be.synxis.com Open in urlscan Pro
45.60.44.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u19297077.ct.sendgrid.net/ls/click?upn=PZRC-2FNAwHO7caUOolybe2nknqRYexHOJAKEHtfBjdZRKctv1BswezhZTgynmdeOijTzvBe-2F0iU08fgT...
Effective URL:
https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducin...
Submission: On November 18 via manual (November 18th 2022, 2:45:03 pm UTC) from US — Scanned from US

Summary HTTP 161 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 59 IPs in 8 countries across 67 domains to perform 161 HTTP transactions. The main IP is 45.60.44.204, located in United States and belongs to INCAPSULA, US. The main domain is be.synxis.com. The Cisco Umbrella rank of the primary domain is 49314.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q4 on October 31st 2022. Valid for: 6 months.

This is the only time be.synxis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
29	45.60.44.204 45.60.44.204	19551 (INCAPSULA) (INCAPSULA)
5	2607:f8b0:402... 2607:f8b0:4024:c01::61	15169 (GOOGLE) (GOOGLE)
2 5	172.253.112.148 172.253.112.148	15169 (GOOGLE) (GOOGLE)
5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:402... 2607:f8b0:4023:1::71	15169 (GOOGLE) (GOOGLE)
2	2600:141b:e80... 2600:141b:e800:138d::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.8.66.68 65.8.66.68	16509 (AMAZON-02) (AMAZON-02)
1	185.167.164.46 185.167.164.46	198622 (ADFORM) (ADFORM)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	104.64.65.49 104.64.65.49	16625 (AKAMAI-AS) (AKAMAI-AS)
4	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
15	45.60.196.96 45.60.196.96	19551 (INCAPSULA) (INCAPSULA)
2 2	216.200.122.13 216.200.122.13	6461 (ZAYO-6461) (ZAYO-6461)
8 8	173.194.209.148 173.194.209.148	15169 (GOOGLE) (GOOGLE)
1 6	2607:f8b0:402... 2607:f8b0:4024:c01::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4024:c02::9b	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4024:c01::9a	15169 (GOOGLE) (GOOGLE)
6 9	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
7 7	173.194.209.156 173.194.209.156	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:402... 2607:f8b0:4024:c02::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4023:1::65	15169 (GOOGLE) (GOOGLE)
5 5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
8	45.60.241.22 45.60.241.22	19551 (INCAPSULA) (INCAPSULA)
1	69.90.254.51 69.90.254.51	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	65.8.66.19 65.8.66.19	16509 (AMAZON-02) (AMAZON-02)
1 3	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
4	23.39.32.234 23.39.32.234	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.139.237.219 151.139.237.219	33438 (STACKPATH) (STACKPATH)
1 16	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1	185.167.164.42 185.167.164.42	198622 (ADFORM) (ADFORM)
1 5	104.77.9.10 104.77.9.10	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	52.54.61.55 52.54.61.55	14618 (AMAZON-AES) (AMAZON-AES)
1	104.64.77.76 104.64.77.76	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.194.192.141 18.194.192.141	16509 (AMAZON-02) (AMAZON-02)
1 2	199.187.193.192 199.187.193.192	47043 (SMARTADSE...) (SMARTADSERVER)
1 2	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
1	63.251.28.234 63.251.28.234	26558 (FREEWHEEL) (FREEWHEEL)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	192.173.28.19 192.173.28.19	13360 (TRITONDIG...) (TRITONDIGITAL)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	3.233.22.19 3.233.22.19	14618 (AMAZON-AES) (AMAZON-AES)
1	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 1	2620:119:50e5... 2620:119:50e5:101::9002:c01	14413 (LINKEDIN) (LINKEDIN)
1 2	104.18.102.194 104.18.102.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.215.101.237 3.215.101.237	14618 (AMAZON-AES) (AMAZON-AES)
1 4	23.36.153.35 23.36.153.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.194.30.138 54.194.30.138	16509 (AMAZON-02) (AMAZON-02)
1	52.218.121.96 52.218.121.96	16509 (AMAZON-02) (AMAZON-02)
3 3	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
1	3.90.54.105 3.90.54.105	14618 (AMAZON-AES) (AMAZON-AES)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.8.66.38 65.8.66.38	16509 (AMAZON-02) (AMAZON-02)
2 3	3.223.194.189 3.223.194.189	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.218.115.225 3.218.115.225	14618 (AMAZON-AES) (AMAZON-AES)
1 1	65.8.66.56 65.8.66.56	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	44.209.123.73 44.209.123.73	14618 (AMAZON-AES) (AMAZON-AES)
1 1	64.58.232.176 64.58.232.176	13649 (ASN-VINS) (ASN-VINS)
1	64.58.232.177 64.58.232.177	13649 (ASN-VINS) (ASN-VINS)
3 4	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	104.118.9.133 104.118.9.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
2 2	2600:9000:20b... 2600:9000:20bc:9000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	34.204.34.148 34.204.34.148	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	18.214.193.123 18.214.193.123	14618 (AMAZON-AES) (AMAZON-AES)
1	54.236.238.142 54.236.238.142	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
161	59

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u19297077.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 45.60.44.204 (United States)

ASN19551 (INCAPSULA, US)

be.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4024:c01::61 (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.112.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mb-in-f148.1e100.net

6442125.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:1::71 (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:e800:138d::1931 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-66-68.yvr50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.46 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.65.49 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-65-49.deploy.static.akamaitechnologies.com

origin.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 45.60.196.96 (United States)

ASN19551 (INCAPSULA, US)

www.thehotelsnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.122.13 (Houston, United States) 2 redirects

ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.13.IPYX-141870-ZYO.zip.zayo.com

ciqtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.194.209.148 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: vg-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4024:c01::9c (Clarksville, United States) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4024:c02::9b (Clarksville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4024:c01::9a (Clarksville, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.67.160.137 (Brooklyn, United States) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 173.194.209.156 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: vg-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4024:c02::71 (Clarksville, United States) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1::65 (Clarksville, United States)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.60.241.22 (United States)

ASN19551 (INCAPSULA, US)

services-p1.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.51 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)

e.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.66.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-66-19.yvr50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.37 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.39.32.234 (Newark, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-32-234.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.219 (United States)

ASN33438 (STACKPATH, US)

cdn.getsmartcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.167.164.49 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.42 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.77.9.10 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-9-10.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.54.61.55 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-61-55.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.77.76 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-77-76.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.192.141 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-192-141.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.192 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.87.114 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.234 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.173.28.19 (Canada)

ASN13360 (TRITONDIGITAL, CA)

yield-op-idsync.live.streamtheworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.22.19 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-22-19.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e5:101::9002:c01 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.102.194 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.101.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-101-237.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.153.35 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-153-35.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.30.138 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-30-138.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.121.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.216 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.90.54.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-54-105.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.66.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-66-38.yvr50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.223.194.189 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-194-189.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.115.225 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-115-225.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.66.56 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-8-66-56.yvr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.209.123.73 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-123-73.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.176 (Dallas, United States) 1 redirects

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.177 (Dallas, United States)

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.98.65 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.118.9.133 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-9-133.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20bc:9000:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.246.49 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.34.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-34-148.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.193.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-193-123.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.238.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-238-142.compute-1.amazonaws.com

s.getsmartcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	synxis.com be.synxis.com — Cisco Umbrella Rank: 49314 services-p1.synxis.com — Cisco Umbrella Rank: 89905	1 MB
23	doubleclick.net 17 redirects 6442125.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 173 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	6 KB
20	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 5398 a2.adform.net — Cisco Umbrella Rank: 5290 c1.adform.net — Cisco Umbrella Rank: 582 dmp.adform.net — Cisco Umbrella Rank: 4100	42 KB
15	thehotelsnetwork.com www.thehotelsnetwork.com — Cisco Umbrella Rank: 37194	213 KB
11	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 analytics.google.com — Cisco Umbrella Rank: 385 fcmatch.google.com — Cisco Umbrella Rank: 2469 www.google.com — Cisco Umbrella Rank: 2	3 KB
9	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 426 ib.adnxs.com — Cisco Umbrella Rank: 209	8 KB
5	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 842	4 KB
5	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 341	3 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 376	12 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	343 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 479	5 KB
4	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 508	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	248 B
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 783	3 KB
4	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 4876 pixel.sojern.com — Cisco Umbrella Rank: 7689	2 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 400	762 B
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 1771	2 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3206	1 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 645 ice.360yield.com — Cisco Umbrella Rank: 1886	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	196 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 339	722 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 661	1 KB
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12884	809 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10258	527 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 693	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 197	2 KB
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 1956	382 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 714	840 B
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 471	478 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 321	489 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 926	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 280	489 B
2	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 2703	694 B
2	getsmartcontent.com cdn.getsmartcontent.com — Cisco Umbrella Rank: 24897 s.getsmartcontent.com — Cisco Umbrella Rank: 33374	39 KB
2	ciqtracking.com 2 redirects ciqtracking.com — Cisco Umbrella Rank: 10190	868 B
2	acuityplatform.com origin.acuityplatform.com — Cisco Umbrella Rank: 15991 e.acuityplatform.com — Cisco Umbrella Rank: 15683	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 625 script.hotjar.com — Cisco Umbrella Rank: 763	70 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 727	22 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 5496	1 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1146	120 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1668	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 21344	49 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1226	287 B
1	mookie1.com ib.mookie1.com — Cisco Umbrella Rank: 2204	421 B
1	ib-ibi.com 1 redirects global.ib-ibi.com — Cisco Umbrella Rank: 1751	499 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 434	648 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 18071	433 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 671	449 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 530	339 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 23402	406 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 355	1 KB
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 668	634 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1388	324 B
1	streamtheworld.com yield-op-idsync.live.streamtheworld.com — Cisco Umbrella Rank: 14606	491 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 679	639 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 544	664 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3970	522 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 16462	335 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 2503	525 B
1	sendgrid.net 1 redirects u19297077.ct.sendgrid.net	335 B
0	semasio.net Failed uipglob.semasio.net Failed
161	67

	Domain	Requested by
29	be.synxis.com	be.synxis.com
15	www.thehotelsnetwork.com	www.googletagmanager.com www.thehotelsnetwork.com
12	c1.adform.net	1 redirects a2.adform.net c1.adform.net
8	services-p1.synxis.com	be.synxis.com
8	ad.doubleclick.net	8 redirects
7	cm.g.doubleclick.net	7 redirects
6	secure.adnxs.com	3 redirects be.synxis.com c1.adform.net
6	adservice.google.com	1 redirects be.synxis.com 6442125.fls.doubleclick.net
5	pixel.mathtag.com	1 redirects a2.adform.net pixel.mathtag.com
5	match.adsrvr.org	5 redirects
5	bat.bing.com	www.googletagmanager.com bat.bing.com be.synxis.com
5	6442125.fls.doubleclick.net	2 redirects www.googletagmanager.com 6442125.fls.doubleclick.net
5	www.googletagmanager.com	be.synxis.com www.googletagmanager.com
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	tags.bluekai.com	1 redirects c1.adform.net
4	www.facebook.com	be.synxis.com
4	ct.pinterest.com	s.pinimg.com be.synxis.com
3	pixel.tapad.com	3 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	pixel.onaudience.com	3 redirects
3	a2.adform.net	1 redirects be.synxis.com s2.adform.net
3	ib.adnxs.com	3 redirects
3	pixel.sojern.com	be.synxis.com
3	connect.facebook.net	be.synxis.com connect.facebook.net
2	eb2.3lift.com	1 redirects c1.adform.net
2	s.ad.smaato.net	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	p.adsymptotic.com	1 redirects c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	rtb-csync.smartadserver.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	www.google.com	be.synxis.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	ciqtracking.com	2 redirects
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	js.sentry-cdn.com	www.thehotelsnetwork.com
1	s.getsmartcontent.com	cdn.getsmartcontent.com
1	e1.emxdgt.com	c1.adform.net
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	ice.360yield.com	1 redirects
1	ib.mookie1.com	c1.adform.net
1	global.ib-ibi.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	px.ads.linkedin.com	1 redirects
1	pippio.com	1 redirects
1	loadm.exelator.com	c1.adform.net
1	yield-op-idsync.live.streamtheworld.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	a1.seadform.net	be.synxis.com
1	cdn.getsmartcontent.com	be.synxis.com
1	script.hotjar.com	static.hotjar.com
1	e.acuityplatform.com	origin.acuityplatform.com
1	fcmatch.youtube.com	be.synxis.com
1	fcmatch.google.com	1 redirects
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	beacon.sojern.com	be.synxis.com
1	origin.acuityplatform.com	be.synxis.com
1	s2.adform.net	be.synxis.com
1	static.hotjar.com	www.googletagmanager.com
1	u19297077.ct.sendgrid.net	1 redirects
0	uipglob.semasio.net Failed	c1.adform.net
161	84

This site contains links to these domains. Also see Links.

Domain
www.granducaaustin.com
granducaaustin.com
pacifichospitality.snaphire.com
facebook.com
www.instagram.com
meritagecollection.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-10-31` - `2023-04-29`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-27` - `2022-11-25`	3 months	crt.sh
*.acuityplatform.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-27` - `2023-03-28`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-16` - `2023-01-16`	a year	crt.sh
*.thehotelsnetwork.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-11-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.getsmartcontent.com Go Daddy Secure Certificate Authority - G2	`2021-10-19` - `2022-11-20`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
bound360.com Amazon	`2022-06-13` - `2023-07-11`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
Frame ID: 9531DF44D1B052EB84CF9AC44A554818
Requests: 98 HTTP requests in this frame

Frame: https://6442125.fls.doubleclick.net/activityi;dc_pre=CLKLmP77t_sCFQpQwQodyr8ANg;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata
Frame ID: EDA04AA317E7C96301CD252663B938DF
Requests: 1 HTTP requests in this frame

Frame: https://6442125.fls.doubleclick.net/activityi;dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata
Frame ID: EBFA878AA98C6B6BB3366EAC37FA39E2
Requests: 1 HTTP requests in this frame

Frame: https://6442125.fls.doubleclick.net/ddm/fls/r/dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata
Frame ID: FD5DD0A37F437053BFDDE7F1C5204354
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLKLmP77t_sCFQpQwQodyr8ANg;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata
Frame ID: 6054CDC62564B02387609066CC1DA274
Requests: 1 HTTP requests in this frame

Frame: https://www.thehotelsnetwork.com/widget/core/latest/hub/
Frame ID: DC4E147F923E45E7EDAC049DB68B7CB8
Requests: 3 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=2297146&lid=89292847&ctype=0&media=0&PageName=Retargeting&rnd=1315326959&cpref=https%3a%2f%2fbe.synxis.com%2f%3fHotel%3d34600%26Chain%3d15889%26promo%3dPROVAT%26utm_source%3dcendyn%26utm_medium%3demail%26utm_campaign%3dintroducing_hotel_viata&loc=https%3a%2f%2fbe.synxis.com%2f%3fadult%3d1%26arrive%3d2022-11-18%26chain%3d15889%26child%3d0%26currency%3dUSD%26depart%3d2022-11-19
Frame ID: 48DDDEC0778FD83040260E22542CFD5F
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Frame ID: E9B96833639931B2212B8A3A1163DA04
Requests: 46 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=64686377-9a69-4000-8b0c-78c0707c2194&no_iframe=1&mt_adid=205745&source=mathtag
Frame ID: A2835175638F231893E320C2982A3584
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hotel Viata - Reservations - Room Availability

Page URL History Show full URLs

https://u19297077.ct.sendgrid.net/ls/click?upn=PZRC-2FNAwHO7caUOolybe2nknqRYexHOJAKEHtfBjdZRKctv1BswezhZTgynmd... HTTP 302
https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm... Page URL
https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

161
Requests

75 %
HTTPS

20 %
IPv6

67
Domains

84
Subdomains

59
IPs

8
Countries

2482 kB
Transfer

9947 kB
Size

120
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.granducaaustin.com/

Search URL Search Domain Scan URL

URL: http://www.granducaaustin.com/
Title: www.granducaaustin.com

Search URL Search Domain Scan URL

URL: https://granducaaustin.com/

Search URL Search Domain Scan URL

URL: https://granducaaustin.com/en/contact.html
Title: reservations@granducaaustin.com

Search URL Search Domain Scan URL

URL: https://pacifichospitality.snaphire.com/search?search=cvid-gY7V8
Title: CAREERS

Search URL Search Domain Scan URL

URL: https://facebook.com/HotelGranducaAustin
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hotelgranducaaustin/
Title: instagram

Search URL Search Domain Scan URL

URL: https://meritagecollection.com/terms-service
Title: Legal Notice

Search URL Search Domain Scan URL

URL: https://meritagecollection.com/index.php?cID=189
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u19297077.ct.sendgrid.net/ls/click?upn=PZRC-2FNAwHO7caUOolybe2nknqRYexHOJAKEHtfBjdZRKctv1BswezhZTgynmdeOijTzvBe-2F0iU08fgTPpUQVi2JTnzyaT-2BNcjAX5GEvQdqqDuAgUZDRnq6Ty-2BAYTbrifB7xS8gRTa1ukJYbZ0WWBfrN6xWmlJsnDyb7sh-2Bug6IyNq-2FkJnbLwv-2ByhEC3IP6GX_GN8_XapfA5MgDUbiLb4T9Ual3sZ4HEiZx8TT9QD-2BDEfIy-2B5PdmkxZ5L4wl3zEBg78LzA2mWD9Xu5Qmmsb-2Fe0c1fKN17GDYXr-2FpC4ts1GTgXAkSGhIy7CttWjlLAzxWIomWLQ8j5Guck8ut1UweOnCv0GZcdbkMT64lf-2B0KWCpELneDyz3Ttlc7GBQhqagUuXTpEwcHOKVc2M2OqsoXCfNN12ZoCokjMrGBhMguRpa2F9pb2gbRmiQmdn0vgUNLnjM9u-2BueeBBqkH5wNzPOfDRM-2Bh8Rc2mA-2FwmOuZg3ekNtCaPVtGokyPeabOswjQMyGtJ5SwHkbrvS7WsifNZFFpapgWctffEDhMKvBY7BKkTuOUt-2B4nS-2BnrcieLEm2WWWkNa3-2FI7bQkgAuASzoLvkQGG9gvE-2FBK-2FQu8kzkc6Kt31S1b-2Bk5RG-2FZdCtK68SRAwZ3Q2SLaaGixaE9KhKKGZ1BH-2FQuYzhUDpuJxWzy8XElIl38B4cw2XFjnRsuajlPWLTVtlFWKStkmOUM8lLPdmJLWvPFz-2Bi29qc-2BLUhCTSIxOia6dXI5eVhXCXsVt-2FZwgG7GtWKQqTXykNaeoNn3DKJX4FXs-2B8Q-3D-3D HTTP 302
https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata Page URL
https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u19297077.ct.sendgrid.net/ls/click?upn=PZRC-2FNAwHO7caUOolybe2nknqRYexHOJAKEHtfBjdZRKctv1BswezhZTgynmdeOijTzvBe-2F0iU08fgTPpUQVi2JTnzyaT-2BNcjAX5GEvQdqqDuAgUZDRnq6Ty-2BAYTbrifB7xS8gRTa1ukJYbZ0WWBfrN6xWmlJsnDyb7sh-2Bug6IyNq-2FkJnbLwv-2ByhEC3IP6GX_GN8_XapfA5MgDUbiLb4T9Ual3sZ4HEiZx8TT9QD-2BDEfIy-2B5PdmkxZ5L4wl3zEBg78LzA2mWD9Xu5Qmmsb-2Fe0c1fKN17GDYXr-2FpC4ts1GTgXAkSGhIy7CttWjlLAzxWIomWLQ8j5Guck8ut1UweOnCv0GZcdbkMT64lf-2B0KWCpELneDyz3Ttlc7GBQhqagUuXTpEwcHOKVc2M2OqsoXCfNN12ZoCokjMrGBhMguRpa2F9pb2gbRmiQmdn0vgUNLnjM9u-2BueeBBqkH5wNzPOfDRM-2Bh8Rc2mA-2FwmOuZg3ekNtCaPVtGokyPeabOswjQMyGtJ5SwHkbrvS7WsifNZFFpapgWctffEDhMKvBY7BKkTuOUt-2B4nS-2BnrcieLEm2WWWkNa3-2FI7bQkgAuASzoLvkQGG9gvE-2FBK-2FQu8kzkc6Kt31S1b-2Bk5RG-2FZdCtK68SRAwZ3Q2SLaaGixaE9KhKKGZ1BH-2FQuYzhUDpuJxWzy8XElIl38B4cw2XFjnRsuajlPWLTVtlFWKStkmOUM8lLPdmJLWvPFz-2Bi29qc-2BLUhCTSIxOia6dXI5eVhXCXsVt-2FZwgG7GtWKQqTXykNaeoNn3DKJX4FXs-2B8Q-3D-3D HTTP 302
https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Request Chain 18

https://6442125.fls.doubleclick.net/activityi;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata HTTP 302
https://6442125.fls.doubleclick.net/activityi;dc_pre=CLKLmP77t_sCFQpQwQodyr8ANg;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata

