be.synxis.com Open in urlscan Pro
45.60.46.204 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group...
Submission: On February 01 via manual (February 1st 2023, 6:28:31 am UTC) from IN — Scanned from DE

Summary HTTP 78 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 16 domains to perform 78 HTTP transactions. The main IP is 45.60.46.204, located in United States and belongs to INCAPSULA, US. The main domain is be.synxis.com. The Cisco Umbrella rank of the primary domain is 48463.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q4 on October 31st 2022. Valid for: 6 months.

This is the only time be.synxis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	45.60.46.204 45.60.46.204	19551 (INCAPSULA) (INCAPSULA)
5	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
3	45.60.155.144 45.60.155.144	19551 (INCAPSULA) (INCAPSULA)
1	2606:4700:10:... 2606:4700:10::6816:3591	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	107.154.192.208 107.154.192.208	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:400d:806::2010	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
11	45.60.198.96 45.60.198.96	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:402... 2a00:1450:4025:401::9a	15169 (GOOGLE) (GOOGLE)
3	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1	52.184.193.103 52.184.193.103	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	34.232.148.211 34.232.148.211	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 4	142.250.180.198 142.250.180.198	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
2 4	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::200e	15169 (GOOGLE) (GOOGLE)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
1 2	52.72.241.80 52.72.241.80	14618 (AMAZON-AES) (AMAZON-AES)
78	22

24 45.60.46.204 (United States)

ASN19551 (INCAPSULA, US)

be.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.60.155.144 (United States)

ASN19551 (INCAPSULA, US)

be-cms-api.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3591 (United States)

ASN13335 (CLOUDFLARENET, US)

integration.flip.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.154.192.208 (United States) 2 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.192.208.ip.incapdns.net

gc.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2010 (Ireland)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 45.60.198.96 (United States)

ASN19551 (INCAPSULA, US)

www.thehotelsnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.184.193.103 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

halo.phgsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.148.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-148-211.compute-1.amazonaws.com

gatag.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gatag.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.208.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200e (Ireland)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.241.80 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-241-80.compute-1.amazonaws.com

capture.gatag.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	synxis.com 2 redirects be.synxis.com — Cisco Umbrella Rank: 48463 be-cms-api.synxis.com — Cisco Umbrella Rank: 104544 gc.synxis.com — Cisco Umbrella Rank: 213049	2 MB
11	thehotelsnetwork.com www.thehotelsnetwork.com — Cisco Umbrella Rank: 30908	137 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456 google-analytics.com — Cisco Umbrella Rank: 15 ssl.google-analytics.com — Cisco Umbrella Rank: 346	59 KB
9	doubleclick.net 8 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 ad.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	4 KB
6	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 409 ib.adnxs.com — Cisco Umbrella Rank: 203	6 KB
4	gatag.it 1 redirects gatag.it — Cisco Umbrella Rank: 54106 www.gatag.it — Cisco Umbrella Rank: 80521 capture.gatag.it — Cisco Umbrella Rank: 60001	17 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	316 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	270 B
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 fcmatch.google.com — Cisco Umbrella Rank: 2444	898 B
3	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 5028 pixel.sojern.com — Cisco Umbrella Rank: 7140	2 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 295 storage.googleapis.com — Cisco Umbrella Rank: 380	38 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	136 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	265 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 2448	432 B
1	phgsecure.com halo.phgsecure.com — Cisco Umbrella Rank: 254695	832 B
1	flip.to integration.flip.to — Cisco Umbrella Rank: 78096 data.flip.to Failed	1 KB
78	16

	Domain	Requested by
24	be.synxis.com	be.synxis.com
11	www.thehotelsnetwork.com	www.googletagmanager.com www.thehotelsnetwork.com
7	www.google-analytics.com	integration.flip.to www.google-analytics.com www.googletagmanager.com
4	cm.g.doubleclick.net	4 redirects
4	secure.adnxs.com	2 redirects
4	ad.doubleclick.net	4 redirects
4	www.googletagmanager.com	be.synxis.com integration.flip.to www.googletagmanager.com
3	www.facebook.com
3	be-cms-api.synxis.com	be.synxis.com
2	capture.gatag.it	1 redirects
2	ib.adnxs.com	2 redirects
2	pixel.sojern.com
2	adservice.google.com
2	connect.facebook.net	beacon.sojern.com connect.facebook.net
2	region1.google-analytics.com	www.googletagmanager.com
2	storage.googleapis.com	be.synxis.com
2	gc.synxis.com	2 redirects
1	www.gatag.it	gatag.it
1	ssl.google-analytics.com
1	google-analytics.com	gatag.it
1	match.adsrvr.org
1	fcmatch.youtube.com
1	fcmatch.google.com	1 redirects
1	gatag.it	be.synxis.com
1	halo.phgsecure.com	be.synxis.com
1	beacon.sojern.com	be.synxis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	integration.flip.to	be.synxis.com
1	ajax.googleapis.com	be.synxis.com
0	data.flip.to Failed	be.synxis.com
78	30

This site contains links to these domains. Also see Links.

