept-ranges
bytes
content-length
18247
hero.jpg
be-cms-api.synxis.com/assets/chain/5301/hotel/4270/fileStorage/image/
197 KB
197 KB
Image
General
Full URL
https://be-cms-api.synxis.com/assets/chain/5301/hotel/4270/fileStorage/image/hero.jpg
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.155.144 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
60e2fb5edd682ccf29dca1d465ea4e51ad6dbd38cf4ad81b962b7b8db43596d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000;includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 24 Jan 2019 15:00:27 GMT
x-cdn
Incapsula
etag
W/"201509-1548342027000"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-iinfo
9-1524042-1524040 PNNN RT(1596249208803 0) q(0 0 0 -1) r(1 1) U5
date
Sat, 01 Aug 2020 02:33:28 GMT
accept-ranges
bytes
content-length
201509
x-xss-protection
1; mode=block
GetUrgencyTriggers
be.synxis.com/gw/product/v1/
1 KB
486 B
Fetch
General
Full URL
https://be.synxis.com/gw/product/v1/GetUrgencyTriggers
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache-Coyote/1.1 / ASP.NET
Resource Hash
a785a7871ce31a19941e4e73a88c08f533b03a84d88715a966a0628950368abe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json,application/x-javascript
Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
Context
BE
ActivityID
I0jX0SJINh1Nj9q_eusMfy5_
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

origin
https://be.synxis.com
content-encoding
gzip
x-cdn
Incapsula
accept-language
en-US
status
200
x-iinfo
2-6367205-6367184 PNNN RT(1596249210086 0) q(0 0 0 -1) r(5 5) U6
sec-fetch-dest
empty
pragma
no-cache
x-forwarded-host
be.synxis.com
x-amzn-trace-id
Root=1-5f24d47a-1b699356ab20d6344f3c9383
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
activityid
I0jX0SJINh1Nj9q_eusMfy5_
access-control-allow-origin
https://be.synxis.com
cache-control
no-cache
context
BE
referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
sec-fetch-mode
cors
strict-transport-security
max-age=31536000
message-id
fkfi8zz1v
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-forwarded-for
194.99.105.99, 198.143.55.2, 10.123.76.176
x-forwarded-proto
https
content-length
302
true-client-ip
194.99.105.99
server
Apache-Coyote/1.1
access-control-max-age
3600
x-forwarded-port
443
x-xss-protection
1; mode=block
access-control-allow-credentials
true
incap-proxy-324
OK
sec-fetch-site
same-origin
conversation-id
2j9kf21lo
content-type
application/json;charset=UTF-8
date
Sat, 01 Aug 2020 02:33:30 GMT
dataStream.js
be.synxis.com/public/js/
7 KB
3 KB
Script
General
Full URL
https://be.synxis.com/public/js/dataStream.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/?chain=5301&hotel=4270&locale=en-gb&PROMO=AIRLIQUIDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ab89b8948f8fd74e52d88b21fdee55667a29578f48eadb7775017c152f3765b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 02:33:30 GMT
content-encoding
gzip
last-modified
Fri, 19 Jun 2020 19:57:24 GMT
x-cdn
Incapsula
etag
"66305-13050041-1592596644000"
strict-transport-security
max-age=31536000
content-type
application/javascript
status
200
x-iinfo
2-6367206-6366671 2VNN RT(1596249210255 0) q(0 0 0 -1) r(7 7)
cache-control
max-age=1, public
content-length
2450
expires
Sat, 01 Aug 2020 02:33:31 GMT
fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/
15 KB
15 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://be.synxis.com

Response headers

date
Sat, 01 Aug 2020 02:33:30 GMT
last-modified
Thu, 20 Dec 2018 17:45:35 GMT
server
NetDNA-cache/2.2
status
200
etag
"4b218302f9057d02864d4909661831e9"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
14872
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/
77 KB
78 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://be.synxis.com