Request Chain 22

https://6442125.fls.doubleclick.net/activityi;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata HTTP 302
https://6442125.fls.doubleclick.net/activityi;dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata

Request Chain 31

https://ciqtracking.com/p/v/1/624b1122f8708104e67e2aee/format/img HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11917618;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11917618;dc_pre=CM23zv77t_sCFQVqYgodS2oK8g;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=11917618;dc_pre=CM23zv77t_sCFQVqYgodS2oK8g;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Request Chain 40

https://ad.doubleclick.net/ddm/activity/src=8943966;type=homep0;cat=hotel0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u19=34600;u20=Hotel%2BGranduca%2BAustin;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8943966;dc_pre=CO-Xrf77t_sCFZVQYgodIr8A0g;type=homep0;cat=hotel0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u19=34600;u20=Hotel%2BGranduca%2BAustin;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=8943966;dc_pre=CO-Xrf77t_sCFZVQYgodIr8A0g;type=homep0;cat=hotel0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u19=34600;u20=Hotel%2BGranduca%2BAustin;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

Request Chain 41

https://secure.adnxs.com/px?id=1330460&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1330460%26t%3D1

Request Chain 42

https://secure.adnxs.com/seg?add=23313799&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23313799%26t%3D1

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=v_wCBsVRcXYm12BBZz8cAQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH&sjrn_ula=708480342 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=v_wCBsVRcXYm12BBZz8cAQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH&sjrn_ula=708480342&google_tc= HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH&sjrn_ula=708480342&google_gid=CAESEOG28KmFGow2bgMU7C0A9ik&google_cver=1

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_hm=v_wCBsVRcXYm12BBZz8cAQ&google_nid=sojern_adh HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=v_wCBsVRcXYm12BBZz8cAQ&google_nid=sojern_adh&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoqHSBnrby_1zjGoQB6mQEDP0yS0-Hv1lGofsJd2GH0Db9n-e8nxvPuTZraeHbC-7hjMLOhNY-SkzMauqpYUklOj-N9UNclflCrdh1S8c0oi6U-Flug HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqHSBnrby_1zjGoQB6mQEDP0yS0-Hv1lGofsJd2GH0Db9n-e8nxvPuTZraeHbC-7hjMLOhNY-SkzMauqpYUklOj-N9UNclflCrdh1S8c0oi6U-Flug

Request Chain 45

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DLGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH HTTP 302
https://pixel.sojern.com/idsync/apn?id=8860224511821628764&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH

Request Chain 46

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=ad15f4db-83ec-4c65-a401-e5239affa47d&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH

Request Chain 47

https://ad.doubleclick.net/ddm/activity/src=6227722;type=sales;cat=merit002;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6227722;dc_pre=CIKXr_77t_sCFYVYYgodmAALGQ;type=sales;cat=merit002;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=6227722;dc_pre=CIKXr_77t_sCFYVYYgodmAALGQ;type=sales;cat=merit002;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]

Request Chain 63

https://adservice.google.com/ddm/fls/i/dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata HTTP 302
https://6442125.fls.doubleclick.net/ddm/fls/r/dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata

Request Chain 71

https://a2.adform.net/Serving/TrackPoint/?pm=2297146&ADFPageName=Retargeting&ADFdivider=%7C&ord=192636137964&ADFtpmode=2&loc=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19&CPref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2297146&ADFPageName=Retargeting&ADFdivider=%7C&ord=192636137964&ADFtpmode=2&loc=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19&CPref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 81

https://ciqtracking.com/p/v/1/624b1122f8708104e67e2aee/format/img HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11917618;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11917618;dc_pre=CPuD6_77t_sCFcuCYgodZGoIrQ;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=11917618;dc_pre=CPuD6_77t_sCFcuCYgodZGoIrQ;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Request Chain 98

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2680738296644665233&Expiration=1669992297 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2680738296644665233&Expiration=1669992297

Request Chain 101

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2680738296644665233&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2680738296644665233&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=80428e1b49e8406aba9e607d6edc7e3f HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=5f2f33bed8f923f28513104fbe9ab048a50dc033a4b4d03697c8ddf64c723c83

Request Chain 102

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2680738296644665233&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=3550745198812263425

Request Chain 103

https://ups.analytics.yahoo.com/ups/55944/sync?uid=2680738296644665233&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2680738296644665233&_origin=1&verify=true

Request Chain 105

https://x.bidswitch.net/sync?dsp_id=70&user_id=2680738296644665233 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2680738296644665233 HTTP 302
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=460e10d6-713b-4b44-8f9c-e630ffca875b&stn=

Request Chain 106

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2680738296644665233&expiration=1669992297 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2680738296644665233&expiration=1669992297&C=1

Request Chain 108

https://ps.eyeota.net/match?uid=2680738296644665233&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=2680738296644665233&bid=9gdtmu1

Request Chain 110

https://idsync.rlcdn.com/398366.gif?partner_uid=2680738296644665233 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMjY4MDczODI5NjY0NDY2NTIzMxAAGg0I6bTemwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=346517aff16fcc5739e20e3e0316fdd2dfb8b4a1e91ae23e8675325b3b35f29a791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=346517aff16fcc5739e20e3e0316fdd2dfb8b4a1e91ae23e8675325b3b35f29a791426b5417dce21&rand=06131373 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=346517aff16fcc5739e20e3e0316fdd2dfb8b4a1e91ae23e8675325b3b35f29a791426b5417dce21&_pu HTTP 302
https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=346517aff16fcc5739e20e3e0316fdd2dfb8b4a1e91ae23e8675325b3b35f29a791426b5417dce21&_pu&_expected_cookie=6c1254ee765d7a5b2aa5934c87d9dc7a

Request Chain 111

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2680738296644665233/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2680738296644665233/gdpr=/gdpr_consent=

Request Chain 113

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2680738296644665233 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2680738296644665233

Request Chain 114

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 115

https://pixel.onaudience.com/?mapped=2680738296644665233&partner=68 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=ad15f4db-83ec-4c65-a401-e5239affa47d&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=b688776bee0c738d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=TWoxQUJSSGQ5OWV3QVU1TQ%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESECBFxbbbgqRq_kr0i7deYrE&google_cver=1

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjY4MDczODI5NjY0NDY2NTIzMw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENExP-rcZ65Bkcx0lrjAErg&google_cver=1&google_ula=1641347,0

Request Chain 118

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=8860224511821628764&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=2680738296644665233

Request Chain 122

https://a.audrte.com/a?adform_uid=2680738296644665233 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEPyag3c3So8dLWNhQnru_L4&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 123

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2680738296644665233&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2680738296644665233&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=70630578269762526561605539168187497121&noredirect=1

Request Chain 124

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2680738296644665233 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=209450804339004018227

Request Chain 125

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7167367116339083417

Request Chain 127

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=64686377-9a69-4000-8b0c-78c0707c2194

Request Chain 128

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=0pwmYQ021OW2BZ5

Request Chain 129

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=ad15f4db-83ec-4c65-a401-e5239affa47d

Request Chain 130

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2680738296644665233 HTTP 302
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=2680738296644665233

Request Chain 131

https://id5-sync.com/s/10/0.gif?puid=2680738296644665233 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=2680738296644665233&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO7e6ID7Xai9ZQ5KkgVZwNxRJ2dKHM6zZpADp5Pw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=23536612-36f8-4cca-ab7e-1bd0e8292e10&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/0/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/0/3.gif?puid=8860224511821628764&gdpr=0&gdpr_consent=

Request Chain 132

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=249171371 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=ufd4Y4YAQ//s8L4jc5Nzge

Request Chain 134

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2680738296644665233 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2680738296644665233&cs=1

Request Chain 135

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2680738296644665233 HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2680738296644665233&cookieCheck=1 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=f0bbaa23

Request Chain 136

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2680738296644665233&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2680738296644665233&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5217731b-986a-44d0-8917-5e19ea99bf55%252Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253D2007%2526cid%253D5217731b-986a-44d0-8917-5e19ea99bf55&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ad15f4db-83ec-4c65-a401-e5239affa47d&ttd_puid=5217731b-986a-44d0-8917-5e19ea99bf55%2Chttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D2007%26cid%3D5217731b-986a-44d0-8917-5e19ea99bf55 HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=5217731b-986a-44d0-8917-5e19ea99bf55

Request Chain 139

https://eb2.3lift.com/xuid?mid=7354&xuid=2680738296644665233&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2680738296644665233&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

161 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
be.synxis.com/
Redirect Chain

https://u19297077.ct.sendgrid.net/ls/click?upn=PZRC-2FNAwHO7caUOolybe2nknqRYexHOJAKEHtfBjdZRKctv1BswezhZTgynmdeOijTzvBe-2F0iU08fgTPpUQVi2JTnzyaT-2BNcjAX5GEvQdqqDuAgUZDRnq6Ty-2BAYTbrifB7xS8gRTa1ukJY...
https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

212 B
591 B

177ms
55ms

Document
text/html

45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 212
content-type: text/html
strict-transport-security: max-age=31536000
x-iinfo: 17-42504739-0 0NNN RT(1668782692686 60) q(0 -1 -1 1) r(0 -1) B10(4,314,0) U18

Redirect headers

Connection: keep-alive
Content-Length: 174
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Nov 2022 14:44:52 GMT
Location: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 _Incapsula_Resource Show response
be.synxis.com/ 176 KB
25 KB 59ms
59ms Script
application/javascript 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

86dce085c3aa9befe24e633c166eca600aaad91c0d70d66a382cf10d7667520b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 25886
content-type: application/javascript

GET
H2 200 _Incapsula_Resource
be.synxis.com/ 29 B
57 B 59ms
58ms XHR
application/javascript 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/_Incapsula_Resource?SWHANEDL=1901222414056148191,7724348950426496151,13311176117599371646,203608

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 29
content-type: application/javascript

GET
H2 200 Primary Request / Show response
be.synxis.com/ 383 KB
81 KB 765ms
765ms Document
text/html 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

86e334b15974d71d0d0aa6b2d08eb776acd2dbf5b76891bfd1359acb6c1159ac

Security Headers

Name	Value
Content-Security-Policy	img-src data: ; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: ; media-src ; script-src 'strict-dynamic' 'nonce-AAYTnmf9c0Gi+nGrjow6fQ==' 'unsafe-inline' 'unsafe-eval' 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com https://.thehotelsnetwork.com https://.mathtag.com https://www.thehotelsnetwork.com https://.adform.net https://.getsmartcontent.com s.getsmartcontent.com https://.pinterest.com; default-src 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com https://.thehotelsnetwork.com https://.mathtag.com https://www.thehotelsnetwork.com https://.adform.net https://.getsmartcontent.com s.getsmartcontent.com https://*.pinterest.com; report-uri /reports?hid=34600&cid=15889&sid=qEKKGamzBRJqsbSVGCrOdkE8
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-security-policy: img-src data: *; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: *; media-src *; script-src 'strict-dynamic' 'nonce-AAYTnmf9c0Gi+nGrjow6fQ==' 'unsafe-inline' 'unsafe-eval' 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.gatag.it gatag.it *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io *.sabre-gcp.com *.sabre-gcp.com:3000 *.sabre-gcp.com:3001 *.sabre-gcp.com:3002 *.sabrecirrus.com https://*.thehotelsnetwork.com https://*.mathtag.com https://www.thehotelsnetwork.com https://*.adform.net https://*.getsmartcontent.com s.getsmartcontent.com https://*.pinterest.com; default-src 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.gatag.it gatag.it *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io *.sabre-gcp.com *.sabre-gcp.com:3000 *.sabre-gcp.com:3001 *.sabre-gcp.com:3002 *.sabrecirrus.com https://*.thehotelsnetwork.com https://*.mathtag.com https://www.thehotelsnetwork.com https://*.adform.net https://*.getsmartcontent.com s.getsmartcontent.com https://*.pinterest.com; report-uri /reports?hid=34600&cid=15889&sid=qEKKGamzBRJqsbSVGCrOdkE8
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 14:44:53 GMT
link: </public/js/font-spark-icon-fill.woff2>; rel=preload; as=font; type=font/woff2; crossOrigin=anonymous, </public/js/font-spark-icon-line.woff2>; rel=preload; as=font; type=font/woff2; crossOrigin=anonymous, </public/js/client.js>; rel=preload; as=script, </public/js/modules-main.js>; rel=preload; as=script,
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 17-42504739-42504812 NNNN CT(87 90 0) RT(1668782692686 335) q(0 0 2 -1) r(7 7) U12

GET
H2 200 _Incapsula_Resource
be.synxis.com/ 1 B
90 B 54ms
54ms Image
text/plain 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be.synxis.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7422601335459056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET _Incapsula_Resource
be.synxis.com/ 0
0

GET
H2 200 font-spark-icon-fill.woff2
be.synxis.com/public/js/ 30 KB
31 KB 304ms
303ms Font
font/woff2 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/font-spark-icon-fill.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
Origin: https://be.synxis.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 04 Nov 2022 16:35:33 GMT
x-cdn: Imperva
etag: W/"792c-184437f6408"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-iinfo: 17-42504739-42505042 NNNN CT(83 89 0) RT(1668782692686 1086) q(0 0 2 -1) r(3 3) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 31020

GET
H2 200 font-spark-icon-line.woff2
be.synxis.com/public/js/ 39 KB
39 KB 546ms
545ms Font
font/woff2 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/font-spark-icon-line.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
Origin: https://be.synxis.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 04 Nov 2022 16:35:33 GMT
x-cdn: Imperva
etag: W/"9a0c-184437f6408"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-iinfo: 17-42504739-42505044 NNNN CT(90 87 0) RT(1668782692686 1088) q(0 0 2 -1) r(4 5) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 39436

GET
H2 200 client.js Show response
be.synxis.com/public/js/ 3 MB
372 KB 376ms
375ms Script
application/javascript 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4b8de0156deb52d8d6dabdc2245346e2591a3ecf4066ba02da11b7164b3b5d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Fri, 04 Nov 2022 16:35:33 GMT
x-cdn: Imperva
etag: W/"5ce28-184437f6408"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 17-42504739-42505046 NNNN CT(80 82 0) RT(1668782692686 1092) q(0 0 2 -1) r(3 4) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 380456

GET
H2 200 modules-main.js Show response
be.synxis.com/public/js/ 2 MB
432 KB 423ms
422ms Script
application/javascript 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/modules-main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

352c3640215602f401e5dde675a96c5c7c836be2d57b084cdcc13464baff6496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Fri, 04 Nov 2022 16:35:33 GMT
x-cdn: Imperva
etag: W/"6bd7c-184437f6408"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 17-42504739-42505049 NNNN CT(85 85 0) RT(1668782692686 1099) q(0 0 2 -1) r(3 4) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 441724

GET
H2 200 Dosis-Medium.woff
be.synxis.com/shs-bedesigner-services/assets/chain/15889/hotel/34600/fileStorage/font/ 60 KB
60 KB 238ms
237ms Font
application/octet-stream 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/shs-bedesigner-services/assets/chain/15889/hotel/34600/fileStorage/font/Dosis-Medium.woff

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

cbd70a9ca47bd457c401ea22888574eb92dc660fda370f3b0b3fc1d025a02448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
Origin: https://be.synxis.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
x-cdn: Imperva
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://be.synxis.com
x-iinfo: 17-42504739-42504061 2NNN RT(1668782692686 1175) q(0 0 0 -1) r(2 2) U12
access-control-allow-credentials: true
content-disposition: inline
content-length: 61000

POST
H2 200 reports
be.synxis.com/ 2 KB
903 B 460ms
459ms Other
application/json 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=34600&cid=15889&sid=qEKKGamzBRJqsbSVGCrOdkE8

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8aca967286dc1c6f71070ab93ff966749bc8b5b8423f79ca987aefa7e28692f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cdn: Imperva
etag: W/"8bb-a8L3M2OdDjgziQ1AKVFkXJ3+8eE"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 17-42504739-42504812 PNYN RT(1668782692686 1176) q(0 3 3 -1) r(4 4) U6

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 282 KB
79 KB 293ms
101ms Script
application/javascript 2607:f8b0:4024:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::61 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f24482587b5d134eae0e7875f801e12603d01cf85c8c7f6fb8d4d72ea81169f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80739
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Nov 2022 14:44:54 GMT

POST
H2 200 getProductAvailability Show response
be.synxis.com/gw/product/v1/ 31 KB
6 KB 727ms
726ms XHR
application/json 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/product/v1/getProductAvailability

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

1d542afada9845d2b8725f896c65dfa460bc9af28cbc35cb542acf2124efcca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

ActivityID: qEKKGamzBRJqsbSVGCrOdkE8
x-business-context: BE
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
context: BE
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

content-encoding: gzip
x-cdn: Imperva
accept-language: en-US,en;q=0.9
x-api-session: MDAxMjF-MVFtTTkvbVl5KzJhN0NNRXlFTUxmcVhmcTBEK2RBRHVseUdUbjJYa1ViSXNPeDFZL3l6ZzQ3aFV6aklmZEJXTDlDRDhPRys3NjlZV3o0QXBDdjZianFCV3RLcWUrbWVNU0paaXdRL3AvOUtwek5xMkd0aFdDR2dQZCt4ZlFsTWIxck5Qa2VTbklwSnJ0WFBXYlpwSnl2M3BSREM1ZDV0QS9MRVBiQUh2cEh1K3NkaDlzbFp1Z0ZVOHFYSGJib3E0MWdOYWh5Z2VWck1TVTdMZWRHNkhQM2Zhd3ZTUzgzdHgvVG9reDhweHZxT1hCbDZNbXB6SUEwSXZnY05sTE93c0JqZkFHK0FLZnpLN2dVaVAyZk1XVlpONGlpd3N1RFIzcWV6YTJQQVBsZmd1TVRDdGo3VlNGRUh4WGQyRzc3VjY
x-iinfo: 17-42504739-42505042 PNNN RT(1668782692686 1224) q(0 2 2 -1) r(5 5) U6
cdn-loop: IncapCDN; id="1704_1215874"
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-63779a66-51af764d1c23114c44084bbf
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
activityid: qEKKGamzBRJqsbSVGCrOdkE8
cache-control: no-cache
referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
context: BE
sec-fetch-mode: cors
date: Fri, 18 Nov 2022 14:44:54 GMT
message-id: vpmhwqy6h
origin: https://be.synxis.com
x-content-type-options: nosniff
via: 1.1 google, 1.1 google, 1.1 google
x-real-ip: 10.123.76.165
strict-transport-security: max-age=31536000
x-forwarded-for: 38.132.118.74, 198.143.41.46, 10.123.76.165,10.30.3.22,10.30.0.237
x-forwarded-proto: https
content-length: 4427
true-client-ip: 38.132.118.74
x-business-context: BE
incap-proxy-1704: OK
server: nginx
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: ymz20tucm
x-forwarded-port: 443
app-env: p1