Domain
www.rosenplaza.com
www.preferredhotels.com
preferredhotels.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-10-31` - `2023-04-29`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.thehotelsnetwork.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-11-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
halo.phgsecure.com R3	`2022-12-13` - `2023-03-13`	3 months	crt.sh
gatag.it Amazon RSA 2048 M01	`2023-01-23` - `2024-02-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-10` - `2023-02-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.gatag.it Amazon RSA 2048 M02	`2023-01-23` - `2024-02-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Frame ID: 3593C601F963D798E9BF10C3C890A22E
Requests: 75 HTTP requests in this frame

Frame: https://www.thehotelsnetwork.com/widget/core/latest/hub/
Frame ID: A2142EBF1F8C4BC0B96D4C4E5CEF5E6B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Preferred Hotels & Resorts (PV) - Reservations - Hotel Availability

Page URL History Show full URLs

https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&dep... Page URL
https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&dep... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

85 %
HTTPS

50 %
IPv6

16
Domains

30
Subdomains

22
IPs

4
Countries

3202 kB
Transfer

10696 kB
Size

41
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rosenplaza.com/

Search URL Search Domain Scan URL

URL: http://www.rosenplaza.com/
Title: www.rosenplaza.com

Search URL Search Domain Scan URL

URL: https://www.preferredhotels.com/
Title: Preferred Hotels & Resorts℠

Search URL Search Domain Scan URL

URL: https://www.rosenplaza.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.rosenplaza.com/rosen-hotels-and-resorts-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://preferredhotels.com/property/rosen-plaza-hotel-913

Search URL Search Domain Scan URL

URL: https://preferredhotels.com/iprefer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ Page URL
https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://gc.synxis.com/CHAIN/10237/IMAGES/SHELL/con-logo-wh-120.png HTTP 301
https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/con-logo-wh-120.png

Request Chain 16

https://gc.synxis.com/CHAIN/10237/IMAGES/SHELL/iprefer_white2_120.png HTTP 301
https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/iprefer_white2_120.png

Request Chain 55

https://ad.doubleclick.net/ddm/activity/src=5390319;type=sales;cat=lbdddhup;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHotels%2B%2526%2BResorts%2B%2528PV%2529;u18=;u19=69868;u20=Rosen%2BPlaza%2BHotel;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=5390319;dc_pre=CJnNkvLY8_wCFQMLewodwmYNKA;type=sales;cat=lbdddhup;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHotels%2B%2526%2BResorts%2B%2528PV%2529;u18=;u19=69868;u20=Rosen%2BPlaza%2BHotel;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=5390319;dc_pre=CJnNkvLY8_wCFQMLewodwmYNKA;type=sales;cat=lbdddhup;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHotels%2B%2526%2BResorts%2B%2528PV%2529;u18=;u19=69868;u20=Rosen%2BPlaza%2BHotel;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID]

Request Chain 56

https://ad.doubleclick.net/ddm/activity/src=10755720;type=searc0;cat=rosen0;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHotels%2B%2526%2BResorts%2B%2528PV%2529;u18=;u19=69868;u20=Rosen%2BPlaza%2BHotel;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10755720;dc_pre=CPHWkvLY8_wCFUkAewodmeQO8w;type=searc0;cat=rosen0;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHotels%2B%2526%2BResorts%2B%2528PV%2529;u18=;u19=69868;u20=Rosen%2BPlaza%2BHotel;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=10755720;dc_pre=CPHWkvLY8_wCFUkAewodmeQO8w;type=searc0;cat=rosen0;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHotels%2B%2526%2BResorts%2B%2528PV%2529;u18=;u19=69868;u20=Rosen%2BPlaza%2BHotel;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Request Chain 57

https://secure.adnxs.com/px?id=1476628&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1476628%26t%3D1