Response headers

date
Sat, 01 Aug 2020 02:33:30 GMT
last-modified
Thu, 20 Dec 2018 17:45:39 GMT
server
NetDNA-cache/2.2
status
200
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
79100
dxgtm.js
be.synxis.com/public/js/
14 KB
3 KB
Script
General
Full URL
https://be.synxis.com/public/js/dxgtm.js
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/dataStream.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fce4c0053f4a73027bcf96675faebcb7bca48d93f291a16d68e5dd4515565802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 02:33:31 GMT
content-encoding
gzip
last-modified
Fri, 19 Jun 2020 19:57:24 GMT
x-cdn
Incapsula
etag
"66305-1014156-1592596644000"
strict-transport-security
max-age=31536000
content-type
application/javascript
status
200
x-iinfo
2-6367210-6367191 2VNN RT(1596249211022 0) q(0 0 0 -1) r(1 1)
cache-control
max-age=1, public
content-length
2973
expires
Sat, 01 Aug 2020 02:33:32 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXWN8RM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 21:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1398815
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jul 2021 21:59:56 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXWN8RM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1072
date
Sat, 01 Aug 2020 02:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Sat, 01 Aug 2020 04:15:39 GMT
/
gatag.it/v2/
15 KB
5 KB
Script
General
Full URL
https://gatag.it/v2/
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/dxgtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.29
Resource Hash
20bfa21014f452774eca1dffa8ec595bacb01bbc1a4ff613adacd6b5a0b423a3

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 02:33:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.3.29
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
status
200
x-cnection
close
cf-ray
5bbc27a38de30eb7-FRA
cf-request-id
0449771a3600000eb7ac0ca200000001
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 01:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3095
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Sat, 01 Aug 2020 02:41:56 GMT
collect
www.google-analytics.com/
35 B
97 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=374405110&t=pageview&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&dp=sbe%2F4270%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Manor%20House%20Hotel%20Alsager%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAL~&jid=844858049&gjid=1721642116&cid=704485876.1596249211&tid=UA-64174566-57&_gid=1152736862.1596249211&gtm=2wg7m1WXWN8RM&cd1=4270&cd2=5301&cd3=NAV%20-%20Navarino%20Services&cd4=Manor%20House%20Hotel%20Alsager&z=1204872497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 18:25:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
893309
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
35 B
133 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-64174566-57&cid=704485876.1596249211&jid=844858049&gjid=1721642116&_gid=1152736862.1596249211&_u=YGBAgAAL~&z=1891661639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 01 Aug 2020 02:33:31 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=374405110&t=pageview&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&dp=sbe%2F4270%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Manor%20House%20Hotel%20Alsager%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiAALB~&jid=1021155669&gjid=581748445&cid=704485876.1596249211&tid=UA-82926213-1&_gid=1152736862.1596249211&gtm=2wg7m1WXWN8RM&cd1=4270&cd2=5301&cd3=NAV%20-%20Navarino%20Services&cd4=Manor%20House%20Hotel%20Alsager&z=1687907158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 18:25:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
893309
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-82926213-1&cid=704485876.1596249211&jid=1021155669&gjid=581748445&_gid=1152736862.1596249211&_u=YGDAiAALB~&z=369729809
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=1021155669&_v=j83&z=369729809
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=1021155669&_v=j83&z=369729809&slf_rd=1&random=85188339
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=1021155669&_v=j83&z=369729809&slf_rd=1&random=85188339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=1021155669&_v=j83&z=369729809&slf_rd=1&random=85188339
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loy_3.02.004.js
tower-2.navarinoservices.com/hotels/4270/loyalty/
9 KB
9 KB
Script
General
Full URL
https://tower-2.navarinoservices.com/hotels/4270/loyalty/loy_3.02.004.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXWN8RM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.228.5.54 , United Kingdom, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
server109-228-5-54.live-servers.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
9eb363772e78d75080161728cbef8a825dadd36123850aa4fd2699f45351c5cf