GET
H2 200 customization.css
be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/customization/ 6 KB
6 KB 333ms
332ms Stylesheet
text/plain 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/customization/customization.css

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

33a0da775b44d1aa97d0fb2e734c30b49c6daa15b2fae9a1abb916be6ba09f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
x-cdn: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
x-iinfo: 17-42504739-42498905 2NNN RT(1668782692686 1225) q(0 0 0 -1) r(2 2) U12
access-control-allow-credentials: true
content-disposition: inline
content-length: 6271

GET
H2 404 logo.png
be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/image/ 737 B
737 B 388ms
387ms Image
text/html 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/image/logo.png

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4a146cc02fbd444d08f650135687a3dc5c28bf10154770012b411540649ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
via: 1.1 google
content-encoding: gzip
strict-transport-security: max-age=31536000
server: nginx
x-cdn: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-language: en
access-control-allow-origin: *
x-iinfo: 17-42504739-42505192 2NYN RT(1668782692686 1571) q(0 0 0 -1) r(0 2) U11
content-type: text/html;charset=utf-8
access-control-allow-credentials: true

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
98 KB 474ms
283ms Script
application/javascript 2607:f8b0:4024:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSZ4PM6

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::61 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

044816a5ecc3309b1341bf0e1708c389a93ae158aa93e3a9e42deca79204c0ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100235
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Nov 2022 14:44:54 GMT

GET
H2 200 fontello.woff
be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/font/ 11 KB
12 KB 368ms
367ms Font
application/octet-stream 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/font/fontello.woff

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/customization/customization.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

c584451908595166aaffaef5b0f8a4e9d2bfae529fe87bcf02b7c5021cbd848a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/customization/customization.css
Origin: https://be.synxis.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:54 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
x-cdn: Imperva
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://be.synxis.com
x-iinfo: 17-42504739-42505194 2NNN RT(1668782692686 1594) q(0 0 0 -1) r(0 3) U12
access-control-allow-credentials: true
content-disposition: inline
content-length: 11448

GET
H2 200 vendors-en.js Show response
be.synxis.com/public/js/ 32 KB
4 KB 303ms
302ms Script
application/javascript 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/vendors-en.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

db7be24fde74d59fec5a71745aa5db773bd458b1705427e1b1aac11beedaa463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Fri, 04 Nov 2022 16:35:33 GMT
x-cdn: Imperva
etag: W/"ff7-184437f6408"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 17-42504739-42505049 PNNN RT(1668782692686 2428) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4087

GET
H3

200

activityi;dc_pre=CLKLmP77t_sCFQpQwQodyr8ANg;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Cha... Show response
6442125.fls.doubleclick.net/ Frame EDA0
Redirect Chain

https://6442125.fls.doubleclick.net/activityi;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26C...
https://6442125.fls.doubleclick.net/activityi;dc_pre=CLKLmP77t_sCFQpQwQodyr8ANg;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe...

613 B
377 B

221ms
85ms

Document
text/html

172.253.112.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6442125.fls.doubleclick.net/activityi;dc_pre=CLKLmP77t_sCFQpQwQodyr8ANg;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZ4PM6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.112.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mb-in-f148.1e100.net

Software

cafe /

Resource Hash

c86dddca424e07bb7938f00f2daabfb29cdd77b25d05c8ffcc196e679889d8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 14:44:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 14:44:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6442125.fls.doubleclick.net/activityi;dc_pre=CLKLmP77t_sCFQpQwQodyr8ANg;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 177ms
75ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZ4PM6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 18 Nov 2022 14:44:55 GMT
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B7479C0CDAC24CEBBD72F7BB75BF6F5B Ref B: MIAEDGE1409 Ref C: 2022-11-18T14:44:55Z
etag: "077538f81f4d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11421

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 301ms
102ms Script
text/javascript 2607:f8b0:4023:1::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZ4PM6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::71 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 18 Nov 2022 13:05:16 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5979
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 18 Nov 2022 15:05:16 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 374ms
113ms Script
application/javascript 2600:141b:e800:138d::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZ4PM6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:138d::1931 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "8d9d0550c915347e312e24f00d311e50"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H3

200

activityi;dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Cha... Show response
6442125.fls.doubleclick.net/ Frame EBFA
Redirect Chain

https://6442125.fls.doubleclick.net/activityi;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26C...
https://6442125.fls.doubleclick.net/activityi;dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe...

613 B
378 B

209ms
76ms

Document
text/html

172.253.112.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6442125.fls.doubleclick.net/activityi;dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZ4PM6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.112.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mb-in-f148.1e100.net

Software

cafe /

Resource Hash

737207b3f9d5964d047c456f928b24587352e1c808283bca69aaabd3d70ad52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 353
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 14:44:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 14:44:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6442125.fls.doubleclick.net/activityi;dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-3216674.js Show response
static.hotjar.com/c/ 4 KB
2 KB 533ms
265ms Script
application/javascript 65.8.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3216674.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZ4PM6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.8.66.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-8-66-68.yvr50.r.cloudfront.net

Software

Resource Hash

30a5db51ab0db88ff7e0e5297bdbb5792996ec8e017e1ff4c6a79d36b7c1a6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 18 Nov 2022 14:44:55 GMT
via: 1.1 491f87c907b27362e04dc63423010b42.cloudfront.net (CloudFront)
x-amz-cf-pop: YVR50-C1
etag: W/a62299a490d1205d0d4b4452e1caa160
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: csEVxqT6xrz1A8Mwxtrsg-N29Ej1LHu6JDlFI5tVQQBJQznoausr8g==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 78 KB
30 KB 571ms
204ms Script
application/javascript 185.167.164.46
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.46 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 45e0091e57ff659d0fe0711a43960d08bd5cf99b6f83e88eafa390fa6770192c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:55 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 12:23:24 GMT
server: nginx
x-amz-request-id: tx00000af626e7310fb8754-0063766325-32940f80-default
etag: W/"4cb8e818a3c8dda5fd80d6d9a55d958d"
x-cache-status: HIT, EXPIRED, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 256ms
82ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 18 Nov 2022 14:44:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: K+dCwRGbB56WJtcN95vSd5x1GMDZI9MR1B3HivUgMlv98cxRcydqRMj6IuL8a/ct5CtWfac8ArVE0Vn34FU/Pg==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK pixel.js Show response
origin.acuityplatform.com/event/v2/ 2 KB
3 KB 325ms
98ms Script
application/javascript 104.64.65.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.acuityplatform.com/event/v2/pixel.js
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.65.49 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-65-49.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: 4b9913a8df57284cba7ad6c9b7dc1dc03a847d2f743e5907d6e0dfccf31913d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 14:44:55 GMT
Last-Modified: Fri, 11 Nov 2022 08:34:48 GMT
Server: nginx/1.14.0
ETag: "636e0928-924"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2340

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 117ms
115ms Script
application/javascript 2607:f8b0:4024:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-728919214

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZ4PM6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::61 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

903885778d378f84ecfa7ffe4be9a87ee6f912ea1454bd55b12accd541ad5096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53050
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Nov 2022 14:44:55 GMT

GET
H2 200 258 Show response
beacon.sojern.com/pixel/cp/ 5 KB
1 KB 184ms
64ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/258?f_v=cp_v3_js&p_v=1&hpr=Hotel%20Granduca%20Austin&hpid=34600&sha256_eml=&sha1_eml=&md5_eml=&ccid=&pt=HOME_PAGE&et=
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 4690ae024e3b6573bc811b56c2be33a3ba8529fd245c38a94370c791ae3f0559

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:55 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 951

GET
H2 200 loader.js Show response
www.thehotelsnetwork.com/js/ 21 KB
9 KB 308ms
183ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/js/loader.js?property_id=1027586&account_key=7CB5E1BFAB748019CEFBEECD7D4FAA57

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZ4PM6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9740fa0451e55af3ae2349657629b8be40602b865ee806d22c4cba9de2951adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:55 GMT
content-encoding: gzip
via: 1.1 3088559317e5c464292d9249b963bdb8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: MIA3-C4
x-cache: Miss from cloudfront
x-iinfo: 12-81040108-81040117 NNNN CT(1 8 0) RT(1668782694810 56) q(0 0 0 0) r(0 1) U5
pragma: no-cache
last-modified: Fri, 18 Nov 2022 13:43:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: max-age=7200
access-control-allow-credentials: true
x-amz-cf-id: XMw8V6DvoyydxtXGZs0XMYRONbfOUq4D6IYlLRPyIIpLh6MaSp-ZzQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 134ms
133ms Script
application/javascript 2607:f8b0:4024:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S88L4NG5L2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZ4PM6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::61 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10a913f4266b6467a6b10afe6b7758ed4e17629a1079d1267c26ddeb28e65b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Nov 2022 14:44:55 GMT

GET
H3

200

src=11917618;dc_pre=CM23zv77t_sCFQVqYgodS2oK8g;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ciqtracking.com/p/v/1/624b1122f8708104e67e2aee/format/img?
https://ad.doubleclick.net/ddm/activity/src=11917618;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?
https://ad.doubleclick.net/ddm/activity/src=11917618;dc_pre=CM23zv77t_sCFQVqYgodS2oK8g;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...
https://adservice.google.com/ddm/fls/z/src=11917618;dc_pre=CM23zv77t_sCFQVqYgodS2oK8g;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...

42 B
63 B

381ms
162ms

Image
image/gif

2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11917618;dc_pre=CM23zv77t_sCFQVqYgodS2oK8g;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn

Protocol

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=11917618;dc_pre=CM23zv77t_sCFQVqYgodS2oK8g;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/728919214/ 2 KB
2 KB 256ms
89ms Script
text/javascript 2607:f8b0:4024:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/728919214/?random=1668782695489&cv=11&fst=1668782695489&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&ref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&auid=1285635382.1668782695&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-728919214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee8f8948f773c32e7e0c035cb6bbd305f0794e9c161c6b643eb8b3ff24f800da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 935
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 118ms
118ms Script
application/javascript 2607:f8b0:4024:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=HA-75&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::61 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81bf2d77e05749298ee05721739ec2efbcc99d6885011c9852b795e7e9c20a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39556
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Nov 2022 14:44:55 GMT

GET
H2 204 13006875.js Show response
bat.bing.com/p/action/ 0
117 B 78ms
77ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13006875.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 18 Nov 2022 14:44:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D7F7084B34304A2DB956765B9471C200 Ref B: MIAEDGE1409 Ref C: 2022-11-18T14:44:55Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 160ms
160ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13006875&Ver=2&mid=9262c93c-b7d2-4280-8c2a-3839972306ee&sid=913d4fe0674f11ed82ed6302bbff259d&vid=913d8460674f11edb82ed702c3ae7a49&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&r=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&lt=2113&evt=pageLoad&sv=1&rn=963594

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Nov 2022 14:44:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C3AE34C744344D1DAFB8C4E86F927B5F Ref B: MIAEDGE1409 Ref C: 2022-11-18T14:44:55Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 23006734.js Show response
bat.bing.com/p/action/ 0
118 B 159ms
159ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/23006734.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 18 Nov 2022 14:44:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A9FAFA82F3E4400683A7339A5ACD3CD4 Ref B: MIAEDGE1409 Ref C: 2022-11-18T14:44:55Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
120 B 156ms
155ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=23006734&tm=gtm002&Ver=2&mid=534c4776-ad69-4ecb-a548-ab0e55a78d4a&sid=913d4fe0674f11ed82ed6302bbff259d&vid=913d8460674f11edb82ed702c3ae7a49&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&r=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&lt=2113&evt=pageLoad&sv=1&rn=44675

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Nov 2022 14:44:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 11AEB91A7B6C4E9280B585C68076A4AD Ref B: MIAEDGE1409 Ref C: 2022-11-18T14:44:55Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
336 B 265ms
88ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-S88L4NG5L2&gtm=2oeb90&_p=1949089859&_gaz=1&cid=904011730.1668782696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668782695&sct=1&seg=0&dl=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&dr=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S88L4NG5L2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
345 B 244ms
84ms Ping
text/plain 2607:f8b0:4024:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S88L4NG5L2&cid=904011730.1668782696&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S88L4NG5L2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c01::9a Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=8943966;dc_pre=CO-Xrf77t_sCFZVQYgodIr8A0g;type=homep0;cat=hotel0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u19=34600;u20=Hotel%2BGranduca%2BAustin;dc_lat=;dc_...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8943966;type=homep0;cat=hotel0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u19=34600;u20=Hotel%2BGranduca%2BAustin;dc_la...
https://ad.doubleclick.net/ddm/activity/src=8943966;dc_pre=CO-Xrf77t_sCFZVQYgodIr8A0g;type=homep0;cat=hotel0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u19=34600;u...
https://adservice.google.com/ddm/fls/z/src=8943966;dc_pre=CO-Xrf77t_sCFZVQYgodIr8A0g;type=homep0;cat=hotel0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u19=34600;u2...

42 B
107 B

166ms
165ms

Image
image/gif

2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8943966;dc_pre=CO-Xrf77t_sCFZVQYgodIr8A0g;type=homep0;cat=hotel0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u19=34600;u20=Hotel%2BGranduca%2BAustin;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

Requested by

Protocol

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8943966;dc_pre=CO-Xrf77t_sCFZVQYgodIr8A0g;type=homep0;cat=hotel0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u19=34600;u20=Hotel%2BGranduca%2BAustin;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1330460&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1330460%26t%3D1

0
1017 B

80ms
79ms

Image
application/javascript

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1330460%26t%3D1

Requested by

Protocol

HTTP/1.1

Server

68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:56 GMT
AN-X-Request-Uuid: 11c5f571-f8f4-4d1a-af9f-151be2bb9c3a
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 38.132.118.74; 38.132.118.74; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:55 GMT
AN-X-Request-Uuid: fecc242c-eb2c-4d31-86fa-b0585d22893b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1330460%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 38.132.118.74; 38.132.118.74; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=23313799&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23313799%26t%3D1

0
1017 B

89ms
88ms

Image
application/javascript

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23313799%26t%3D1

Requested by

Protocol

HTTP/1.1

Server

68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:56 GMT
AN-X-Request-Uuid: 8ab4a120-367a-40e0-9ff2-549d6cd7e25f
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 38.132.118.74; 38.132.118.74; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:55 GMT
AN-X-Request-Uuid: bc1a00c8-fe8f-496e-a192-c86ded1b20ce
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23313799%26t%3D1
Connection: keep-alive
X-Proxy-Origin: 38.132.118.74; 38.132.118.74; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=v_wCBsVRcXYm12BBZz8cAQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz...
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=v_wCBsVRcXYm12BBZz8cAQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH&sjrn_ula=708480342&google_gid=CAESEOG28KmFGow2bgMU7C0A9ik&google_cver=1

42 B
58 B

125ms
68ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH&sjrn_ula=708480342&google_gid=CAESEOG28KmFGow2bgMU7C0A9ik&google_cver=1
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Fri, 18 Nov 2022 14:44:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH&sjrn_ula=708480342&google_gid=CAESEOG28KmFGow2bgMU7C0A9ik&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=v_wCBsVRcXYm12BBZz8cAQ&google_nid=sojern_adh
https://cm.g.doubleclick.net/pixel?google_hm=v_wCBsVRcXYm12BBZz8cAQ&google_nid=sojern_adh&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDoqHSBnrby_1zjGoQB6mQEDP0yS0-Hv1lGofsJd2GH0Db9n-e8nxvPuTZraeHbC-7hjMLOhNY-SkzMauqpYUklOj-N9UNclflCrdh1S8c0oi6U-Flug
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqHSBnrby_1zjGoQB6mQEDP0yS0-Hv1lGofsJd2GH0Db9n-e8nxvPuTZraeHbC-7hjMLOhNY-SkzMauqpYUklOj-N9UNclflCrdh1S8c0oi6U-Flug

170 B
525 B

399ms
196ms

Image
image/png

2607:f8b0:4023:1::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqHSBnrby_1zjGoQB6mQEDP0yS0-Hv1lGofsJd2GH0Db9n-e8nxvPuTZraeHbC-7hjMLOhNY-SkzMauqpYUklOj-N9UNclflCrdh1S8c0oi6U-Flug

Requested by

Protocol

Server

2607:f8b0:4023:1::65 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqHSBnrby_1zjGoQB6mQEDP0yS0-Hv1lGofsJd2GH0Db9n-e8nxvPuTZraeHbC-7hjMLOhNY-SkzMauqpYUklOj-N9UNclflCrdh1S8c0oi6U-Flug
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DLGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH
https://pixel.sojern.com/idsync/apn?id=8860224511821628764&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH

42 B
263 B

87ms
68ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=8860224511821628764&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Fri, 18 Nov 2022 14:44:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:56 GMT
AN-X-Request-Uuid: e81199e1-6934-4e6c-8166-cfd92599e937
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://pixel.sojern.com/idsync/apn?id=8860224511821628764&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH
Connection: keep-alive
X-Proxy-Origin: 38.132.118.74; 38.132.118.74; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=ad15f4db-83ec-4c65-a401-e5239affa47d&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH

42 B
286 B

86ms
67ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=ad15f4db-83ec-4c65-a401-e5239affa47d&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Fri, 18 Nov 2022 14:44:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.sojern.com/idsync/ttd?id=ad15f4db-83ec-4c65-a401-e5239affa47d&sjrn_id=LGLw3b1dTHvZ4t9SxFdkDHDpMEZIXlq_nsCaZm6ICGsnRUGDtHz2oqyuQUjQf_KH
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 327

GET
H2

200

src=6227722;dc_pre=CIKXr_77t_sCFYVYYgodmAALGQ;type=sales;cat=merit002;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_75...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=6227722;type=sales;cat=merit002;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONS...
https://ad.doubleclick.net/ddm/activity/src=6227722;dc_pre=CIKXr_77t_sCFYVYYgodmAALGQ;type=sales;cat=merit002;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7B...
https://adservice.google.com/ddm/fls/z/src=6227722;dc_pre=CIKXr_77t_sCFYVYYgodmAALGQ;type=sales;cat=merit002;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BG...