Request Chain 58

https://secure.adnxs.com/seg?add=26388468&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26388468%26t%3D1

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=mIBxf8n4Ke3t_NJjypxpag&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D&sjrn_ula=211640886 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=mIBxf8n4Ke3t_NJjypxpag&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D&sjrn_ula=211640886&google_tc= HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D&sjrn_ula=211640886&google_gid=CAESEOBdzcn3Nty48IHBTGrQZuY&google_cver=1

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_hm=mIBxf8n4Ke3t_NJjypxpag&google_nid=sojern_adh HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=mIBxf8n4Ke3t_NJjypxpag&google_nid=sojern_adh&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoruj-dC9g7at7l3UvUAcAi33B-_XuayvSpyTmF6q-BwXdamw57fjwewnHAECFLbuGhuXglLYY9U5lkq-d6JyuEwwwbS5NVobxL7QGA4gYWCByPpO3A HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoruj-dC9g7at7l3UvUAcAi33B-_XuayvSpyTmF6q-BwXdamw57fjwewnHAECFLbuGhuXglLYY9U5lkq-d6JyuEwwwbS5NVobxL7QGA4gYWCByPpO3A

Request Chain 61

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D HTTP 302
https://pixel.sojern.com/idsync/apn?id=2493800708808810220&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D

Request Chain 69

https://capture.gatag.it/?act=0&cid=0&apikey=%3FYXZkew%253D%253D&type=look&name=Rosen%20Plaza%20Hotel&promo=&iata=&group=GRPAPEC2023&arrival=2023%2F03%2F16&depart=2023%2F03%2F25&template=NGBE&chain=10237&hotel=69868&language=en-US&session=2057709485&date=2023-02-1%2006%3A28%3A26&campaign=direct&keyword=&medium=none&source=direct&visits=1&ref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&ref2=&cookies=1&extra1=&extra4=1&extra5=1013&window=43&device=not%20set&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36 HTTP 302
https://capture.gatag.it/smile.gif

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
be.synxis.com/ 212 B
592 B 54ms
8ms Document
text/html 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 212
content-type: text/html
strict-transport-security: max-age=31536000
x-iinfo: 15-99305572-0 0NNN RT(1675232900780 10) q(0 -1 -1 0) r(0 -1) B10(4,314,0) U18

GET
H2 200 _Incapsula_Resource Show response
be.synxis.com/ 176 KB
25 KB 15ms
14ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

045733432d805ad3c5ad9c98cb3c380de2fb41034b62b367279315069a774e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 25931
content-type: application/javascript

GET
H2 200 _Incapsula_Resource
be.synxis.com/ 29 B
57 B 7ms
7ms XHR
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/_Incapsula_Resource?SWHANEDL=4418071028630240161,17265957519878184903,4410480202312639289,633940

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 29
content-type: application/javascript

GET
H2 200 Primary Request / Show response
be.synxis.com/ 790 KB
129 KB 1277ms
1276ms Document
text/html 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2ddd034d60b268a110e79a61fbcc4c13dbc0ffa7b83a72e8a934ff8d2c44346e