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 01 Aug 2020 02:33:31 GMT
Last-Modified
Tue, 10 Mar 2020 11:31:33 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"2426-5a07e76366629"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9254
collect
www.google-analytics.com/r/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=374405110&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&dp=sbe%2F4270%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Manor%20House%20Hotel%20Alsager%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Impression&_u=aGDACAALB~&jid=1350934429&gjid=511778959&cid=704485876.1596249211&tid=UA-64174566-57&_gid=1152736862.1596249211&_r=1&gtm=2wg7m1WXWN8RM&z=1712604871
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=374405110&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-82926213-1&cid=704485876.1596249211&jid=888306678&_gid=1152736862.1596249211&gjid=1939919539&_v=j83&z=1106425442
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=888306678&_v=j83&z=1106425442
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=888306678&_v=j83&z=1106425442&slf_rd=1&random=2180868807
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=888306678&_v=j83&z=1106425442&slf_rd=1&random=2180868807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-82926213-1&cid=704485876.1596249211&jid=888306678&_v=j83&z=1106425442&slf_rd=1&random=2180868807
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=374405110&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&dp=sbe%2F4270%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Manor%20House%20Hotel%20Alsager%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Impression&_u=aGDACAALB~&jid=&gjid=&cid=704485876.1596249211&tid=UA-64174566-57&_gid=1152736862.1596249211&gtm=2wg7m1WXWN8RM&z=679750895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 18:25:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
893309
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=374405110&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&dp=sbe%2F4270%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Manor%20House%20Hotel%20Alsager%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Impression&_u=aGDACAALB~&jid=&gjid=&cid=704485876.1596249211&tid=UA-82926213-1&_gid=1152736862.1596249211&gtm=2wg7m1WXWN8RM&z=580387343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 18:25:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
893309
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=374405110&t=pageview&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&dp=ngbe%2F4270%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Manor%20House%20Hotel%20Alsager%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAALB~&jid=1728754496&gjid=605173601&cid=704485876.1596249211&tid=UA-106819988-1&_gid=1152736862.1596249211&gtm=2wg7m1W866TTJ&cd1=4270&cd2=5301&cd3=NAV%20-%20Navarino%20Services&cd4=Manor%20House%20Hotel%20Alsager&cd29=MAN&cd30=LOY&cd31=Alsager&cd32=Cheshire&cd33=United%20Kingdom&cd34=ST7%202QQ&cd36=0&cd37=1&cd38=2020%2F08%2F01&cd39=2020%2F08%2F02&cd40=0&cd41=1&cd46=1&cd47=0&cd48=False&cd49=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&z=604946921
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 18:25:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
893309
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-106819988-1&cid=704485876.1596249211&jid=1728754496&gjid=605173601&_gid=1152736862.1596249211&_u=aGDAiAALB~&z=1131802368
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=1728754496&_v=j83&z=1131802368
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=1728754496&_v=j83&z=1131802368&slf_rd=1&random=4060473188
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=1728754496&_v=j83&z=1131802368&slf_rd=1&random=4060473188
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=1728754496&_v=j83&z=1131802368&slf_rd=1&random=4060473188
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=374405110&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106819988-1&cid=704485876.1596249211&jid=454267129&_gid=1152736862.1596249211&gjid=1173906235&_v=j83&z=1219775125
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=454267129&_v=j83&z=1219775125
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=454267129&_v=j83&z=1219775125&slf_rd=1&random=1352953947
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=454267129&_v=j83&z=1219775125&slf_rd=1&random=1352953947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106819988-1&cid=704485876.1596249211&jid=454267129&_v=j83&z=1219775125&slf_rd=1&random=1352953947
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
close.png
tower-2.navarinoservices.com/images/
1 KB
1 KB
Image
General
Full URL
https://tower-2.navarinoservices.com/images/close.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.228.5.54 , United Kingdom, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
server109-228-5-54.live-servers.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
c391dfe416977a7d1b0d59f3fbb7869f1425d4fe0f8402f42a97d43dd25f818a

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 01 Aug 2020 02:33:31 GMT
Last-Modified
Tue, 11 Aug 2015 08:55:06 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"4a0-51d0542300f32"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1184
loy_3.02.001.css
tower-2.navarinoservices.com/hotels/4270/loyalty/
2 KB
2 KB
Stylesheet
General
Full URL
https://tower-2.navarinoservices.com/hotels/4270/loyalty/loy_3.02.001.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXWN8RM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.228.5.54 , United Kingdom, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
server109-228-5-54.live-servers.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
f4bd5aaeee951f3f9295139295a567a14365596df424813f0eb9ca33ccc72c19