42 B
118 B

159ms
156ms

Image
image/gif

2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=6227722;dc_pre=CIKXr_77t_sCFYVYYgodmAALGQ;type=sales;cat=merit002;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]

Requested by

Protocol

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=6227722;dc_pre=CIKXr_77t_sCFYVYYgodmAALGQ;type=sales;cat=merit002;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200 getLeadAvailability
services-p1.synxis.com/gw/product/v1/ Frame 0
0 270ms
133ms Preflight 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/gw/product/v1/getLeadAvailability

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.241.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: activityid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://be.synxis.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Conversation-ID: 83o0v850j
Date: Fri, 18 Nov 2022 14:44:55 GMT
Message-ID: bjlvpodzo
Transfer-Encoding: chunked
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Forwarded-Host: services-p1.synxis.com
X-Iinfo: 8-19022108-19022111 NNNN CT(1 16 0) RT(1668782695266 66) q(0 0 0 0) r(0 0) U5
access-control-allow-credentials: true
access-control-allow-headers: activityid,authorization,content-type
access-control-allow-methods: POST
access-control-allow-origin: https://be.synxis.com
access-control-max-age: 3600
access-control-request-headers: activityid,authorization,content-type
access-control-request-method: POST
cache-control: no-cache
cdn-loop: IncapCDN; id="1430_2695530"
content-encoding: gzip
incap-client-ip: 38.132.118.74
incap-proxy-1430: OK
origin: https://be.synxis.com
pragma: no-cache
referer: https://be.synxis.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
x-cloud-trace-context: 5666a7c752454a5fb92698c97f23c679/14921209001497980881
x-content-type-options: nosniff
x-forwarded-for: 38.132.118.74, 198.143.41.30, 35.190.7.78
x-forwarded-proto: https

POST
H2 200 GetUrgencyTriggers Show response
be.synxis.com/gw/product/v1/ 635 B
844 B 767ms
766ms Fetch
application/json 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/product/v1/GetUrgencyTriggers

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

33d9bfbf079881cfdf2c3c197431a61a043785958fad4b0ad4be863f19d3b265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

ActivityID: qEKKGamzBRJqsbSVGCrOdkE8
Accept: application/json,application/x-javascript
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
Context: BE
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: gzip
x-cdn: Imperva
accept-language: en-US,en;q=0.9
x-iinfo: 17-42504739-42505049 PNNN RT(1668782692686 3184) q(0 0 0 -1) r(5 5) U6
cdn-loop: IncapCDN; id="1704_1215874"
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-63779a68-76f4d8222bf242026ea0710b
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
activityid: qEKKGamzBRJqsbSVGCrOdkE8
cache-control: no-cache
referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
context: BE
sec-fetch-mode: cors
date: Fri, 18 Nov 2022 14:44:56 GMT
message-id: 2lb06jdnp
origin: https://be.synxis.com
x-content-type-options: nosniff
via: 1.1 google, 1.1 google, 1.1 google
x-real-ip: 10.123.76.165
strict-transport-security: max-age=31536000
x-forwarded-for: 38.132.118.74, 198.143.41.46, 10.123.76.165,10.30.3.22,10.30.0.237
x-forwarded-proto: https
content-length: 267
true-client-ip: 38.132.118.74
incap-proxy-1704: OK
server: nginx
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: cu723n53p
x-forwarded-port: 443
app-env: p1

OPTIONS
H/1.1 200 getLeadAvailability
services-p1.synxis.com/gw/product/v1/ Frame 0
0 301ms
150ms Preflight 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/gw/product/v1/getLeadAvailability

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.241.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: activityid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://be.synxis.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Conversation-ID: 1lrnm72yg
Date: Fri, 18 Nov 2022 14:44:56 GMT
Message-ID: 2bvoo7n6g
Transfer-Encoding: chunked
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Forwarded-Host: services-p1.synxis.com
X-Iinfo: 6-10053901-10053904 NNNN CT(1 13 0) RT(1668782695275 82) q(0 0 0 0) r(1 1) U5
access-control-allow-credentials: true
access-control-allow-headers: activityid,authorization,content-type
access-control-allow-methods: POST
access-control-allow-origin: https://be.synxis.com
access-control-max-age: 3600
access-control-request-headers: activityid,authorization,content-type
access-control-request-method: POST
cache-control: no-cache
cdn-loop: IncapCDN; id="1430_2695530"
content-encoding: gzip
incap-client-ip: 38.132.118.74
incap-proxy-1430: OK
origin: https://be.synxis.com
pragma: no-cache
referer: https://be.synxis.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
x-cloud-trace-context: 6080c14ad909c8da3bf311976f33448b/17492426041389097669
x-content-type-options: nosniff
x-forwarded-for: 38.132.118.74, 198.143.41.30, 35.190.7.78
x-forwarded-proto: https

GET
H2 200 1.js Show response
be.synxis.com/public/js/ 10 KB
3 KB 725ms
716ms Script
application/javascript 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/1.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1d2856205b14535f0bcc4cd1c0ac8cd1f6c441d5e6d29337e7efd7636224efc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Fri, 04 Nov 2022 16:35:33 GMT
x-cdn: Imperva
etag: W/"a34-184437f6408"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 17-42504739-42505042 PNNN RT(1668782692686 3221) q(0 0 0 -1) r(3 3) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2612

GET
H2 200 7.js Show response
be.synxis.com/public/js/ 105 KB
17 KB 743ms
735ms Script
application/javascript 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/7.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

390b79b027b848405327d605b74fabd73d070ab58d0b1d4d00ddb40c53f3021c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Fri, 04 Nov 2022 16:35:33 GMT
x-cdn: Imperva
etag: W/"4336-184437f6408"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 17-42504739-42505046 PNNN RT(1668782692686 3229) q(0 0 0 -1) r(4 4) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 17206

GET
H2 200 0.js Show response
be.synxis.com/public/js/ 18 KB
4 KB 744ms
735ms Script
application/javascript 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/0.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b255519ee07304ee290772676143dc4f4bdee3c3f087a4d228617490b3cc241e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Fri, 04 Nov 2022 16:35:33 GMT
x-cdn: Imperva
etag: W/"eb7-184437f6408"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 17-42504739-42505044 PNNN RT(1668782692686 3237) q(0 0 0 -1) r(4 4) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 3767

GET
H2 200 3.js Show response
be.synxis.com/public/js/ 39 KB
8 KB 748ms
740ms Script
application/javascript 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/3.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fd72cd287840dbac8f09119481c26b7067eebc7e867339dca975ecb21b05e6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Fri, 04 Nov 2022 16:35:33 GMT
x-cdn: Imperva
etag: W/"1d9c-184437f6408"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 17-42504739-42504812 PNNN RT(1668782692686 3244) q(0 0 0 -1) r(4 4) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7580

GET
H2 200 6.js Show response
be.synxis.com/public/js/ 309 KB
48 KB 1064ms
1057ms Script
application/javascript 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/6.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4c05efe67fd6fb871c9f45e04d400dc4356841973fcadc81cc188be338e4046d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Fri, 04 Nov 2022 16:35:33 GMT
x-cdn: Imperva
etag: W/"bd3e-184437f6408"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 17-42504739-42505429 NNNN CT(380 117 0) RT(1668782692686 3248) q(0 0 5 -1) r(6 7) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 48446

GET
H2 200 hero_granduca.jpg
be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/image/ 135 KB
136 KB 732ms
731ms Image
image/jpeg 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/image/hero_granduca.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

888e6fe9a93e22ea41acbdaf109927424fcd8128cdea5c5086762b68fa5b0a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:55 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
etag: "4cec761e"
content-type: image/jpeg
x-iinfo: 17-42504739-42498905 2cNN RT(1668782692686 3251) q(0 4 4 -1) r(5 5) U18
cache-control: max-age=1, public
content-length: 138344
expires: Fri, 18 Nov 2022 14:44:56 GMT

GET
H2 200 initialConfig_product-availability-success.js Show response
be.synxis.com/shs-bedesigner-services/assets/chain/15889/hotel/34600/fileStorage/tracking/ 623 B
835 B 874ms
873ms Fetch 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/shs-bedesigner-services/assets/chain/15889/hotel/34600/fileStorage/tracking/initialConfig_product-availability-success.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

5aef56ad4391df23932827fec3932d4e8ec90a46abb482af240ee60b4c989e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

ActivityID: qEKKGamzBRJqsbSVGCrOdkE8
Accept: application/json,application/x-javascript
Referer: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
Context: BE
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
x-cdn: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
x-iinfo: 17-42504739-42505192 2NNN RT(1668782692686 3257) q(0 3 3 -1) r(6 6) U12
access-control-allow-credentials: true
content-disposition: inline
content-length: 623

GET
H2 200 thealbery-room827.jpg
be.synxis.com/shs-ngbe-image-resizer/images/hotel/34600/images/xlarge/room/ 63 KB
63 KB 519ms
518ms Image
image/jpeg 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be.synxis.com/shs-ngbe-image-resizer/images/hotel/34600/images/xlarge/room/thealbery-room827.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bd8625569811b07f6ff7e816765742c3cd345740acddc8bb35f3316562a989c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
etag: "f56934b7ec570826c7476046c213606d"
content-type: image/jpeg
x-iinfo: 17-42504739-42505450 2CNN RT(1668782692686 3604) q(0 1 2 -1) r(2 2) U18
cache-control: max-age=19728, public
content-length: 64026
expires: Fri, 18 Nov 2022 20:13:44 GMT

GET
H2 200 thealbery-room828-2.jpg
be.synxis.com/shs-ngbe-image-resizer/images/hotel/34600/images/xlarge/room/ 60 KB
61 KB 520ms
519ms Image
image/jpeg 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be.synxis.com/shs-ngbe-image-resizer/images/hotel/34600/images/xlarge/room/thealbery-room828-2.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ce0fddf776e7f7b1db2b61cd7917e293afbb8b0494485a586477a5f5588c5336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
etag: "5aa1dd15212de39e93a820018f717107"
content-type: image/jpeg
x-iinfo: 17-42504739-42505451 2CNN RT(1668782692686 3621) q(0 0 1 -1) r(1 1) U20
cache-control: max-age=25932, public
content-length: 61702
expires: Fri, 18 Nov 2022 21:57:08 GMT

GET
H2 200 thealbery-frenchdoors.jpg
be.synxis.com/shs-ngbe-image-resizer/images/hotel/34600/images/xlarge/room/ 69 KB
70 KB 473ms
472ms Image
image/jpeg 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be.synxis.com/shs-ngbe-image-resizer/images/hotel/34600/images/xlarge/room/thealbery-frenchdoors.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

068bbe0eea1c88f3a0f0f158b74d9485c7a033ccd57136221c604b55d59f996b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
etag: "05a55ef5be420d2bf24db70aa92daa62"
content-type: image/jpeg
x-iinfo: 17-42504739-42505150 2CNN RT(1668782692686 3649) q(0 0 0 -1) r(1 1) U20
cache-control: max-age=19727, public
content-length: 71091
expires: Fri, 18 Nov 2022 20:13:43 GMT

POST
H/1.1 200 getLeadAvailability Show response
services-p1.synxis.com/gw/product/v1/ 148 KB
6 KB 806ms
504ms XHR
application/json 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/gw/product/v1/getLeadAvailability

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/modules-main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.241.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2caa73102dd91e73ec7dadf0c13c29eca09ec442cd8a32c71d12cb2fdd9d745f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
Authorization: ApiKey MDAxMTZ+UkVvRjBNMkVmVTBQMjkwWVV1YzR3VTRZQ3c0NTJFdmdPSUVadmIwQmxIOEwycXo4Y3oxT3ptOEFvVkpCWUwxWnQ1MVROQkNUWEF1bkZVWjdyNms3N2c9PQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
activityid: wVSkSnHp3a

Response headers

content-encoding: gzip
X-CDN: Imperva
accept-language: en-US,en;q=0.9
x-api-session: MDAxMjF-YTR2VkdVcGdzOEFzUVpJVmw3a1ZoK2t0RGIzZS9mSUptZTJXWTNPMXkyZityY2FYWWtuM1pqazZWZ2tBai8wTW55dTdBMWY1dzhlZUl1RnpybnJHTDZEbHJIWTlKNGxaYlB6U3lpcm9GS1NkdGJaR2luY0FxQlJlL3h3K0VmMHZkQStDNVRTRGVYc0UvYUpZajdzUXU2Rlp6NCtMc0JZbTVpaThIblJMRmJHU3oyc2xkQUU4V1Jmd1pHY0JuWFNKaXdQWTl6YnQxbElnZXlGdHF6NFlHNDFGRDN4cEdubkttVnpnRGZVZko4dz0
Transfer-Encoding: chunked
X-Iinfo: 6-10053901-10053904 SNNN RT(1668782695275 502) q(0 0 0 2) r(4 4) U5
cdn-loop: IncapCDN; id="1430_2695530"
sec-fetch-dest: empty
pragma: no-cache
X-Forwarded-Host: services-p1.synxis.com
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
activityid: wVSkSnHp3a
access-control-allow-origin: https://be.synxis.com
incap-proxy-1430: OK
x-cloud-trace-context: 0e681c1b222433e5f8c27ad84a41e1e1/4260934101731044179
cache-control: no-cache
referer: https://be.synxis.com/
Content-Type: application/json;charset=UTF-8
incap-client-ip: 38.132.118.74
sec-fetch-mode: cors
Date: Fri, 18 Nov 2022 14:44:56 GMT
Message-ID: 2ia2kus6t
origin: https://be.synxis.com
x-content-type-options: nosniff
Via: 1.1 google, 1.1 google, 1.1 google
x-forwarded-for: 38.132.118.74, 198.143.41.30, 35.190.7.78
x-forwarded-proto: https
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-site
Conversation-ID: 2briszzpb

POST
H/1.1 200 getLeadAvailability Show response
services-p1.synxis.com/gw/product/v1/ 4 KB
3 KB 662ms
361ms XHR
application/json 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/gw/product/v1/getLeadAvailability

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/modules-main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.241.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

155bff0823197745fbf5bd882cb1a15e6ca2745b78abaa47e8d37edf0d69776d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
Authorization: ApiKey MDAxMTZ+UkVvRjBNMkVmVTBQMjkwWVV1YzR3VTRZQ3c0NTJFdmdPSUVadmIwQmxIOEwycXo4Y3oxT3ptOEFvVkpCWUwxWnQ1MVROQkNUWEF1bkZVWjdyNms3N2c9PQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
activityid: wVSkSnHp3a

Response headers

content-encoding: gzip
X-CDN: Imperva
accept-language: en-US,en;q=0.9
x-api-session: MDAxMjF-NTB3VFcycmRvdVBTSGZ6aFNBZTBWeVlSaEtJYWpxbWEvV2ZFcUtMbDNxVDVsQUQ3enI5ZERjS3VUZC9sVGM3RU5NZEN3SFlncGk3azZSWDlXZ2N1K0RyWlFaSlRMTnNVWUtNM3RtTDN4M3h1cEJMYURKWFQwTFJQUUdvamZoaHRsNTQyYkgzUHcwTTNYK3dMdStvWTg3UlFlMzRqZEZ0ejJlQ29zbUYyMDlhVzdZdzVFUFZtSXB0UHNYUXdab1phOERpcDFBZE5oclJIVDNNZnJJczBtWXI0RWwvcDljaW5PWnZHQUNyenNGST0
Transfer-Encoding: chunked
X-Iinfo: 8-19022108-19022111 SNNN RT(1668782695266 534) q(0 0 0 1) r(2 2) U5
cdn-loop: IncapCDN; id="1430_2695530"
sec-fetch-dest: empty
pragma: no-cache
X-Forwarded-Host: services-p1.synxis.com
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
activityid: wVSkSnHp3a
access-control-allow-origin: https://be.synxis.com
incap-proxy-1430: OK
x-cloud-trace-context: d8f8e19f2dfb8845123ac37b073b82a4/17532424458017649285
cache-control: no-cache
referer: https://be.synxis.com/
Content-Type: application/json;charset=UTF-8
incap-client-ip: 38.132.118.74
sec-fetch-mode: cors
Date: Fri, 18 Nov 2022 14:44:56 GMT
Message-ID: 1857o15b8
origin: https://be.synxis.com
x-content-type-options: nosniff
Via: 1.1 google, 1.1 google, 1.1 google
x-forwarded-for: 38.132.118.74, 198.143.41.30, 35.190.7.78
x-forwarded-proto: https
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-site
Conversation-ID: 1i1bppuys

GET
H3

200

dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889... Show response
6442125.fls.doubleclick.net/ddm/fls/r/ Frame FD5D
Redirect Chain

https://adservice.google.com/ddm/fls/i/dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis...
https://6442125.fls.doubleclick.net/ddm/fls/r/dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe...

298 B
165 B

92ms
89ms

Document
text/html

172.253.112.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6442125.fls.doubleclick.net/ddm/fls/r/dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata

Requested by

Host: 6442125.fls.doubleclick.net
URL: https://6442125.fls.doubleclick.net/activityi;dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.112.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mb-in-f148.1e100.net

Software

cafe /

Resource Hash

43c2740d5bd1efdbe58373fa5b5e5348e7e7d2f321fd3840a090896c99bff5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6442125.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 14:44:56 GMT
expires: Fri, 18 Nov 2022 14:44:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 14:44:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://6442125.fls.doubleclick.net/ddm/fls/r/dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CLKLmP77t_sCFQpQwQodyr8ANg;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889... Show response
adservice.google.com/ddm/fls/i/ Frame 6054 194 B
193 B 311ms
153ms Document
text/html 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLKLmP77t_sCFQpQwQodyr8ANg;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata

Requested by

Host: 6442125.fls.doubleclick.net
URL: https://6442125.fls.doubleclick.net/activityi;dc_pre=CLKLmP77t_sCFQpQwQodyr8ANg;src=6442125;type=inqui0;cat=pngra003;ord=3685509324384;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6442125.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 14:44:56 GMT
expires: Fri, 18 Nov 2022 14:44:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content pj Show response
e.acuityplatform.com/ 0
187 B 268ms
94ms Script
text/plain 69.90.254.51
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://e.acuityplatform.com/pj?pk=1962595128333336194&pu=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19%26hotel%3D34600%26level%3Dhotel%26locale%3Den-US%26promo%3DPROVAT%26rooms%3D1%26utm_campaign%3Dintroducing_hotel_viata%26utm_medium%3Demail%26utm_source%3Dcendyn&pixelKey=1962595128333336194
Requested by: Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v2/pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.90.254.51 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 284ms
101ms XHR
text/plain 2607:f8b0:4023:1::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1949089859&t=pageview&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19%26hotel%3D34600%26level%3Dhotel%26locale%3Den-US%26promo%3DPROVAT%26rooms%3D1%26utm_campaign%3Dintroducing_hotel_viata%26utm_medium%3Demail%26utm_source%3Dcendyn&ul=en-us&de=UTF-8&dt=Hotel%20Viata%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=2142672999&gjid=1231450862&cid=904011730.1668782696&tid=UA-53063639-1&_gid=1268493091.1668782696&_r=1&gtm=2wgb90WSZ4PM6&z=1483633261

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1::71 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/728919214/ 42 B
548 B 323ms
120ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/728919214/?random=1668782695489&cv=11&fst=1668780000000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&ref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3928204521&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4095199520595711 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 242ms
157ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4095199520595711?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65ade209d5f312966c938379ae5aeeb5975b43c61b5271d684a3ad263304d916

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 18 Nov 2022 14:44:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vjFImICV+TGUENODuLQ5VXrXvVbqBc6dfMMgXAhg45xHW/2BeaN3l48usTboFk6xqPnb24EFp2X01hDGAY++0A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.9a94ee76.js Show response
s.pinimg.com/ct/lib/ 58 KB
21 KB 108ms
108ms Script
application/javascript 2600:141b:e800:138d::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:138d::1931 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "e43867aadc515024dd460d8611098a12"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20728

GET
H2 200 modules.55241fd65a1af5a1837b.js Show response
script.hotjar.com/ 262 KB
68 KB 455ms
157ms Script
application/javascript 65.8.66.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.55241fd65a1af5a1837b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3216674.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.8.66.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-8-66-19.yvr50.r.cloudfront.net

Software

Resource Hash

abcc01ec7f27663d20ef3186dd63224980fb38ba81a9451d9eccfa597f1dd9d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4f130b04fa4df2503556325c16eee9f2.cloudfront.net (CloudFront)
x-amz-cf-pop: YVR50-C1
age: 99529
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68617
last-modified: Thu, 17 Nov 2022 11:05:52 GMT
etag: "5f82b1a8e62b6a241154cb066c4d1ad8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: c5OKrXBHNCdrh4tpVuhOaoCRAtv8CuYt7iwZB8QHd77uefITTPnlLA==

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2297146&ADFPageName=Retargeting&ADFdivider=%7C&ord=192636137964&ADFtpmode=2&loc=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2297146&ADFPageName=Retargeting&ADFdivider=%7C&ord=192636137964&ADFtpmode=2&loc=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26...