Security Headers

Name	Value
Content-Security-Policy	img-src data: ; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: ; media-src ; script-src 'strict-dynamic' 'nonce-67n5UqUoUe9VNidy2p/ftA==' 'unsafe-inline' 'unsafe-eval' 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com pdx-col.eum-appdynamics.com halo.phgsecure.com .triptease.io .hotjar.com .hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io .navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com .facebook.com .youtube.com https://.perfmaker.net .gbqofs.io .gbqofs.com https://.flip.to https://.phgsecure.com; default-src 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com pdx-col.eum-appdynamics.com halo.phgsecure.com .triptease.io .hotjar.com .hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io .navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com .facebook.com .youtube.com https://.perfmaker.net .gbqofs.io .gbqofs.com https://.flip.to https://*.phgsecure.com; report-uri /reports?hid=69868&cid=10237&sid=xyduvwDPDwcelHBNMJu-beuu
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: img-src data: *; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: *; media-src *; script-src 'strict-dynamic' 'nonce-67n5UqUoUe9VNidy2p/ftA==' 'unsafe-inline' 'unsafe-eval' 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.gatag.it gatag.it *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io *.sabre-gcp.com *.sabre-gcp.com:3000 *.sabre-gcp.com:3001 *.sabre-gcp.com:3002 *.sabrecirrus.com pdx-col.eum-appdynamics.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com https://*.flip.to https://*.phgsecure.com; default-src 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.gatag.it gatag.it *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io *.sabre-gcp.com *.sabre-gcp.com:3000 *.sabre-gcp.com:3001 *.sabre-gcp.com:3002 *.sabrecirrus.com pdx-col.eum-appdynamics.com halo.phgsecure.com *.triptease.io *.hotjar.com *.hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io *.navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com *.facebook.com *.youtube.com https://*.perfmaker.net *.gbqofs.io *.gbqofs.com https://*.flip.to https://*.phgsecure.com; report-uri /reports?hid=69868&cid=10237&sid=xyduvwDPDwcelHBNMJu-beuu
content-type: text/html; charset=utf-8
date: Wed, 01 Feb 2023 06:28:22 GMT
link: </public/js/font-spark-icon-fill.woff2>; rel=preload; as=font; type=font/woff2; crossOrigin=anonymous, </public/js/font-spark-icon-line.woff2>; rel=preload; as=font; type=font/woff2; crossOrigin=anonymous, </public/js/client.js>; rel=preload; as=script, </public/js/modules-main.js>; rel=preload; as=script,
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 15-99305572-99305583 NNNN CT(171 172 0) RT(1675232900780 74) q(0 0 4 -1) r(13 13) U12

GET
H2 200 _Incapsula_Resource
be.synxis.com/ 1 B
90 B 8ms
8ms Image
text/plain 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be.synxis.com/_Incapsula_Resource?SWKMTFSR=1&e=0.3650185634915717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET _Incapsula_Resource
be.synxis.com/ 0
0

GET
H2 200 font-spark-icon-fill.woff2
be.synxis.com/public/js/ 30 KB
31 KB 532ms
531ms Font
font/woff2 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/font-spark-icon-fill.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Origin: https://be.synxis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 25 Jan 2023 15:14:26 GMT
x-cdn: Imperva
etag: W/"792c-185e97e9850"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-iinfo: 15-99305572-99305876 NNNN CT(173 173 0) RT(1675232900780 1357) q(0 0 3 -1) r(5 5) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 31020

GET
H2 200 font-spark-icon-line.woff2
be.synxis.com/public/js/ 39 KB
39 KB 533ms
531ms Font
font/woff2 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/font-spark-icon-line.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Origin: https://be.synxis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 25 Jan 2023 15:14:26 GMT
x-cdn: Imperva
etag: W/"9a0c-185e97e9850"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-iinfo: 15-99305572-99305878 NNNN CT(171 172 0) RT(1675232900780 1359) q(0 0 3 -1) r(5 5) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 39436

GET
H2 200 client.js Show response
be.synxis.com/public/js/ 3 MB
377 KB 715ms
714ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6d68ee8000766d7fd86ef15d5b414f866a5b0c69ff048074e45b331e4285744b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Wed, 25 Jan 2023 15:14:26 GMT
x-cdn: Imperva
etag: W/"5e213-185e97e9850"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 15-99305572-99305880 NNNN CT(174 175 0) RT(1675232900780 1362) q(0 0 3 -1) r(5 7) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 385555

GET
H2 200 modules-main.js Show response
be.synxis.com/public/js/ 3 MB
439 KB 554ms
553ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/modules-main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d68b52f33931a2b6396d0532397fe9bd2872e99ea90735164a026104735821cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Wed, 25 Jan 2023 15:14:26 GMT
x-cdn: Imperva
etag: W/"6d9ba-185e97e9850"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 15-99305572-99305882 NNNN CT(177 177 0) RT(1675232900780 1364) q(0 0 3 -1) r(5 5) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 448954

POST
H2 200 reports
be.synxis.com/ 3 KB
977 B 527ms
527ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=69868&cid=10237&sid=xyduvwDPDwcelHBNMJu-beuu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3fef4739f1cf200ed5ad8f17d7b332df45cacbbe147d2affa3348491c45900f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 01 Feb 2023 06:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cdn: Imperva
etag: W/"a59-ePRugs7nAl5Da9jJYhdGJcRqUu4"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 15-99305572-99305902 NNYN CT(170 172 0) RT(1675232900780 1518) q(0 1 4 -1) r(6 6) U6

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 312 KB
83 KB 111ms
44ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e2aaf8bbfdc9c6a05fdc20d17e925b5ddc7822da1b160c65d87d8affa5dc494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84054
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Feb 2023 06:28:22 GMT