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 01 Aug 2020 02:33:31 GMT
Last-Modified
Tue, 08 Jan 2019 14:43:59 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"7b2-57ef360364fd6"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1970
ga.js
google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://google-analytics.com/ga.js
Requested by
Host: gatag.it
URL: https://gatag.it/v2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
392
date
Sat, 01 Aug 2020 02:26:59 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 01 Aug 2020 04:26:59 GMT
__utm.gif
ssl.google-analytics.com/r/
35 B
387 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1238766950&utmhn=be.synxis.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Manor%20House%20Hotel%20Alsager%20-%20Reservations%20-%20Room%20Availability&utmhid=374405110&utmr=-&utmp=%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&utmht=1596249211683&utmac=UA-41848973-1&utmcc=__utma%3D77553030.704485876.1596249211.1596249212.1596249212.1%3B%2B__utmz%3D77553030.1596249212.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1669116821&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAABAAAE~
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
www.gatag.it/
146 B
338 B
Script
General
Full URL
https://www.gatag.it/index.php?&skey=$48R3&device=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2020-08-01%26chain%3D5301%26child%3D0%26currency%3DGBP%26depart%3D2020-08-02%26hotel%3D4270%26level%3Dhotel%26locale%3Den-US%26promo%3DAIRLIQUIDE%26rooms%3D1&callback=callback
Requested by
Host: gatag.it
URL: https://gatag.it/v2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50f10898342061c80fea923b4a5ec511ce9e9fe32457dc69ecb5524bd3a8b44e

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
status
200
x-cnection
close
cf-ray
5bbc27a52faa0eb7-FRA
cf-request-id
0449771b3800000eb7ac0e8200000001
expires
Thu, 19 Nov 1981 08:52:00 GMT
smile.gif
capture.gatag.it/
Redirect Chain
  • https://capture.gatag.it/?act=0&cid=0&apikey=%3FYXZkew%253D%253D&type=look&name=Manor%20House%20Hotel%20Alsager&promo=AIRLIQUIDE&iata=&group=&arrival=2020%2F08%2F01&depart=2020%2F08%2F02&template=N...
  • https://capture.gatag.it/smile.gif
43 B
317 B
Image
General
Full URL
https://capture.gatag.it/smile.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 02:33:32 GMT
cf-cache-status
HIT
last-modified
Fri, 12 Jun 2020 06:43:02 GMT
server
cloudflare
age
2975
etag
"2b-5a7dd63786980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
5bbc27a93be00eb7-FRA
content-length
43
cf-request-id
0449771dc100000eb7ac151200000001

Redirect headers

pragma
no-cache
date
Sat, 01 Aug 2020 02:33:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
302
content-type
text/html; charset=UTF-8
location
/smile.gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
5bbc27a53fb80eb7-FRA
cf-request-id
0449771b4000000eb7ac0eb200000001
expires
Thu, 19 Nov 1981 08:52:00 GMT
events
be.synxis.com/gw/v1/log/
91 B
787 B
Fetch
General
Full URL
https://be.synxis.com/gw/v1/log/events
Requested by
Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
4dfac3843ca30a2161fad324096ab4790d37d21ee44dc59d6b4e0dcaa64651f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

origin
https://be.synxis.com
content-encoding
gzip
vary
Origin
x-cdn
Incapsula
accept-language
en-US
status
200
x-iinfo
2-6367215-6367216 NNNN CT(174 354 0) RT(1596249214669 0) q(0 0 6 0) r(8 8) U6
sec-fetch-dest
empty
strict-transport-security
max-age=31536000
pragma
no-cache
x-forwarded-host
be.synxis.com
x-amzn-trace-id
Root=1-5f24d47f-a9dd9f50a768b050faf31a88
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://be.synxis.com
cache-control
no-cache
referer
https://be.synxis.com/?adult=1&arrive=2020-08-01&chain=5301&child=0&currency=GBP&depart=2020-08-02&hotel=4270&level=hotel&locale=en-US&promo=AIRLIQUIDE&rooms=1
sec-fetch-mode
cors
date
Sat, 01 Aug 2020 02:33:35 GMT
message-id
1o8yuygjl
x-content-type-options
nosniff
x-forwarded-for
194.99.105.99, 198.143.55.2, 10.123.76.176
x-forwarded-proto
https
content-length
53
true-client-ip
194.99.105.99
server
Apache-Coyote/1.1
access-control-max-age
3600
x-xss-protection
1; mode=block
access-control-allow-credentials
true
incap-proxy-324
OK
sec-fetch-site
same-origin
conversation-id
2dh63q71c
x-forwarded-port
443