1 KB
1 KB

99ms
99ms

Script
text/javascript

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2297146&ADFPageName=Retargeting&ADFdivider=%7C&ord=192636137964&ADFtpmode=2&loc=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19&CPref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1c1973b2e79c6d514928cf9794764390399d978a84f680a39856d46d9ad4a976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 953
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2297146&ADFPageName=Retargeting&ADFdivider=%7C&ord=192636137964&ADFtpmode=2&loc=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19&CPref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 / Show response
www.thehotelsnetwork.com/widget/core/latest/hub/ Frame DC4E 5 KB
2 KB 63ms
61ms Document
text/html 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/latest/hub/

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/loader.js?property_id=1027586&account_key=7CB5E1BFAB748019CEFBEECD7D4FAA57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7fb23f0072704650a8df9aead2f7d0d6a2c166044b1b649e1c633ece66b301bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 2035
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 14:44:55 GMT
etag: W/"63778c5e-11fd"
last-modified: Fri, 18 Nov 2022 13:45:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 12-81040108-0 0CNN RT(1668782694810 906) q(0 -1 -1 -1) r(0 -1)

POST
H2 200 reports
be.synxis.com/ 2 KB
986 B 539ms
539ms Other
application/json 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=34600&cid=15889&sid=qEKKGamzBRJqsbSVGCrOdkE8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e1cf426f7ded630ff382332e3d8d5463ab1ed2de70023bdf0eb04d0b0a4e843e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cdn: Imperva
etag: W/"8eb-S+tK/oDYwuOhKXrvRUOofACugSg"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 17-42504739-42505046 PNYN RT(1668782692686 3708) q(0 2 2 -1) r(3 3) U6

GET
H2 200 _Incapsula_Resource Show response
www.thehotelsnetwork.com/ Frame DC4E 142 KB
20 KB 83ms
82ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1709060390

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d90ae26acf8a33b411966b5b69ddafca45c7affec887d7ab2e88e70d98b673c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20448
content-type: application/javascript

GET
H2 200 get_loader_data Show response
www.thehotelsnetwork.com/ 26 KB
8 KB 197ms
196ms Fetch
application/json 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/get_loader_data?property_id=1027586&account_key=7CB5E1BFAB748019CEFBEECD7D4FAA57

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/loader.js?property_id=1027586&account_key=7CB5E1BFAB748019CEFBEECD7D4FAA57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c60abc3ced43d01e6e1aebba74a5e26be2a572e1536b76f23054db827c6cc037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
content-encoding: gzip
via: 1.1 3088559317e5c464292d9249b963bdb8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: MIA3-C4
x-cache: Miss from cloudfront
x-iinfo: 12-81040108-81040117 PNNN RT(1668782694810 1003) q(0 0 0 -1) r(1 1) U5
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: U30cygAepP8BwitxOPBMgZVfESpTpBhgsgu7X_so6p313NaSypYUjg==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 540 B
859 B 441ms
108ms XHR
application/json 23.39.32.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614406155601&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1668782696394&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.32.234 Newark, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-32-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

379e7f98c1e80a7c67fa2fb417a78711ec0715013509d9eeda3bb0f63549d400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.e4aa2617.1668782696.12a53b54
x-envoy-upstream-service-time: 0
content-length: 378
x-pinterest-rid: 1167325168421977
pin-unauth: dWlkPVlXSTNNalJrTXpRdE56UTNZUzAwTUdVM0xXSmlOamt0WldWaE1qWTFOekZpWm1RMA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 540 B
859 B 441ms
110ms XHR
application/json 23.39.32.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614406155601&cb=1668782696396&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.32.234 Newark, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-32-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

379e7f98c1e80a7c67fa2fb417a78711ec0715013509d9eeda3bb0f63549d400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.e4aa2617.1668782696.12a53b55
x-envoy-upstream-service-time: 1
content-length: 378
x-pinterest-rid: 1581293628537046
pin-unauth: dWlkPVpqQTBaamRrT1RRdE1UWXlOQzAwTXpjMkxUaGhObUl0WW1FMk56VXlaREk0TnprMw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 428ms
109ms Image
image/gif 23.39.32.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614406155601&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19%26hotel%3D34600%26level%3Dhotel%26locale%3Den-US%26promo%3DPROVAT%26rooms%3D1%26utm_campaign%3Dintroducing_hotel_viata%26utm_medium%3Demail%26utm_source%3Dcendyn%22%2C%22ref%22%3A%22https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1668782696396

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.32.234 Newark, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-32-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.e4aa2617.1668782696.12a53b56
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1587595340901836
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 _Incapsula_Resource
www.thehotelsnetwork.com/ Frame DC4E 1 B
36 B 61ms
59ms Image
text/plain 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thehotelsnetwork.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9340198648288307

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 338ms
115ms XHR
text/plain 2607:f8b0:4024:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53063639-1&cid=904011730.1668782696&jid=2142672999&gjid=1231450862&_gid=1268493091.1668782696&_u=YCDACEAABAAAACAAI~&z=2090300820

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::9a Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 18 Nov 2022 14:44:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

src=11917618;dc_pre=CPuD6_77t_sCFcuCYgodZGoIrQ;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/ Frame FD5D
Redirect Chain

https://ciqtracking.com/p/v/1/624b1122f8708104e67e2aee/format/img?
https://ad.doubleclick.net/ddm/activity/src=11917618;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?
https://ad.doubleclick.net/ddm/activity/src=11917618;dc_pre=CPuD6_77t_sCFcuCYgodZGoIrQ;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...
https://adservice.google.com/ddm/fls/z/src=11917618;dc_pre=CPuD6_77t_sCFcuCYgodZGoIrQ;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...

42 B
63 B

179ms
179ms

Image
image/gif

2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11917618;dc_pre=CPuD6_77t_sCFcuCYgodZGoIrQ;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Requested by

Host: 6442125.fls.doubleclick.net
URL: https://6442125.fls.doubleclick.net/ddm/fls/r/dc_pre=CIfEmP77t_sCFY8KoQodXZUE7Q;src=6442125;type=inqui0;cat=pngra004;ord=4173588626529;gtm=2wgb90;auiddc=1285635382.1668782695;~oref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata

Protocol

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6442125.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=11917618;dc_pre=CPuD6_77t_sCFcuCYgodZGoIrQ;type=invmedia;cat=grand0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 384 KB
102 KB 160ms
51ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=3a14286c

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/loader.js?property_id=1027586&account_key=7CB5E1BFAB748019CEFBEECD7D4FAA57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

db382c59958d2896fe3ba456f00cfcec7e15ba62e3ea13adbfdd997c45887e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
Origin: https://be.synxis.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 18 Nov 2022 13:45:04 GMT
x-cdn: Imperva
etag: W/"63778c60-5fec0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 12-81040379-0 0CNN RT(1668782696141 51) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=0
content-length: 103552

GET
H3 200 3016701741910816 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 93ms
92ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3016701741910816?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

12f5e31fee5484a4aad523ca461d098b5af2e9f76b26ff2d797d8b4a279f86cf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 18 Nov 2022 14:44:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86045
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: iba0uZy5NxZi3JTvAB8gl2qInJO0mJXrsD30fBaj8qOQLwX0Qgp0ZVVF+W1J9EHGXJc3sHy1mWFuNQFZFP4jPw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 255ms
83ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4095199520595711&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19%26hotel%3D34600%26level%3Dhotel%26locale%3Den-US%26promo%3DPROVAT%26rooms%3D1%26utm_campaign%3Dintroducing_hotel_viata%26utm_medium%3Demail%26utm_source%3Dcendyn&rl=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&if=false&ts=1668782696705&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668782696704.232651074&it=1668782696246&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 18 Nov 2022 14:44:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK 2H1GV9VR.js Show response
cdn.getsmartcontent.com/ 114 KB
38 KB 425ms
268ms Script
text/html 151.139.237.219
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getsmartcontent.com/2H1GV9VR.js
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.237.219 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 03a253f4fdf855b0626572aa52af329893336ba51b52f8b7468aba2c1039bab3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 14:44:57 GMT
x-amz-version-id: Bd9j9F3PKvoSTRZyPaaoSwClSCNfiLUf
Content-Encoding: gzip
Last-Modified: Thu, 17 Nov 2022 22:39:56 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: QKVWKGAV0TBM5094
ETag: W/"89a015f7e9a2328ded28cfe96f58db52"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: EXPIRED
Content-Type: text/html
Cache-Control: public, max-age=900
x-amz-replication-status: COMPLETED
Connection: keep-alive
x-amz-id-2: jbLRuygfgpdhrrwja/njnRUOFFC9hpdUmUqkQAc3izWgpY4YtCJSI249HGWPjdTDg4ZY13A7tYc=

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 124ms
83ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3016701741910816&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19%26hotel%3D34600%26level%3Dhotel%26locale%3Den-US%26promo%3DPROVAT%26rooms%3D1%26utm_campaign%3Dintroducing_hotel_viata%26utm_medium%3Demail%26utm_source%3Dcendyn&rl=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&if=false&ts=1668782696839&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668782696704.232651074&it=1668782696246&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 18 Nov 2022 14:44:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 109ms
108ms Image
image/gif 23.39.32.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614406155601&cb=1668782696852&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVlXSTNNalJrTXpRdE56UTNZUzAwTUdVM0xXSmlOamt0WldWaE1qWTFOekZpWm1RMA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19%26hotel%3D34600%26level%3Dhotel%26locale%3Den-US%26promo%3DPROVAT%26rooms%3D1%26utm_campaign%3Dintroducing_hotel_viata%26utm_medium%3Demail%26utm_source%3Dcendyn%22%2C%22ref%22%3A%22https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3A%22false%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.32.234 Newark, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-32-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.e4aa2617.1668782696.12a53c22
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1379816184954361
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 48DD 1 KB
1 KB 114ms
111ms Document
text/html 185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=2297146&lid=89292847&ctype=0&media=0&PageName=Retargeting&rnd=1315326959&cpref=https%3a%2f%2fbe.synxis.com%2f%3fHotel%3d34600%26Chain%3d15889%26promo%3dPROVAT%26utm_source%3dcendyn%26utm_medium%3demail%26utm_campaign%3dintroducing_hotel_viata&loc=https%3a%2f%2fbe.synxis.com%2f%3fadult%3d1%26arrive%3d2022-11-18%26chain%3d15889%26child%3d0%26currency%3dUSD%26depart%3d2022-11-19

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b39a3e1417fc2c43da9da13482b3cd3bd57a1878c16c03deae267db3e0335a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 14:44:56 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame E9B9 5 KB
2 KB 479ms
112ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2297146&ADFPageName=Retargeting&ADFdivider=%7C&ord=192636137964&ADFtpmode=2&loc=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19&CPref=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

adc0adb7ebe5158c6c4059290ca1ac28fafa59a7571230e4f668dff458c86151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 18 Nov 2022 14:44:57 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
335 B 488ms
112ms Image
image/gif 185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=2680738296644665233&stamp=eISH3aVOn-EDvP-67D9Y4w2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Nov 2022 14:44:57 GMT
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 382ms
138ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53063639-1&cid=904011730.1668782696&jid=2142672999&_u=YCDACEAABAAAACAAI~&z=2026569626

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 48DD 1 KB
2 KB 356ms
127ms Script
text/javascript 104.77.9.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1535407&mt_adid=205745&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2297146&lid=89292847&ctype=0&media=0&PageName=Retargeting&rnd=1315326959&cpref=https%3a%2f%2fbe.synxis.com%2f%3fHotel%3d34600%26Chain%3d15889%26promo%3dPROVAT%26utm_source%3dcendyn%26utm_medium%3demail%26utm_campaign%3dintroducing_hotel_viata&loc=https%3a%2f%2fbe.synxis.com%2f%3fadult%3d1%26arrive%3d2022-11-18%26chain%3d15889%26child%3d0%26currency%3dUSD%26depart%3d2022-11-19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.77.9.10 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-9-10.deploy.static.akamaitechnologies.com
Software: MT3 169 32252b7 master iad-pixel-x4 config:1.0.0 /
Resource Hash: d7f0f8cce4746e045737e52672c26a9c9879b7064e5dadab6afb69c9720ee859

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 14:44:57 GMT
Server: MT3 169 32252b7 master iad-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1493
Expires: Fri, 18 Nov 2022 14:44:56 GMT

POST
H/1.1 200 events Show response
services-p1.synxis.com/gw/v1/log/ 31 B
2 KB 420ms
119ms XHR
application/json 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/public/js/modules-main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7db025befd8366a72f3b11db5696cc6f90fb8921f0abc71113050bdc739e1119

Request headers

Accept: application/json, text/plain, */*
Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

sec-fetch-mode: cors
Date: Fri, 18 Nov 2022 14:44:57 GMT
Message-ID: y471sqpzn
origin: https://be.synxis.com
content-encoding: gzip
X-CDN: Imperva
accept-language: en-US,en;q=0.9
Via: 1.1 google, 1.1 google
x-forwarded-for: 38.132.118.74, 198.143.41.30, 35.190.7.78
Transfer-Encoding: chunked
X-Iinfo: 6-10053901-10053904 SNNN RT(1668782695275 1743) q(0 0 0 2) r(0 0) U5
cdn-loop: IncapCDN; id="1430_2695530"
sec-fetch-dest: empty
x-forwarded-proto: https
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
X-Forwarded-Host: services-p1.synxis.com
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
incap-proxy-1430: OK
x-cloud-trace-context: 191738830cd034035b3c44bec01ff186/6928208904198720521
cache-control: no-cache
access-control-allow-credentials: true
referer: https://be.synxis.com/
Vary: Origin
sec-fetch-site: same-site
Conversation-ID: 125ixbccg
incap-client-ip: 38.132.118.74

OPTIONS
H/1.1 200 events
services-p1.synxis.com/gw/v1/log/ Frame 0
0 435ms
134ms Preflight 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://be.synxis.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Conversation-ID: jyz4jur2x
Date: Fri, 18 Nov 2022 14:44:57 GMT
Message-ID: 2iidcrm9l
Transfer-Encoding: chunked
Vary: Origin
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Forwarded-Host: services-p1.synxis.com
X-Iinfo: 6-10053901-10053904 SNNN RT(1668782695275 1316) q(0 0 0 0) r(1 1) U5
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://be.synxis.com
access-control-max-age: 3600
access-control-request-headers: content-type
access-control-request-method: POST
cache-control: no-cache
cdn-loop: IncapCDN; id="1430_2695530"
content-encoding: gzip
incap-client-ip: 38.132.118.74
incap-proxy-1430: OK
origin: https://be.synxis.com
pragma: no-cache
referer: https://be.synxis.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
x-cloud-trace-context: 093ccffbafd40c65d5031793a5066f29/13197944939819098442
x-forwarded-for: 38.132.118.74, 198.143.41.30, 35.190.7.78
x-forwarded-proto: https

OPTIONS
H/1.1 200 events
services-p1.synxis.com/gw/v1/log/ Frame 0
0 422ms
120ms Preflight 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://be.synxis.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Conversation-ID: 1n6p7bp96
Date: Fri, 18 Nov 2022 14:44:57 GMT
Message-ID: 27uldcrzr
Transfer-Encoding: chunked
Vary: Origin
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Forwarded-Host: services-p1.synxis.com
X-Iinfo: 6-10053901-10053904 SNNN RT(1668782695275 1467) q(0 0 0 0) r(0 0) U5
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://be.synxis.com
access-control-max-age: 3600
access-control-request-headers: content-type
access-control-request-method: POST
cache-control: no-cache
cdn-loop: IncapCDN; id="1430_2695530"
content-encoding: gzip
incap-client-ip: 38.132.118.74
incap-proxy-1430: OK
origin: https://be.synxis.com
pragma: no-cache
referer: https://be.synxis.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
x-cloud-trace-context: 249c349f5e2c0785d2a0c57702fbef23/2842383362301223863
x-forwarded-for: 38.132.118.74, 198.143.41.30, 35.190.7.78
x-forwarded-proto: https

POST
H/1.1 200 events Show response
services-p1.synxis.com/gw/v1/log/ 31 B
2 KB 444ms
143ms XHR
application/json 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/public/js/modules-main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7db025befd8366a72f3b11db5696cc6f90fb8921f0abc71113050bdc739e1119

Request headers

Accept: application/json, text/plain, */*
Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

sec-fetch-mode: cors
Date: Fri, 18 Nov 2022 14:44:57 GMT
Message-ID: zc8y7nhkq
origin: https://be.synxis.com
content-encoding: gzip
X-CDN: Imperva
accept-language: en-US,en;q=0.9
Via: 1.1 google, 1.1 google
x-forwarded-for: 38.132.118.74, 198.143.41.30, 35.190.7.78
Transfer-Encoding: chunked
X-Iinfo: 6-10053901-10053904 SNNN RT(1668782695275 1896) q(0 0 0 0) r(1 1) U5
cdn-loop: IncapCDN; id="1430_2695530"
sec-fetch-dest: empty
x-forwarded-proto: https
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
X-Forwarded-Host: services-p1.synxis.com
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
incap-proxy-1430: OK
x-cloud-trace-context: 22e22a4234ea99c8ec179583397f8c32/4434364582344022588
cache-control: no-cache
access-control-allow-credentials: true
referer: https://be.synxis.com/
Vary: Origin
sec-fetch-site: same-site
Conversation-ID: 1r6s5pyfs
incap-client-ip: 38.132.118.74

GET
H2 200 plf
c1.adform.net/imatch/ Frame E9B9 0
261 B 108ms
107ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E9B9
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2680738296644665233&Expiration=1669992297
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2680738296644665233&Expiration=1669992297

43 B
424 B

83ms
82ms

Image
image/gif

52.54.61.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2680738296644665233&Expiration=1669992297
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Server: 52.54.61.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-61-55.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Nov 2022 14:44:57 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2680738296644665233&Expiration=1669992297
date: Fri, 18 Nov 2022 14:44:57 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E9B9 0
522 B 516ms
219ms Image
text/plain 104.64.77.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=2680738296644665233

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.64.77.76 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-77-76.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:57 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 17 Nov 2022 14:44:57 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame E9B9 0
664 B 369ms
82ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E9B9
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2680738296644665233&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2680738296644665233&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=80428e1b49e8406ab...
https://c1.adform.net/serving/cookie/match?party=9&uid=5f2f33bed8f923f28513104fbe9ab048a50dc033a4b4d03697c8ddf64c723c83

35 B
468 B

113ms
113ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=5f2f33bed8f923f28513104fbe9ab048a50dc033a4b4d03697c8ddf64c723c83

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=5f2f33bed8f923f28513104fbe9ab048a50dc033a4b4d03697c8ddf64c723c83
date: Fri, 18 Nov 2022 14:44:58 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E9B9
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2680738296644665233&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=3550745198812263425

35 B
477 B

114ms
114ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=3550745198812263425

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=3550745198812263425
pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame E9B9
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=2680738296644665233&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2680738296644665233&_origin=1&verify=true

0
121 B

82ms
81ms

Image
text/plain

54.175.87.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=2680738296644665233&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-87-114.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=2680738296644665233&_origin=1&verify=true
date: Fri, 18 Nov 2022 14:44:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame E9B9 43 B
639 B 1157ms
89ms Image
image/gif 63.251.28.234
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.251.28.234 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:58 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1668782698553014-139

GET
H2

200

pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame E9B9
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=2680738296644665233
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2680738296644665233
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=460e10d6-713b-4b44-8f9c-e630ffca875b&stn=

43 B
491 B

383ms
128ms

Image
image/gif

192.173.28.19
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=460e10d6-713b-4b44-8f9c-e630ffca875b&stn=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Server: 192.173.28.19 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:58 GMT
x-stw-server: van-mesos01-node07
x-stw-site: VAN
content-length: 43
content-type: image/gif

Redirect headers

Location: //yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=460e10d6-713b-4b44-8f9c-e630ffca875b&stn=
Date: Fri, 18 Nov 2022 14:44:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E9B9
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2680738296644665233&expiration=1669992297
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2680738296644665233&expiration=1669992297&C=1

43 B
766 B

95ms
94ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2680738296644665233&expiration=1669992297&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=111&external_user_id=2680738296644665233&expiration=1669992297&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET info
uipglob.semasio.net/adform/1/ Frame E9B9 0
0

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame E9B9
Redirect Chain

https://ps.eyeota.net/match?uid=2680738296644665233&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=2680738296644665233&bid=9gdtmu1

70 B
440 B

82ms
82ms

Image
image/gif

3.233.22.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=2680738296644665233&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: HTTP/1.1
Server: 3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-22-19.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 18 Nov 2022 14:44:58 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=2680738296644665233&bid=9gdtmu1
Date: Fri, 18 Nov 2022 14:44:58 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame E9B9 0
324 B 258ms
75ms Image
text/plain 52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

/
p.adsymptotic.com/d/px/ Frame E9B9
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=2680738296644665233
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMjY4MDczODI5NjY0NDY2NTIzMxAAGg0I6bTemwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=346517aff16fcc5739e20e3e0316fdd2dfb8b4a1e91ae23e8675325b3b35f29a791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=346517aff16fcc5739e20e3e0316fdd2dfb8b4a1e91ae23e8675325b3b35f29a791426b5417dce21&rand=06131373
https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=346517aff16fcc5739e20e3e0316fdd2dfb8b4a1e91ae23e8675325b3b35f29a791426b5417dce21&_pu
https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=346517aff16fcc5739e20e3e0316fdd2dfb8b4a1e91ae23e8675325b3b35f29a791426b5417dce21&_pu&_expected_cookie=6c125...

43 B
141 B

95ms
94ms

Image
image/gif

104.18.102.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=346517aff16fcc5739e20e3e0316fdd2dfb8b4a1e91ae23e8675325b3b35f29a791426b5417dce21&_pu&_expected_cookie=6c1254ee765d7a5b2aa5934c87d9dc7a
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Server: 104.18.102.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP='NON DSP COR CONi OUR BUS CNT'
date: Fri, 18 Nov 2022 14:44:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c17cbdea5fd9b1-MIA
content-length: 43
content-type: image/gif

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=346517aff16fcc5739e20e3e0316fdd2dfb8b4a1e91ae23e8675325b3b35f29a791426b5417dce21&_pu&_expected_cookie=6c1254ee765d7a5b2aa5934c87d9dc7a
date: Fri, 18 Nov 2022 14:44:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c17cbd497dd9b1-MIA
content-length: 0

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2680738296644665233/gdpr=/ Frame E9B9
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2680738296644665233/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2680738296644665233/gdpr=/gdpr_consent=

49 B
545 B

94ms
93ms

Image
image/gif

3.215.101.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2680738296644665233/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Server: 3.215.101.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-101-237.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:58 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.44.96
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:58 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2680738296644665233/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.13.240
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame E9B9 62 B
439 B 870ms
628ms Image
image/gif 23.36.153.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.153.35 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-153-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 18 Nov 2022 14:44:58 GMT
content-length: 62
content-type: image/gif

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame E9B9
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2680738296644665233
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2680738296644665233

43 B
61 B

141ms
80ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:58 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2680738296644665233
date: Fri, 18 Nov 2022 14:44:58 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame E9B9
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

595ms
199ms

Image
image/gif

52.218.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: HTTP/1.1
Server: 52.218.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 14:45:00 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: VFZEH2P208W99T1W
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: y+xGDEojc2avCJTof9It20CNlQdGAeAtOHat7pO04+7IDMTyRPOoz3fjNFkFlade3woQ/pGc7w0=

Redirect headers

X-Error-Reason: Missing UserId
Date: Fri, 18 Nov 2022 14:44:58 GMT
Server: akka-http/10.2.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

2981
tags.bluekai.com/site/ Frame E9B9
Redirect Chain

https://pixel.onaudience.com/?mapped=2680738296644665233&partner=68
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=ad15f4db-83ec-4c65-a401-e5239affa47d&icm&gdpr=0&gdpr_consent=&cver
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=b688776bee0c738d
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=TWoxQUJSSGQ5OWV3QVU1TQ%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESECBFxbbbgqRq_kr0i7deYrE&google_cver=1

62 B
315 B

740ms
739ms

Image
image/gif

23.36.153.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESECBFxbbbgqRq_kr0i7deYrE&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Server: 23.36.153.35 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-153-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 18 Nov 2022 14:45:00 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESECBFxbbbgqRq_kr0i7deYrE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E9B9 0
339 B 257ms
79ms Image
text/plain 3.90.54.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.54.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-54-105.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: beacon-n005-ash-prod.krxd.net
date: Fri, 18 Nov 2022 14:44:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1668782698
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame E9B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjY4MDczODI5NjY0NDY2NTIzMw
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENExP-rcZ65Bkcx0lrjAErg&google_cver=1&google_ula=1641347,0

35 B
468 B

106ms
106ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENExP-rcZ65Bkcx0lrjAErg&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENExP-rcZ65Bkcx0lrjAErg&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame E9B9
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=8860224511821628764&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=2680738296644665233

43 B
1006 B

113ms
112ms

Image
image/gif

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=2680738296644665233

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

HTTP/1.1

Server

68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:58 GMT
AN-X-Request-Uuid: 41c2a6b4-e3d7-4f13-8534-bd00d259c9b9
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 38.132.118.74; 38.132.118.74; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=2680738296644665233
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame E9B9 0
261 B 112ms
104ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E9B9 42 B
449 B 260ms
77ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 18 Nov 2022 14:44:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame E9B9 43 B
433 B 604ms
293ms Image
image/gif 65.8.66.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.66.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-66-38.yvr50.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 14:44:58 GMT
Via: 1.1 9eb670ab22f529b4585bb36a867ed91c.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: YVR50-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: MMfu3-P1CCGn925papM6cnyptxp7HKXe63-gitaK-1ADwnJh6ZJ2ow==

GET
H/1.1

200

p
a.audrte.com/ Frame E9B9
Redirect Chain

https://a.audrte.com/a?adform_uid=2680738296644665233
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEPyag3c3So8dLWNhQnru_L4&google_cver=1
https://a.audrte.com/p

68 B
424 B

86ms
85ms

Image
image/png

3.223.194.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: HTTP/1.1
Server: 3.223.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-194-189.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 14:44:59 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 18 Nov 2022 14:44:58 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E9B9
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2680738296644665233&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2680738296644665233&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=70630578269762526561605539168187497121&noredirect=1

35 B
468 B

121ms
121ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=70630578269762526561605539168187497121&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-va6-2-v044-06b02935a.edge-va6.demdex.com 8 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: B3vtxL4SQ08=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=70630578269762526561605539168187497121&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E9B9
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2680738296644665233
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=209450804339004018227

35 B
468 B

105ms
105ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=209450804339004018227

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
via: 1.1 9c335c5f85533b11cbfd38dc7cc60c16.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: YVR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=209450804339004018227
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: KUMAIFpN_-R5GiOQThH9_j2UZWPmFOyhKfxgPhdUdmnhXNLyqwfUcw==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E9B9
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7167367116339083417

35 B
468 B

100ms
100ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7167367116339083417

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7167367116339083417
Date: Fri, 18 Nov 2022 14:44:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame E9B9 62 B
438 B 634ms
633ms Image
image/gif 23.36.153.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.153.35 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-153-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 18 Nov 2022 14:44:59 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E9B9
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=64686377-9a69-4000-8b0c-78c0707c2194

35 B
468 B

105ms
105ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=64686377-9a69-4000-8b0c-78c0707c2194

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Fri, 18 Nov 2022 14:44:58 GMT
Server: MT3 169 32252b7 master iad-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=64686377-9a69-4000-8b0c-78c0707c2194
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Fri, 18 Nov 2022 14:44:57 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E9B9
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=0pwmYQ021OW2BZ5

35 B
468 B

119ms
107ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=0pwmYQ021OW2BZ5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0714d3d0e2d344b74@us-east-1e@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=0pwmYQ021OW2BZ5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E9B9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=ad15f4db-83ec-4c65-a401-e5239affa47d

35 B
468 B

263ms
115ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=ad15f4db-83ec-4c65-a401-e5239affa47d

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=ad15f4db-83ec-4c65-a401-e5239affa47d
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 225

GET
H/1.1

200
OK

image.sbmx
ib.mookie1.com/ Frame E9B9
Redirect Chain

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2680738296644665233
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=2680738296644665233

0
421 B

530ms
128ms

Image
image/png

64.58.232.177
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: HTTP/1.1
Server: 64.58.232.177 Dallas, United States, ASN13649 (ASN-VINS, US),
Reverse DNS: be31-199.crrt01.las04.flexential.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:44:59 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: no-cache
X-Server: LAS10
Content-Length: 0
Expires: -1

Redirect headers

Date: Fri, 18 Nov 2022 14:44:58 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbmx?go=302927&pid=567&xid=2680738296644665233
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: NY01
Content-Length: 204

GET
H/1.1

200

3.gif
id5-sync.com/c/10/2/0/ Frame E9B9
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=2680738296644665233
https://id5-sync.com/c/10/10/2/1.gif?puid=2680738296644665233&gdpr=0&gdpr_consent=&us_privacy=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO7e6ID7Xai9ZQ5KkgVZwNxRJ2dKHM6zZpADp5Pw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/1/2.gif?puid=23536612-36f8-4cca-ab7e-1bd0e8292e10&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/0/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/0/3.gif?puid=8860224511821628764&gdpr=0&gdpr_consent=

43 B
1 KB

173ms
172ms

Image
image/gif

141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/10/2/0/3.gif?puid=8860224511821628764&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

HTTP/1.1

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 18 Nov 2022 14:45:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 14:45:00 GMT
AN-X-Request-Uuid: a196a968-5c72-4506-bf73-08e9b2cfb6fd
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://id5-sync.com/c/10/2/0/3.gif?puid=8860224511821628764&gdpr=0&gdpr_consent=
Connection: keep-alive
X-Proxy-Origin: 38.132.118.74; 38.132.118.74; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E9B9
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=249171371
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=ufd4Y4YAQ//s8L4jc5Nzge

35 B
468 B

98ms
98ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=ufd4Y4YAQ//s8L4jc5Nzge

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:58 GMT
via: 1.1 google
last-modified: Fri, 18 Nov 2022 14:44:59 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=ufd4Y4YAQ//s8L4jc5Nzge
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E9B9 23 B
287 B 392ms
103ms Image
image/gif 104.118.9.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.118.9.133 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-118-9-133.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Fri, 18 Nov 2022 14:44:59 GMT
pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame E9B9
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2680738296644665233
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2680738296644665233&cs=1

35 B
378 B

189ms
188ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2680738296644665233&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 18 Nov 2022 14:44:59 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2680738296644665233&cs=1
date: Fri, 18 Nov 2022 14:44:59 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame E9B9
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2680738296644665233
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2680738296644665233&cookieCheck=1
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=f0bbaa23

43 B
421 B

54ms
53ms

Image
image/gif

199.187.193.192
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=f0bbaa23
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: HTTP/1.1
Server: 199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date: Fri, 18 Nov 2022 14:44:59 GMT
via: 1.1 c4e77f714a7aade06aaed8bdc8b66fca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YVR50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=f0bbaa23
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: D-DTYVPBQwm3ttX4qkVKMYkr5hgh4n7E-ZOEjlWGiq9DeB5EuuqTCA==

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E9B9
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2680738296644665233&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2680738296644665233&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5217731b-986a-44d0-8917-5e19ea99bf55%252Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ad15f4db-83ec-4c65-a401-e5239affa47d&ttd_puid=5217731b-986a-44d0-8917-5e19ea99bf55%2Chttps%3A%2F%2Fc1.adform.net%2Fservin...
https://c1.adform.net/serving/cookie/match?party=2007&cid=5217731b-986a-44d0-8917-5e19ea99bf55

35 B
468 B

94ms
94ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=5217731b-986a-44d0-8917-5e19ea99bf55

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Fri, 18 Nov 2022 14:44:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=5217731b-986a-44d0-8917-5e19ea99bf55
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 2680738296644665233
match.contentexchange.me/adform/ Frame E9B9 0
49 B 579ms
187ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/2680738296644665233?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:45:00 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame E9B9 43 B
109 B 304ms
122ms Image
image/gif 34.204.34.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.34.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-34-148.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:59 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame E9B9
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=2680738296644665233&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2680738296644665233&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
355 B

104ms
104ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2680738296644665233&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 18 Nov 2022 14:45:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=2680738296644665233&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Fri, 18 Nov 2022 14:45:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 put
e1.emxdgt.com/ Frame E9B9 43 B
120 B 332ms
81ms Image
image/gif 18.214.193.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=2680738296644665233
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-193-123.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:59 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2 200 plf
c1.adform.net/imatch/ Frame E9B9 0
261 B 109ms
105ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2680738296644665233&agencyId=6276&advertiserId=2088640&src=tp&rnd=898377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 serving Show response
s.getsmartcontent.com/ 352 B
772 B 362ms
177ms Script
application/javascript 54.236.238.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.getsmartcontent.com/serving?tm=1668782697&rv=c43ecc04-a4d2-49e6-a813-0be3901888b5&i=vwsi4a7snrymt9c1cuupck4g5dkncfrq&loc=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19%26hotel%3D34600%26level%3Dhotel%26locale%3Den-US%26promo%3DPROVAT%26rooms%3D1%26utm_campaign%3Dintroducing_hotel_viata%26utm_medium%3Demail%26utm_source%3Dcendyn&w=2H1GV9VR&c=&v=1668782697.1668782697.1668782697.1&s=vwsi4a7snrymt9c1cuupck4g5dkncfrq.1668782697&d=1600%2C1200&ab=&r=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&m.eg=&lvc=&lvcr=&dl=%7B%7D

Requested by

Host: cdn.getsmartcontent.com
URL: https://cdn.getsmartcontent.com/2H1GV9VR.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.238.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-238-142.compute-1.amazonaws.com

Software

Resource Hash

cc399ae30feb0cffbfcda5b2935751cb802f98d73b2e6475afd1903f9256d9df

Security Headers

Name	Value
Content-Security-Policy	default-src '*'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:44:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: unsafe-url
x-content-type-options: nosniff
content-security-policy: default-src '*'
content-type: application/javascript
cache-control: max-age=0, must-revalidate, no-cache=Set-Cookie, private
x-xss-protection: 1; mode=block
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame A283 713 B
1 KB 256ms
130ms Document
text/html 104.77.9.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=64686377-9a69-4000-8b0c-78c0707c2194&no_iframe=1&mt_adid=205745&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1535407&mt_adid=205745&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.77.9.10 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-9-10.deploy.static.akamaitechnologies.com
Software: MT3 169 32252b7 master iad-pixel-x19 config:1.0.0 /
Resource Hash: 8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

Request headers

Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 713
Content-Type: text/html
Date: Fri, 18 Nov 2022 14:44:57 GMT
Expires: Fri, 18 Nov 2022 14:44:56 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 169 32252b7 master iad-pixel-x19 config:1.0.0

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 48DD 0
480 B 125ms
123ms Image
image/gif 104.77.9.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2297146&lid=89292847&ctype=0&media=0&PageName=Retargeting&rnd=1315326959&cpref=https%3a%2f%2fbe.synxis.com%2f%3fHotel%3d34600%26Chain%3d15889%26promo%3dPROVAT%26utm_source%3dcendyn%26utm_medium%3demail%26utm_campaign%3dintroducing_hotel_viata&loc=https%3a%2f%2fbe.synxis.com%2f%3fadult%3d1%26arrive%3d2022-11-18%26chain%3d15889%26child%3d0%26currency%3dUSD%26depart%3d2022-11-19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.77.9.10 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-9-10.deploy.static.akamaitechnologies.com
Software: MT3 169 32252b7 master iad-pixel-x22 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 14:44:57 GMT
Server: MT3 169 32252b7 master iad-pixel-x22 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Fri, 18 Nov 2022 14:44:56 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame A283 0
480 B 112ms
112ms Image
image/gif 104.77.9.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=64686377-9a69-4000-8b0c-78c0707c2194&no_iframe=1&mt_adid=205745&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.77.9.10 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-9-10.deploy.static.akamaitechnologies.com
Software: MT3 169 32252b7 master iad-pixel-x28 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=64686377-9a69-4000-8b0c-78c0707c2194&no_iframe=1&mt_adid=205745&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 14:44:57 GMT
Server: MT3 169 32252b7 master iad-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Fri, 18 Nov 2022 14:44:56 GMT

GET
H2 200 c3373f4d.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 150 KB
41 KB 62ms
62ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/c3373f4d.min.js?h=3a14286c

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/loader.js?property_id=1027586&account_key=7CB5E1BFAB748019CEFBEECD7D4FAA57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

30015b33954b77a23fe2f0777a3ce7a92a93c62a8a982dd30bd8c570ec18b8da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
Origin: https://be.synxis.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 18 Nov 2022 13:41:39 GMT
x-cdn: Imperva
etag: W/"63778b93-25997"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 12-81040379-0 0CNN RT(1668782696141 1393) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 41681

GET
H2 200 ec6c1c5195eb457d8b2cba6b15191d30.min.js Show response
js.sentry-cdn.com// 2 KB
1 KB 258ms
85ms Script
text/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com//ec6c1c5195eb457d8b2cba6b15191d30.min.js

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=3a14286c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7001af9c7a0179ce7606b6aee1bfdd367d506e65e656656893d9af0893aa1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 20
x-envoy-upstream-service-time: 14
content-length: 1017
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-558cb9db-prn69, cache-mia11337-MIA
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: https://sentry.io

GET
H2 200 8c365a89.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 42 KB
14 KB 59ms
59ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/8c365a89.min.js?h=3a14286c

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/loader.js?property_id=1027586&account_key=7CB5E1BFAB748019CEFBEECD7D4FAA57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b5d5768095be0afe295f0dce46561ab913380154272c2497820ccf2037189fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
Origin: https://be.synxis.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 18 Nov 2022 13:41:39 GMT
x-cdn: Imperva
etag: W/"63778b93-a714"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 12-81040379-0 0CNN RT(1668782696141 1496) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 13749