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| process object| dataLayer object| stateTriggers object| loadState boolean| isFirstLoad boolean| isFirstDisplay object| m function| sbe_setMetrics function| sbe_logMetrics object| _globalTracking object| w object| d string| s object| dataStream string| criteria object| xhr string| requestUrl object| initialLoadProducts function| $ function| jQuery object| __INITIAL_STATE__ string| _sid_ string| _maskedHostName_ string| _hostRegionCode_ object| google_tag_manager function| locale_class function| nxt_class function| room_rates_class function| best_rate_class function| stay_class function| count_class function| last_reservation_class object| webpackJsonp function| setImmediate function| clearImmediate object| React function| Component symbol| Fragment object| PropTypes object| Children function| withStyles object| _ function| bindRedux function| Immutable function| injectIntl function| defineMessages function| FormattedDate function| FormattedNumber function| FormattedMessage function| FormattedMoney function| Infinite object| __nxt number| debug function| refresh_stay function| refresh_locale function| refresh_booster function| $nxt function| aec_callback_handler object| aec_init object| globalTracking boolean| amexIsEpaasClientId string| aec_version function| maintenanceStatus function| isIE object| $amex object| events_ object| eventData_ boolean| dx object| _events object| eventWrappers_ object| eventLogs object| audience object| pluggins object| plugginsQ object| plugginsTl function| registerEvent function| listen function| subscribe function| binge function| unsubscribe function| send function| customEvent function| merge function| isArray function| importScript function| import object| jsonp function| pluggin function| registerPluggin object| registeredPluggins string| proto object| b object| rzt object| qrs string| hotel string| chain boolean| handleChains string| test_container object| pilot_gtm_map object| _GlobalTokens object| google_tag_data string| GoogleAnalyticsObject function| ga number| maxProducts object| product undefined| p1 object| _gInstanceRef string| script object| gaplugins object| gaGlobal object| gaData object| _loy function| loyalty_load function| setup_popup_1 function| setup_popup_2 function| setup_popup_3 object| Qrs object| chObtain object| _gaq object| _gat function| callback

8 Cookies

Domain/Path Name / Value
.synxis.com/ Name: nlbi_2103294
Value: MxqNJyyHeArD8I7WZtZ5egAAAADXLEYfgtj2bjW1wz2XFBlH
.synxis.com/ Name: incap_ses_324_1215874
Value: 385iQtLKEkYE0bZdnBR/BHbUJF8AAAAAV4JuYhKtcKUzmc5EaOqaYQ==
.synxis.com/ Name: nlbi_1215874
Value: lRGUJzC/bwjdKdpLnAADWwAAAAC4CbWIXBsvT6EotNrxXnho
.synxis.com/ Name: incap_ses_687_2103294
Value: F5xEEN4Mlin5365587aICXfUJF8AAAAAjNedyDfLB/uZ4jLrQQzN5Q==
.synxis.com/ Name: visid_incap_2103294
Value: WylzRNHeRMSITc3AimJzYnfUJF8AAAAAQUIPAAAAAACQclZVcPw1MBi2j7veFpxF
.synxis.com/ Name: visid_incap_1215874
Value: Wgd1q8piQECWgsDEnm1RvXXUJF8AAAAAQUIPAAAAAAA0Zj7vGYcTlyIUJA3E8J4G
.synxis.com/ Name: apisession
Value: MDAxMTZ-eC91UzFhR0NVZGlGVmVUaEdDN1c0NVp0RUhlR0E3WkhmeEZtejBpT0YzSzAxcndhUXdtbUtuNDZ1Z2JyRHhhOHMzdDg2Y3NwY1VvSXUrclpqemx4UHkvUy82Z05mMWQwMGdUM1F2NFNIU3BXbTBzd0kvUGhUcmZGaWE4T1Fha21CaVY2ZnVyMUdWVW5YdmxWdHJGdUx5YkdyRGpLeFhyaStnanpLS3VYUkdyenpkQ2dwVDU3Z3Z6Z2tYUVVtdXVJWStwYWM3U2dBUnlZMWZNejN1VjhxMDA1Z0tjZXZZVFdyOVJLVkJIWHhlendvcURlQXlmRXV0amJ5M3Zxd0hLUVBvY2VlOUdzSXVPR1FuYy91bENwb1F4NGMrdG5jSWVUMlNCZFRDRWxiUEJlK1hleHROaDIwc1dReDRGNFhBeFo
be.synxis.com/ Name: sessionID
Value: I0jX0SJINh1Nj9q_eusMfy5_

59 Console Messages

Source Level URL
Text
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 583)
Message:
best_rate.load() url = https://tower-2.navarinoservices.com/api/V3.2/nxt.php?id=4270&action=av
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 709)
Message:
best_rate.load_messages() locale = en-US
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 719)
Message:
best_rate.refresh_messages()
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 791)
Message:
best_rate.refresh_messages() rate_message = Checking our best rates for you...
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 792)
Message:
best_rate.refresh_messages() updated_message = undefined
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 793)
Message:
best_rate.refresh_messages() availability_message =
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 794)
Message:
best_rate.refresh_messages() rate_detail =
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1032)
Message:
stay.load_messages() locale = en-US
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1042)
Message:
stay.refresh_messages()
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1146)
Message:
stay.refresh_messages() rate_message = Checking our best rates for you...
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1148)
Message:
stay.refresh_messages() availability_message =
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1149)
Message:
stay.refresh_messages() rate_detail =
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1252)
Message:
count.load_messages() locale = en-US
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1260)
Message:
count.refresh_message()
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1285)
Message:
count.refresh_message())
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 489)
Message:
refresh_booster() en-US
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 495)
Message:
refresh_booster(en-US)
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 499)
Message:
refresh_booster() loading
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 719)
Message:
best_rate.refresh_messages()
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 782)
Message:
best_rate.refresh_message() anonymous()
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 313)
Message:
nxt_best_rate.update_callback() Checking our best rates for you...
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 314)
Message:
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 791)
Message:
best_rate.refresh_messages() rate_message = Checking our best rates for you...
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 792)
Message:
best_rate.refresh_messages() updated_message = undefined
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 793)
Message:
best_rate.refresh_messages() availability_message =
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 794)
Message:
best_rate.refresh_messages() rate_detail =
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1260)
Message:
count.refresh_message()
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1277)
Message:
count.refresh_message() anonymous()
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 364)
Message:
nxt_count.update_callback()
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1285)
Message:
count.refresh_message())
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 475)
Message:
refresh_locale() en-US
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 615)
Message:
best_rate.load() OK, - 130
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 719)
Message:
best_rate.refresh_messages()
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 782)
Message:
best_rate.refresh_message() anonymous()
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 313)
Message:
nxt_best_rate.update_callback() Our best rate tonight is <span class="nxt-rate">94.00 GBP</span> <span class="nxt-adult"> </span>
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 314)
Message:
2020-08-01, SGL: BAR_BB-ID 94.00 GBP
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 791)
Message:
best_rate.refresh_messages() rate_message = Our best rate tonight is <span class="nxt-rate">94.00 GBP</span> <span class="nxt-adult"> </span>
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 792)
Message:
best_rate.refresh_messages() updated_message = Updated 1 hour 19 minutes ago.
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 793)
Message:
best_rate.refresh_messages() availability_message = Only <span class="nxt-count-number"> 2 </span> rooms left at our best rate.
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 794)
Message:
best_rate.refresh_messages() rate_detail = 2020-08-01, SGL: BAR_BB-ID 94.00 GBP
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1206)
Message:
count.load() OK, count = 1 - 204