POST
H2 200 add_widget_url_history Show response
www.thehotelsnetwork.com/ 12 B
202 B 177ms
177ms Fetch
application/json 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/add_widget_url_history

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=3a14286c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a627cdef47d90beb8922c69653ebe40592d9af103fb4e925c2dee8bc0615f83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Nov 2022 14:44:58 GMT
content-encoding: gzip
via: 1.1 3088559317e5c464292d9249b963bdb8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: MIA3-C4
x-cache: Miss from cloudfront
x-iinfo: 12-81040108-81040117 PNNN RT(1668782694810 2834) q(0 0 0 -1) r(1 1) U6
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: 5q8F7_O5AMINFgcyrugZYfkgC-H9vp2KX1ZBhdJPos4bSsiB0eGzGg==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
17 B 176ms
87ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4095199520595711&ev=Microdata&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19%26hotel%3D34600%26level%3Dhotel%26locale%3Den-US%26promo%3DPROVAT%26rooms%3D1%26utm_campaign%3Dintroducing_hotel_viata%26utm_medium%3Demail%26utm_source%3Dcendyn&rl=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&if=false&ts=1668782698404&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hotel%20Viata%20-%20Reservations%20-%20Room%20Availability%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668782696704.232651074&it=1668782696246&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 18 Nov 2022 14:44:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 159ms
88ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3016701741910816&ev=Microdata&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19%26hotel%3D34600%26level%3Dhotel%26locale%3Den-US%26promo%3DPROVAT%26rooms%3D1%26utm_campaign%3Dintroducing_hotel_viata%26utm_medium%3Demail%26utm_source%3Dcendyn&rl=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&if=false&ts=1668782698422&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hotel%20Viata%20-%20Reservations%20-%20Room%20Availability%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668782696704.232651074&it=1668782696246&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 18 Nov 2022 14:44:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 aef08f56.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 33 KB
14 KB 62ms
62ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/aef08f56.min.js?h=3a14286c

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/loader.js?property_id=1027586&account_key=7CB5E1BFAB748019CEFBEECD7D4FAA57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4f032bc322fb2027489cf64bef66efc96b1b8a8a744e7bd41e3107c861825d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
Origin: https://be.synxis.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:44:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 18 Nov 2022 13:41:39 GMT
x-cdn: Imperva
etag: W/"63778b93-84c9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 12-81040379-0 0CNN RT(1668782696141 2574) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 14414

POST
H2 200 init Show response
www.thehotelsnetwork.com/agent/ 592 B
809 B 197ms
196ms Fetch
application/json 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/agent/init

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=3a14286c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

94ec3f3a8f523d3eededa3fb16146492f9255434fa90a5bbf9bbd03f6c88f876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Nov 2022 14:44:59 GMT
via: 1.1 3088559317e5c464292d9249b963bdb8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: MIA3-C4
vary: Origin
x-cache: Miss from cloudfront
x-forwarded-for: 38.132.118.74, 198.143.41.12
access-control-allow-origin: https://be.synxis.com
x-iinfo: 12-81040108-81040117 PNNN RT(1668782694810 4123) q(0 0 0 -1) r(1 1) U6
content-type: application/json
access-control-allow-credentials: true
content-length: 592
x-amz-cf-id: wQPblLv9sxqajzKGmUU4pPU9STEasEYizImj0IkHWI3m-ZnAJj046Q==

POST
H2 200 get-visitor-data Show response
www.thehotelsnetwork.com/agent/ 1 KB
2 KB 251ms
250ms Fetch
application/json 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/agent/get-visitor-data

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=3a14286c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b49a57ff6562561fe67779c27fff83d5636c81dc9ce8bcf9539106e7ecd03745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Nov 2022 14:44:59 GMT
via: 1.1 3088559317e5c464292d9249b963bdb8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: MIA3-C4
vary: Origin
x-cache: Miss from cloudfront
x-forwarded-for: 38.132.118.74, 198.143.41.12
access-control-allow-origin: https://be.synxis.com
x-iinfo: 12-81040108-81040117 PNNN RT(1668782694810 4334) q(0 0 0 -1) r(2 2) U6
content-type: application/json
access-control-allow-credentials: true
content-length: 1528
x-amz-cf-id: CXn_6mTv5Rtq_jCB8C_W8ZT7K6RYnSbpCQs5fV38rZ9QeTIw4GJ6yg==

POST
H2 200 get_widget_fingerprint_tools Show response
www.thehotelsnetwork.com/ 153 B
280 B 297ms
296ms Fetch
application/json 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/get_widget_fingerprint_tools

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=3a14286c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

dc94b14750ba3de0ceb27e2f07d1a71ef8f6b65d9c78837ef9629857cbbd8b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Nov 2022 14:45:00 GMT
content-encoding: gzip
via: 1.1 3088559317e5c464292d9249b963bdb8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: MIA3-C4
x-cache: Miss from cloudfront
x-iinfo: 12-81040108-81040117 PNNN RT(1668782694810 4584) q(0 0 0 -1) r(3 3) U6
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: _UUcj8zpZ3kH27WOfC7llRJ2uVWTCXIDOrz4fwjEqTCnpCohVVhsnQ==
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 add_widget_visit_origin Show response
www.thehotelsnetwork.com/ 27 B
273 B 232ms
232ms Fetch
application/json 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/add_widget_visit_origin

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=3a14286c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

26cb7e39ae78b879778bcbe0b34a8b9ae08ff9ac16d16d35756ce4f93a78e0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Nov 2022 14:45:00 GMT
content-encoding: gzip
via: 1.1 eca8616127916fa339e7718294322b64.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: MIA3-C4
x-cache: Miss from cloudfront
x-iinfo: 12-81040108-81040960 NNNN CT(9 4 0) RT(1668782694810 4593) q(0 0 0 -1) r(0 1) U6
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: 6Jibkg35nb62vzBIYl4s8lKRBY1Q0Ck1dBFlgHsC_k1GYnulQ1dmjA==
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 add_visit Show response
www.thehotelsnetwork.com/ 90 B
304 B 268ms
267ms Fetch
application/json 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/add_visit

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=3a14286c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

29b3f2a874131011799cd118f21c489ebed8cdfc2534e879e5b2da295eaa41ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Nov 2022 14:45:00 GMT
content-encoding: gzip
via: 1.1 9d78bfeceb5ddd054cda62982dfd5468.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: MIA3-C4
x-cache: Miss from cloudfront
x-iinfo: 12-81040108-81040964 NNNN CT(0 3 0) RT(1668782694810 4609) q(0 0 0 -1) r(0 2) U6
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: eWDwRTkjI3Qp8TbdXhMlq0ZzRzP3NYQy61OoSbNLXZ0Uqjw50kfLVw==
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 events Show response
be.synxis.com/gw/v1/log/ 91 B
585 B 246ms
245ms Fetch
application/json 45.60.44.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/v1/log/events

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.44.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

4dfac3843ca30a2161fad324096ab4790d37d21ee44dc59d6b4e0dcaa64651f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

content-encoding: gzip
x-cdn: Imperva
accept-language: en-US,en;q=0.9
x-iinfo: 17-42504739-42505429 PNNN RT(1668782692686 7974) q(0 0 0 -1) r(2 2) U6
cdn-loop: IncapCDN; id="1704_1215874"
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-63779a6c-12f818d12a2a1c0a1b65ff1c
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache
referer: https://be.synxis.com/?adult=1&arrive=2022-11-18&chain=15889&child=0&currency=USD&depart=2022-11-19&hotel=34600&level=hotel&locale=en-US&promo=PROVAT&rooms=1&utm_campaign=introducing_hotel_viata&utm_medium=email&utm_source=cendyn
sec-fetch-mode: cors
date: Fri, 18 Nov 2022 14:45:00 GMT
message-id: sc8xr8v4l
origin: https://be.synxis.com
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 google
x-real-ip: 10.123.77.110
x-forwarded-for: 38.132.118.74, 198.143.41.46, 10.123.77.110,10.30.3.24,10.30.0.237
x-forwarded-proto: https
content-length: 53
true-client-ip: 38.132.118.74
incap-proxy-1704: OK
server: nginx
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: 1kl7mskef
x-forwarded-port: 443
app-env: p1

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 153ms
53ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-S88L4NG5L2&gtm=2oeb90&_p=1949089859&cid=904011730.1668782696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2022-11-18%26chain%3D15889%26child%3D0%26currency%3DUSD%26depart%3D2022-11-19%26hotel%3D34600%26level%3Dhotel%26locale%3Den-US%26promo%3DPROVAT%26rooms%3D1%26utm_campaign%3Dintroducing_hotel_viata%26utm_medium%3Demail%26utm_source%3Dcendyn&dr=https%3A%2F%2Fbe.synxis.com%2F%3FHotel%3D34600%26Chain%3D15889%26promo%3DPROVAT%26utm_source%3Dcendyn%26utm_medium%3Demail%26utm_campaign%3Dintroducing_hotel_viata&sid=1668782695&sct=1&seg=1&dt=Hotel%20Viata%20-%20Reservations%20-%20Room%20Availability&en=page_view&_et=1225
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S88L4NG5L2&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 14:45:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: be.synxis.com
URL: https://be.synxis.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A65%2Cr%3A837)

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2680738296644665233&sInitiator=external

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

120 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thehotelsnetwork.com/widget/core/latest/hub	1970-01-20 16:18:38	Name: thn_id Value: TFE3Oj84NkNBQzo/RVFpUWgyZzVmZDZhZTNoNGZfZzM3ZmA2MmNhMjZhYjJmMmYzUVtRRUA8Nj9RaVE2Snk5M3Y0On46eXgmS3hgfTp4RHg/I2Q0cnhleDxBKSdyeWhdNkp5OSo/fTcqYUlFKWJ9OzJ1aGErKXg6fjp4SXs7cEZ8cnhEeD51OjRgaEs1KHk3NXc9SCskeGV4PytBNGE9XzNieDp7cnk5NSgiOn49RDoqKHlLeD1fRHg+PUs0SnhleD0jeCU6eER4PkFfMiR4ZXg7cEkjX0BgJEsrdH10fGInPXxfJT09fSY7dSl+czkpIycjKng6SDo0Yic6eDtAOnxzdXckOyd7fTwiS30neX0nOzl1Jl9Bd34mdGAjJ3xfIktwOjciXT17fVwkRTthdiUzfXEyRyQjdnBAe2FiZUl+XHVHJ3E1NiZmZkN5Mz52Ml9RTg==
.synxis.com/	1970-01-20 16:18:08	Name: visid_incap_1215874 Value: maOHDiULT7+YQGMXat6whmSad2MAAAAAQUIPAAAAAABcvd9dfVqspVVHDSdfaJuY
.synxis.com/	1969-12-31 23:59:59	Name: incap_ses_1704_1215874 Value: tIhoXGOC93Kgi7RvBNOlF2Sad2MAAAAAjYjJA6z0rmWRL4f9diQ5fA==
be.synxis.com/	1969-12-31 23:59:59	Name: sessionID Value: qEKKGamzBRJqsbSVGCrOdkE8
.synxis.com/	1969-12-31 23:59:59	Name: nlbi_1215874 Value: zIhaHcm0WlsGc1uwrJ/xDgAAAAB26B8+xuGBqV6p8dodSDzj
.synxis.com/	1969-12-31 23:59:59	Name: apisession Value: MDAxMjF-MVFtTTkvbVl5KzJhN0NNRXlFTUxmcVhmcTBEK2RBRHVseUdUbjJYa1ViSXNPeDFZL3l6ZzQ3aFV6aklmZEJXTDlDRDhPRys3NjlZV3o0QXBDdjZianFCV3RLcWUrbWVNU0paaXdRL3AvOUtwek5xMkd0aFdDR2dQZCt4ZlFsTWIxck5Qa2VTbklwSnJ0WFBXYlpwSnl2M3BSREM1ZDV0QS9MRVBiQUh2cEh1K3NkaDlzbFp1Z0ZVOHFYSGJib3E0MWdOYWh5Z2VWck1TVTdMZWRHNkhQM2Zhd3ZTUzgzdHgvVG9reDhweHZxT1hCbDZNbXB6SUEwSXZnY05sTE93c0JqZkFHK0FLZnpLN2dVaVAyZk1XVlpONGlpd3N1RFIzcWV6YTJQQVBsZmd1TVRDdGo3VlNGRUh4WGQyRzc3VjY
.synxis.com/	1970-01-20 09:42:38	Name: _gcl_au Value: 1.1.1285635382.1668782695
.bing.com/	1970-01-20 16:54:38	Name: MUID Value: 276D1532D7966C3C17F50752D6066D80
.bat.bing.com/	1970-01-20 07:43:07	Name: MR Value: 0
.synxis.com/	1970-01-20 07:34:29	Name: _uetsid Value: 913d4fe0674f11ed82ed6302bbff259d
.synxis.com/	1970-01-20 16:54:38	Name: _uetvid Value: 913d8460674f11edb82ed702c3ae7a49
www.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: __thn_ss Value: 88a94ae86d7c4fb45aaa7a413baf6371
.thehotelsnetwork.com/	1970-01-20 16:18:08	Name: visid_incap_2454396 Value: FHT4xMIJTl6UnpUeFe8a4maad2MAAAAAQUIPAAAAAADRoLRbQ41hHEv5BjedrAO+
.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: nlbi_2454396 Value: 7BPWfZWFw2emJJ585i1CcAAAAABtXPpA294/7x++GRZ4hzaG
.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: incap_ses_989_2454396 Value: tLlCDtdG824yPTzOGKO5DWaad2MAAAAACFRX73rbEtfvK9+/EMRVpw==
.adnxs.com/	1970-01-20 09:42:38	Name: uuid2 Value: 8860224511821628764
.adsrvr.org/	1970-01-20 16:18:38	Name: TDID Value: ad15f4db-83ec-4c65-a401-e5239affa47d
ciqtracking.com/	1970-01-20 17:09:02	Name: kwsu Value: 63779a67b9334a2eb0b40728
.synxis.com/	1970-01-20 17:09:02	Name: _ga Value: GA1.2.904011730.1668782696
.synxis.com/	1970-01-20 07:34:29	Name: _gid Value: GA1.2.1268493091.1668782696
.synxis.com/	1970-01-20 07:33:02	Name: _gat_UA-53063639-1 Value: 1
.sojern.com/	1970-01-20 16:18:38	Name: cid Value: bffc0206-c551-7176-26d7-6041673f1c01#1668729600000
.sojern.com/	1970-01-20 08:16:14	Name: ttdid Value: ad15f4db-83ec-4c65-a401-e5239affa47d
.sojern.com/	1970-01-20 09:42:38	Name: apnid Value: 8860224511821628764
.doubleclick.net/	1970-01-20 17:09:02	Name: IDE Value: AHWqTUnNtgVXAlO70ipTZkgbvtoyJBJ59Svcg5XCF0MjkOLS64Ryld9lnc4t4zixQcs
.acuityplatform.com/	1970-01-20 16:18:38	Name: auid Value: 710389594585
.sojern.com/	1970-01-20 16:18:38	Name: gid Value: CAESEOG28KmFGow2bgMU7C0A9ik
.synxis.com/	1970-01-20 09:42:38	Name: _fbp Value: fb.1.1668782696704.232651074
.adform.net/	1970-01-20 08:16:14	Name: C Value: 1
.synxis.com/	1970-01-20 17:09:02	Name: _ga_S88L4NG5L2 Value: GS1.1.1668782695.1.1.1668782696.59.0.0
.be.synxis.com/	1970-01-20 16:18:38	Name: _pin_unauth Value: dWlkPVlXSTNNalJrTXpRdE56UTNZUzAwTUdVM0xXSmlOamt0WldWaE1qWTFOekZpWm1RMA
.adform.net/	1970-01-20 08:59:26	Name: uid Value: 2680738296644665233
.adform.net/	1970-01-20 07:34:29	Name: CM Value: 1\|1
.ct.pinterest.com/	1970-01-20 16:18:38	Name: _pinterest_ct_ua Value: "TWc9PSZGWlE3WWE2V1R1T3k2UjJwcjVCK3N1TGppcXc0eGZIZ0RWVW9KYklWZjdsL3lHeERoVGdkd0NSbEdLYU5QYWM4OE9YWjlVWE05aFJsakxOOE5LTUZrejNlSnVJR0hqYmJ6OWxydEd5cGZFaz0mVVZHNVJ5NE9JTHE1ZlhuRmxkNzhvWk1JL3N3PQ=="
.adform.net/	1970-01-20 07:53:12	Name: CM14 Value: 1668869097_1668782697_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.seadform.net/	1970-01-20 08:59:26	Name: uid Value: 2680738296644665233
.mathtag.com/	1970-01-20 16:58:57	Name: uuid Value: 64686377-9a69-4000-8b0c-78c0707c2194
be.synxis.com/	1969-12-31 23:59:59	Name: gscs Value: 1668782697.1668782697.1668782697
be.synxis.com/	1970-01-20 17:09:02	Name: gscv Value: 1668782697.1668782697.1668782697.1
be.synxis.com/	1970-01-20 17:09:02	Name: gsci Value: vwsi4a7snrymt9c1cuupck4g5dkncfrq
.mathtag.com/	1970-01-20 08:16:14	Name: mt_misc Value: mt_bt:1
.360yield.com/	1970-01-20 09:42:38	Name: tuuid Value: 23536612-36f8-4cca-ab7e-1bd0e8292e10
.360yield.com/	1970-01-20 09:42:38	Name: tuuid_lu Value: 1668782697
.yahoo.com/	1970-01-20 16:19:00	Name: A3 Value: d=AQABBGmad2MCEG31rco1GRQqGHlNMSlHH9YFEgEBAQHreGOBYwAAAAAA_eMAAA&S=AQAAAlxrvyoitmdEi9_zzbVaG7E
.smartadserver.com/	1970-01-20 17:01:50	Name: pid Value: 3550745198812263425
.smartadserver.com/	1970-01-20 17:01:50	Name: TestIfCookieP Value: ok
s.getsmartcontent.com/	1970-01-20 17:09:02	Name: gsci Value: vwsi4a7snrymt9c1cuupck4g5dkncfrq
.bidswitch.net/	1970-01-20 16:18:38	Name: tuuid Value: 460e10d6-713b-4b44-8f9c-e630ffca875b
.bidswitch.net/	1970-01-20 16:18:38	Name: c Value: 1668782697
.bidswitch.net/	1970-01-20 16:18:38	Name: tuuid_lu Value: 1668782697
.rubiconproject.com/	1970-01-20 16:18:38	Name: khaos Value: LAMM4QI6-19-CWDB
.rubiconproject.com/	1970-01-20 16:18:38	Name: audit Value: 1\|GZe2jgZ81RQoI4lSSKluugNftqI9wB0DfTbJQNxeEGGbz16xSA9sXTbkemwsRsjN0N/RWIWhszjyUhTWCqUS/I+whRf0v/l/M/BoYBPQIHDy4CpL/oYwx6LBfNfPAYAffY0V14FIbwNDA6MeUnKE5KZr5ZVxLWDe
.analytics.yahoo.com/	1970-01-20 16:18:38	Name: IDSYNC Value: 1760~28d2
.casalemedia.com/	1970-01-20 16:18:38	Name: CMID Value: Y3eaaQ8eWu4yvV.u-9OS3gAA
.casalemedia.com/	1970-01-20 09:42:38	Name: CMPS Value: 1309
.casalemedia.com/	1970-01-20 09:42:38	Name: CMPRO Value: 1309
.yieldlab.net/	1970-01-20 16:18:38	Name: id Value: 15a752f8-d079-49fd-bebe-17765486cd4b
.adscale.de/	1970-01-20 16:15:18	Name: uu Value: 80428e1b49e8406aba9e607d6edc7e3f
.adscale.de/	1970-01-20 16:15:18	Name: cct Value: 1668782697919
.eyeota.net/	1970-01-20 16:18:38	Name: mako_uid Value: 1848b332e3f-603e0000010a5562
.eyeota.net/	1970-01-20 07:33:03	Name: SERVERID Value: 21858~DM
.ih.adscale.de/	1970-01-20 16:15:18	Name: tu Value: 4#1279485177#42~2680738296644665233~463550~0~0
.crwdcntrl.net/	1970-01-20 14:01:48	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 14:01:48	Name: _cc_id Value: 7842a832fa5590f7db407fe37e6cd29e
.rlcdn.com/	1970-01-20 16:18:38	Name: rlas3 Value: P0S4+JtH2LFlyh2cC/0aVaMr4Jyb0Td/wCVrj72gL6Q=
.rlcdn.com/	1970-01-20 08:59:26	Name: pxrc Value: COq03psGEgUI6AcQABIFCOhHEAA=
.openx.net/	1970-01-20 16:18:38	Name: i Value: 6fb7f976-9adb-4ae9-b0f0-84e8a6cd03d2\|1668782698
.live.streamtheworld.com/	1970-01-20 07:43:07	Name: idsync-bsw-uid-s Value: 460e10d6-713b-4b44-8f9c-e630ffca875b
.krxd.net/	1970-01-20 11:52:14	Name: _kuid_ Value: PNNPhGNu
.pubmatic.com/	1970-01-20 08:16:14	Name: KRTBCOOKIE_391 Value: 22924-2680738296644665233&KRTB&23263-2680738296644665233
.pubmatic.com/	1970-01-20 08:16:14	Name: PugT Value: 1668782698
.pippio.com/	1970-01-20 16:18:38	Name: did Value: t2CXZbSUVCRLp8D0
.pippio.com/	1970-01-20 16:18:38	Name: didts Value: 1668782698
.pippio.com/	1970-01-20 08:59:26	Name: nnls Value:
.pippio.com/	1970-01-20 08:59:26	Name: pxrc Value: COq03psGEgYIgr0rEAA=
.ads.stickyadstv.com/	1970-01-20 08:59:26	Name: uid-bp-617 Value: 2680738296644665233
.ads.stickyadstv.com/	1970-01-20 08:16:14	Name: UID Value: aaff1258192f2fcc56de710c2a0ecd0
.adnxs.com/	1970-01-20 09:42:38	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2E?^oiyo'!]tbG8i_imf$9G=A^A/04GJ?.DlfQW4Kb`]4KdwWDv4)pBSOfNTD._*PlZ[C[-kX-HNl)O
.onaudience.com/	1970-01-20 16:18:38	Name: cookie Value: 770940a8958129f1
.onaudience.com/	1970-01-20 07:34:29	Name: done_redirects147 Value: 1
.audrte.com/	1970-01-20 07:54:38	Name: arcki2 Value: c0hsoVHwyKBR6ed8130kjdXGA!20220908!1668782698762!ip#38.132.118.74
.audrte.com/	1970-01-20 07:54:38	Name: arcki2_adform Value: 2680738296644665233!20220908!1668782698766
.linkedin.com/	1970-01-20 09:42:38	Name: li_sugr Value: 968fb075-9ae1-47a3-9666-886de10996df
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:18:38	Name: bcookie Value: "v=2&a54092fb-8d91-4fef-85f9-ee5337ea410e"
.linkedin.com/	1970-01-20 07:34:29	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2762:u=1:x=1:i=1668782698:t=1668869098:v=2:sig=AQGKvrYm0dbz68FVkJK0Jl4jRCKtozxH"
.demdex.net/	1970-01-20 11:52:14	Name: demdex Value: 70630578269762526561605539168187497121
.onaudience.com/	1970-01-20 07:34:29	Name: done_redirects109 Value: 1
.audrte.com/	1970-01-20 07:54:38	Name: arcki2_ddp Value: CAESEPyag3c3So8dLWNhQnru_L4!20220908!1668782698958
.dpm.demdex.net/	1970-01-20 11:52:14	Name: dpm Value: 70630578269762526561605539168187497121
.agkn.com/	1970-01-20 16:18:38	Name: ab Value: 0001%3AKbvzzn%2BzozKbOy8RfGI83EnYuYYc9jo8
.adsymptotic.com/	1970-01-20 09:42:38	Name: U Value: 6c1254ee765d7a5b2aa5934c87d9dc7a
.adfarm1.adition.com/	1970-01-20 09:42:38	Name: UserID1 Value: 7167367116339083417
.bluekai.com/	1970-01-20 11:53:41	Name: bku Value: /Ux99s3S5t1GZYxN
.w55c.net/	1970-01-20 17:01:50	Name: wfivefivec Value: 0pwmYQ021OW2BZ5
.w55c.net/	1970-01-20 08:16:14	Name: matchadform Value: 5
.weborama.fr/	1970-01-20 16:58:57	Name: AFFICHE_W Value: XGRv88wXRcRc75
.teads.tv/	1970-01-20 16:17:12	Name: tt_viewer Value: 30b16ece-fd1a-4075-980c-e5b8e94c4cd6
.id5-sync.com/	1970-01-20 07:33:03	Name: cf Value:
.id5-sync.com/	1970-01-20 07:33:03	Name: cip Value:
.id5-sync.com/	1970-01-20 07:33:03	Name: cnac Value:
.id5-sync.com/	1970-01-20 07:33:03	Name: car Value:
.id5-sync.com/	1970-01-20 07:33:03	Name: gdpr Value:
.id5-sync.com/	1970-01-20 07:33:03	Name: callback Value:
.tapad.com/	1970-01-20 08:59:26	Name: TapAd_TS Value: 1668782699619
.tapad.com/	1970-01-20 08:59:26	Name: TapAd_DID Value: 5217731b-986a-44d0-8917-5e19ea99bf55
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bcc550nafmaxjwbp4zufmrrp
.smaato.net/	1970-01-20 08:03:17	Name: SCM Value: f0bbaa23
.id5-sync.com/	1970-01-20 09:42:38	Name: id5 Value: 2a09eff3-b62c-4384-8e02-d13eace86f07#1668782699540#2
.smaato.net/	1970-01-20 07:48:09	Name: SCMsas Value: f0bbaa23
.smaato.net/	1970-01-20 07:48:09	Name: SCM1001213 Value: f0bbaa23
.1dmp.io/	1970-01-20 16:18:38	Name: uid Value: 93c2d513-674f-11ed-8677-901b0e934d81
.adsrvr.org/	1970-01-20 16:18:38	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiKr_SEsN-kOxAFGAEgASgCMgsIiqf3scbfpDsQBTgBWgV0YXBhZGAC
.360yield.com/	1970-01-20 09:42:38	Name: um Value: !42,KFqYB0oz.8P1WFRT7WcT.0thWYgTeu6imnPlrk.WrFfu,1669992297!79,qBQxz3LWjI.qMArymjhy0uBqqv51jr1CkBfXD-1aS3ChZIHTKPy4IVCtqDGHS2-6nS-UKVrGqzOxRaev,1676558699
.360yield.com/	1970-01-20 09:42:38	Name: umeh Value: !42,0,1730990697,-1!79,0,1730990699,-1
.smartadserver.com/	1970-01-20 16:18:38	Name: csync Value: 22:2680738296644665233\|133:f0bbaa23
.tapad.com/	1970-01-20 08:59:26	Name: TapAd_3WAY_SYNCS Value: 1!7742
.3lift.com/	1970-01-20 09:42:38	Name: tluid Value: 1486158586929561957374
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: yllw55lxnuygo0enh3asvmrj
.id5-sync.com/	1970-01-20 09:42:38	Name: 3pi Value: 2#1668782700237#2059914101#8860224511821628764\|10#1668782699712#-1177590172#2680738296644665233\|124#1668782699964#1457332754