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1260)
Message:
count.refresh_message()
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1277)
Message:
count.refresh_message() anonymous()
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 364)
Message:
nxt_count.update_callback() One person is looking to book this hotel.
console-api log URL: https://tower-1.navarinoservices.com/api/V3.2/js/nxt_classes_3.02.001.js(Line 1285)
Message:
count.refresh_message()) One person is looking to book this hotel.
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 514)
Message:
refresh_booster() reloacating
console-api log URL: https://be.synxis.com/public/js/dataStream.js(Line 2)
Message:
Stream Event (app) [object Object]
console-api log URL: https://be.synxis.com/public/js/dataStream.js(Line 2)
Message:
Stream Event (rooms) [object Object]
console-api log URL: https://be.synxis.com/public/js/dxgtm.js(Line 10)
Message:
dxgtm: No dataLayer, loading GTM
console-api log URL: https://be.synxis.com/public/js/dxgtm.js(Line 10)
Message:
dxgtm: No dataLayer, loading GTM
console-api log (Line 1)
Message:
Locale: en-US
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 475)
Message:
refresh_locale() en-US
console-api log (Line 1)
Message:
Update Stay () 2020/08/01, 2020/08/02
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/js/nxt_sbe_3.02.003.js(Line 451)
Message:
refresh_stay(2020-08-01 2020-08-02 1 0) 2020-08-01 2020-08-02 1 0
console-api log URL: https://tower-2.navarinoservices.com/hotels/4270/loyalty/loy_3.02.004.js(Line 72)
Message:
view by rate
console-api log URL: https://gatag.it/v2/(Line 1)
Message:
2. gaid was not obtained
console-api log URL: https://gatag.it/v2/(Line 1)
Message:
3. Device: _setCustomVar,4,device,pc,1
console-api log URL: https://gatag.it/v2/(Line 1)
Message:
4. RI Sent: ri-pixel-0 [object Object]
console-api log URL: https://gatag.it/v2/(Line 1)
Message:
5. 1==1 && function k(){n.shops[0]?w(n.shops[0]):n.onready()}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
be-cms-api.synxis.com
be.synxis.com
capture.gatag.it
fonts.googleapis.com
gatag.it
google-analytics.com
icm.aexp-static.com
ssl.google-analytics.com
stats.g.doubleclick.net
tower-1.navarinoservices.com
tower-2.navarinoservices.com
use.fontawesome.com
www.gatag.it
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
109.228.5.54
109.228.8.247
23.111.9.35
23.36.235.165
2606:4700:20::681a:c0b
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81e::2008
2a00:1450:4001:820::2004
2a00:1450:4001:825::200a
2a00:1450:400c:c06::9d
45.60.155.144
45.60.46.204
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0a7f0277eac47824b3c85a6af11533683a84ff6d706fd51b8156d307d3ebdba8
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
20bfa21014f452774eca1dffa8ec595bacb01bbc1a4ff613adacd6b5a0b423a3
3fb3c1d0a567a32531ea51e6bf8d34961dd25ec06bdfc9385ff9723b35d4e5f2
428fe8a37c8fa9ee3240ed04457d777c7c581ce080b159df17a87cc8fa35b79e
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4dfac3843ca30a2161fad324096ab4790d37d21ee44dc59d6b4e0dcaa64651f1
50f10898342061c80fea923b4a5ec511ce9e9fe32457dc69ecb5524bd3a8b44e
60e2fb5edd682ccf29dca1d465ea4e51ad6dbd38cf4ad81b962b7b8db43596d5
6221e0ebdc5a81f2b04f073eb64963807a2331eccb9f6aefcf5a542ecd384467
625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b69734fcdcd01cea33f74a4f7f9d8ab80beba38a71da1ff71b577451250aa3
94d977ac021858abb8fd84e55356de8dc54c55829488ace7c68af1534f72d5d1
9e9b4c53bd25cad9c04d370f133a5e32d166d0d54e2a9ad6cba4a31fcd382d5b
9eb363772e78d75080161728cbef8a825dadd36123850aa4fd2699f45351c5cf
a785a7871ce31a19941e4e73a88c08f533b03a84d88715a966a0628950368abe
ab89b8948f8fd74e52d88b21fdee55667a29578f48eadb7775017c152f3765b6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5ec346cf3c52bbaaff32e7ef7020fe74a3248186663b7f59c3ad039eea41bc3
c1fc65b5049c6d5c8020c7b0bbc7ab04be6b4be714a972d11947cc0626e48ec0
c391dfe416977a7d1b0d59f3fbb7869f1425d4fe0f8402f42a97d43dd25f818a
cd6c2b8b141dade75c9e103dbcf81ea7ae5134495c574d7cfbf3041bb8918bb5
cf2082268de3d61a954f75b098953638d8fa5fec717e75a2adabd2617f12dfe2
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
e099549425ac4e7068d44b56a1a6827a9ee12c0f8dab4931af5ca41b2a442d05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e848d3a11a3cfc0cfddfc3c094bc153e6dfc119f36e5b0516b8ed3e52d3171f8
e99d1b3e951bed7d5dea1d300167159ff17c6c4dcc692849c21dcc39a9a784df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a6eae486a9baa45145b516a9a135061558c27d18e217e4be7302bba9de27fa
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f4bd5aaeee951f3f9295139295a567a14365596df424813f0eb9ca33ccc72c19
f59b70a16da70dbdabc90db7e7919e8497c35e3d9658a4bd0bb50702ec8b659d
f80967ad97c07757e0d8e6759f756a8c9e6994cc33cd12d301c3d0a92dda5363
fce4c0053f4a73027bcf96675faebcb7bca48d93f291a16d68e5dd4515565802
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955