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://be.synxis.com/?Hotel=34600&Chain=15889&promo=PROVAT&utm_source=cendyn&utm_medium=email&utm_campaign=introducing_hotel_viata(Line 3) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'nonce-AAYTnmf9c0Gi+nGrjow6fQ==' 'unsafe-inline' 'unsafe-eval' 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com https://.thehotelsnetwork.com https://.mathtag.com https://www.thehotelsnetwork.com https://.adform.net https://.getsmartcontent.com s.getsmartcontent.com https://.pinterest.com". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
network	error	URL: https://be.synxis.com/assets/chain/15889/hotel/34600/fileStorage/image/logo.png Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://static.hotjar.com/ Message: Refused to frame 'https://vars.hotjar.com/' because it violates the following Content Security Policy directive: "default-src 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com https://.thehotelsnetwork.com https://.mathtag.com https://www.thehotelsnetwork.com https://.adform.net https://.getsmartcontent.com s.getsmartcontent.com https://.pinterest.com". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://script.hotjar.com/modules.55241fd65a1af5a1837b.js(Line 1) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://vars.hotjar.com') does not match the recipient window's origin ('null').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6442125.fls.doubleclick.net
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
ads.stickyadstv.com
adservice.google.com
analytics.google.com
api.adrtx.net
bat.bing.com
be.synxis.com
beacon.krxd.net
beacon.sojern.com
bpi.rtactivate.com
c1.adform.net
cdn.getsmartcontent.com
ciqtracking.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.acuityplatform.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fcmatch.google.com
fcmatch.youtube.com
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
ib.mookie1.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js.sentry-cdn.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
origin.acuityplatform.com
p.adsymptotic.com
pdw-adf.userreport.com
pippio.com
pixel.mathtag.com
pixel.onaudience.com
pixel.sojern.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s.getsmartcontent.com
s.pinimg.com
s2.adform.net
s3-eu-west-1.amazonaws.com
script.hotjar.com
secure.adnxs.com
services-p1.synxis.com
simage2.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
u19297077.ct.sendgrid.net
uipglob.semasio.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.thehotelsnetwork.com
x.bidswitch.net
yield-op-idsync.live.streamtheworld.com
be.synxis.com
uipglob.semasio.net
104.118.9.133
104.18.102.194
104.64.65.49
104.64.77.76
104.77.9.10
107.178.244.119
107.178.246.49
107.178.254.65
141.94.171.216
141.95.98.65
151.139.237.219
167.89.123.122
172.253.112.148
173.194.209.148
173.194.209.156
18.194.192.141
18.214.193.123
185.167.164.37
185.167.164.42
185.167.164.46
185.167.164.49
192.173.28.19
192.40.39.223
199.187.193.192
2001:4860:4802:34::181
216.200.122.13
23.36.153.35
23.39.32.234
2600:141b:e800:138d::1931
2600:9000:20bc:9000:1b:5138:8a40:93a1
2607:f8b0:4006:81c::2004
2607:f8b0:4023:1::65
2607:f8b0:4023:1::71
2607:f8b0:4024:c01::61
2607:f8b0:4024:c01::9a
2607:f8b0:4024:c01::9c
2607:f8b0:4024:c02::71
2607:f8b0:4024:c02::9b
2620:119:50e5:101::9002:c01
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::729
3.215.101.237
3.218.115.225
3.223.194.189
3.233.22.19
3.90.54.105
34.204.34.148
34.98.64.218
35.190.24.218
35.190.60.146
35.211.178.172
35.71.139.29
44.209.123.73
45.60.196.96
45.60.241.22
45.60.44.204
46.19.11.36
52.0.156.250
52.218.121.96
52.223.40.198
52.54.61.55
54.175.87.114
54.194.30.138
54.236.238.142
63.251.28.234
64.58.232.176
64.58.232.177
65.8.66.19
65.8.66.38
65.8.66.56
65.8.66.68
68.67.160.137
69.173.151.100
69.90.254.51
78.46.100.125
8.28.7.83
85.114.159.118
03a253f4fdf855b0626572aa52af329893336ba51b52f8b7468aba2c1039bab3
044816a5ecc3309b1341bf0e1708c389a93ae158aa93e3a9e42deca79204c0ae
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
068bbe0eea1c88f3a0f0f158b74d9485c7a033ccd57136221c604b55d59f996b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10a913f4266b6467a6b10afe6b7758ed4e17629a1079d1267c26ddeb28e65b61
12f5e31fee5484a4aad523ca461d098b5af2e9f76b26ff2d797d8b4a279f86cf
13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03
155bff0823197745fbf5bd882cb1a15e6ca2745b78abaa47e8d37edf0d69776d
1c1973b2e79c6d514928cf9794764390399d978a84f680a39856d46d9ad4a976
1d2856205b14535f0bcc4cd1c0ac8cd1f6c441d5e6d29337e7efd7636224efc2
1d542afada9845d2b8725f896c65dfa460bc9af28cbc35cb542acf2124efcca7
1f24482587b5d134eae0e7875f801e12603d01cf85c8c7f6fb8d4d72ea81169f
26cb7e39ae78b879778bcbe0b34a8b9ae08ff9ac16d16d35756ce4f93a78e0c0
29b3f2a874131011799cd118f21c489ebed8cdfc2534e879e5b2da295eaa41ee
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2caa73102dd91e73ec7dadf0c13c29eca09ec442cd8a32c71d12cb2fdd9d745f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30015b33954b77a23fe2f0777a3ce7a92a93c62a8a982dd30bd8c570ec18b8da
30a5db51ab0db88ff7e0e5297bdbb5792996ec8e017e1ff4c6a79d36b7c1a6b2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a0da775b44d1aa97d0fb2e734c30b49c6daa15b2fae9a1abb916be6ba09f0d
33d9bfbf079881cfdf2c3c197431a61a043785958fad4b0ad4be863f19d3b265
352c3640215602f401e5dde675a96c5c7c836be2d57b084cdcc13464baff6496
379e7f98c1e80a7c67fa2fb417a78711ec0715013509d9eeda3bb0f63549d400
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
390b79b027b848405327d605b74fabd73d070ab58d0b1d4d00ddb40c53f3021c
43c2740d5bd1efdbe58373fa5b5e5348e7e7d2f321fd3840a090896c99bff5df
45e0091e57ff659d0fe0711a43960d08bd5cf99b6f83e88eafa390fa6770192c
4690ae024e3b6573bc811b56c2be33a3ba8529fd245c38a94370c791ae3f0559
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8de0156deb52d8d6dabdc2245346e2591a3ecf4066ba02da11b7164b3b5d05
4b9913a8df57284cba7ad6c9b7dc1dc03a847d2f743e5907d6e0dfccf31913d1
4c05efe67fd6fb871c9f45e04d400dc4356841973fcadc81cc188be338e4046d
4c4a146cc02fbd444d08f650135687a3dc5c28bf10154770012b411540649ca3
4dfac3843ca30a2161fad324096ab4790d37d21ee44dc59d6b4e0dcaa64651f1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f032bc322fb2027489cf64bef66efc96b1b8a8a744e7bd41e3107c861825d79
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
5aef56ad4391df23932827fec3932d4e8ec90a46abb482af240ee60b4c989e65
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1
65ade209d5f312966c938379ae5aeeb5975b43c61b5271d684a3ad263304d916
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
737207b3f9d5964d047c456f928b24587352e1c808283bca69aaabd3d70ad52b
77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683
7db025befd8366a72f3b11db5696cc6f90fb8921f0abc71113050bdc739e1119
7fb23f0072704650a8df9aead2f7d0d6a2c166044b1b649e1c633ece66b301bf
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
81bf2d77e05749298ee05721739ec2efbcc99d6885011c9852b795e7e9c20a40
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86dce085c3aa9befe24e633c166eca600aaad91c0d70d66a382cf10d7667520b
86e334b15974d71d0d0aa6b2d08eb776acd2dbf5b76891bfd1359acb6c1159ac
888e6fe9a93e22ea41acbdaf109927424fcd8128cdea5c5086762b68fa5b0a37
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aca967286dc1c6f71070ab93ff966749bc8b5b8423f79ca987aefa7e28692f9
903885778d378f84ecfa7ffe4be9a87ee6f912ea1454bd55b12accd541ad5096
94ec3f3a8f523d3eededa3fb16146492f9255434fa90a5bbf9bbd03f6c88f876
9740fa0451e55af3ae2349657629b8be40602b865ee806d22c4cba9de2951adc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a627cdef47d90beb8922c69653ebe40592d9af103fb4e925c2dee8bc0615f83e
abcc01ec7f27663d20ef3186dd63224980fb38ba81a9451d9eccfa597f1dd9d7
adc0adb7ebe5158c6c4059290ca1ac28fafa59a7571230e4f668dff458c86151
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b255519ee07304ee290772676143dc4f4bdee3c3f087a4d228617490b3cc241e
b39a3e1417fc2c43da9da13482b3cd3bd57a1878c16c03deae267db3e0335a49
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b49a57ff6562561fe67779c27fff83d5636c81dc9ce8bcf9539106e7ecd03745
b5d5768095be0afe295f0dce46561ab913380154272c2497820ccf2037189fd8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd8625569811b07f6ff7e816765742c3cd345740acddc8bb35f3316562a989c9
c584451908595166aaffaef5b0f8a4e9d2bfae529fe87bcf02b7c5021cbd848a
c60abc3ced43d01e6e1aebba74a5e26be2a572e1536b76f23054db827c6cc037
c86dddca424e07bb7938f00f2daabfb29cdd77b25d05c8ffcc196e679889d8c4
cbd70a9ca47bd457c401ea22888574eb92dc660fda370f3b0b3fc1d025a02448
cc399ae30feb0cffbfcda5b2935751cb802f98d73b2e6475afd1903f9256d9df
ce0fddf776e7f7b1db2b61cd7917e293afbb8b0494485a586477a5f5588c5336
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d7f0f8cce4746e045737e52672c26a9c9879b7064e5dadab6afb69c9720ee859
d90ae26acf8a33b411966b5b69ddafca45c7affec887d7ab2e88e70d98b673c8
db382c59958d2896fe3ba456f00cfcec7e15ba62e3ea13adbfdd997c45887e71
db7be24fde74d59fec5a71745aa5db773bd458b1705427e1b1aac11beedaa463
dc94b14750ba3de0ceb27e2f07d1a71ef8f6b65d9c78837ef9629857cbbd8b25
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e1cf426f7ded630ff382332e3d8d5463ab1ed2de70023bdf0eb04d0b0a4e843e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7001af9c7a0179ce7606b6aee1bfdd367d506e65e656656893d9af0893aa1e1
ee8f8948f773c32e7e0c035cb6bbd305f0794e9c161c6b643eb8b3ff24f800da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd72cd287840dbac8f09119481c26b7067eebc7e867339dca975ecb21b05e6f2

be.synxis.com Open in urlscan Pro 45.60.44.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

75 %HTTPS

20 %IPv6

67 Domains

84 Subdomains

59 IPs

8 Countries

2482 kBTransfer

9947 kBSize

120 Cookies

9 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

be.synxis.com Open in urlscan Pro
45.60.44.204 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

75 %
HTTPS

20 %
IPv6

67
Domains

84
Subdomains

59
IPs

8
Countries

2482 kB
Transfer

9947 kB
Size

120
Cookies

161 HTTP transactions
0 data transactions