POST
H2 200 getProductAvailability Show response
be.synxis.com/gw/product/v1/ 458 B
2 KB 806ms
805ms XHR
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/product/v1/getProductAvailability

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

ba5516ed9a3e0b64251359fa5c90475a5aad49c25a69df9d12afd913b5c8bbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

ActivityID: xyduvwDPDwcelHBNMJu-beuu
x-business-context: BE
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
context: BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

content-encoding: gzip
x-cdn: Imperva
accept-language: de-DE,de;q=0.9
x-api-session: MDAxMjF-MmV6NmNvZ2ZGMzRHTXFxUnE1dlVkS2VrMkVQaVc2Wm1nMm5oRzd4eWRZaTFWSjZvWmZCUlo3cjdlUGY4WU9FNTZJWVpoMHcrdzJGaStCdFhVaElmc3IyUytlRkN3U2NRbjI3b1FpYnVJZFBMNWNiM1p4Zk5pQVhrOVRMRVVHMGFxY3NhMEN4NTZxZkhYbmd5Yng2YXlhU3JNajNaNkxmckh5cyt1eVBNT2Q5cjcxcFJzWDlNUTltbUFxcDJ3RlFJUFI5Z21iV2lxY1MxazVvL0t0K2FDYjlzZ01BdzhGZmd0ZEIzNVNLOWNYZjVEa1c4V0J3UjNIWnpBWWcvU1BONDNsUkZrVG4zU28wYSt3V3d3TGFZYmVpVnQwOE9RTWNtb3VuTUgyc2xnSTNxejArT3JCNjJaMGhKWWludkNOQWk
x-iinfo: 15-99305572-99305583 PNNN RT(1675232900780 1679) q(0 3 3 -1) r(8 8) U6
cdn-loop: IncapCDN; id="728_1215874"
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-63da0686-59e9da6d30be47663cd437ed
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
activityid: xyduvwDPDwcelHBNMJu-beuu
cache-control: no-cache
referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
context: BE
sec-fetch-mode: cors
date: Wed, 01 Feb 2023 06:28:23 GMT
message-id: iahj9fpet
origin: https://be.synxis.com
x-content-type-options: nosniff
via: 1.1 google, 1.1 google, 1.1 google
x-real-ip: 10.123.77.110
strict-transport-security: max-age=31536000
x-forwarded-for: 80.255.10.205, 149.126.78.15, 10.123.77.110,10.30.3.89,10.30.0.237
x-forwarded-proto: https
content-length: 304
true-client-ip: 80.255.10.205
x-business-context: BE
server: nginx
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: 2nc9rvh2w
x-forwarded-port: 443
app-env: p1
incap-proxy-728: OK

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 95ms
20ms Script
text/javascript 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 19:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 19:02:22 GMT

GET
H2 200 ipreferMSG.js Show response
be-cms-api.synxis.com/assets/chain/10237/fileStorage/tracking/ 4 KB
5 KB 340ms
231ms Script
text/plain 45.60.155.144
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be-cms-api.synxis.com/assets/chain/10237/fileStorage/tracking/ipreferMSG.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.155.144 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b37b72afbef1c5309b598804257b21f6f8aa642ed1d01fdb5a92b9b0cc406074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:21 GMT
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
x-iinfo: 14-117752399-117752405 NNNN CT(4 9 0) RT(1675232902359 31) q(0 0 1 4) r(2 2) U5
access-control-allow-credentials: true
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4425

GET
H2 200 K2X4KDP Show response
integration.flip.to/ 2 KB
1 KB 57ms
21ms Script
application/javascript 2606:4700:10::6816:3591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://integration.flip.to/K2X4KDP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88eee8de8bbd4c302c4df5babab025b0a91a3571ce387ed5504726354052f551

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:22 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
cf-cache-status: HIT
age: 51770
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 15:13:55 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public,max-age=86400
timing-allow-origin: *
cf-ray: 7928a06b4c78905e-FRA

GET
H2

200

con-logo-wh-120.png
storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/
Redirect Chain

https://gc.synxis.com/CHAIN/10237/IMAGES/SHELL/con-logo-wh-120.png
https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/con-logo-wh-120.png

3 KB
3 KB

226ms
164ms

Image
image/png

2a00:1450:400d:806::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/con-logo-wh-120.png
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Protocol: H2
Server: 2a00:1450:400d:806::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 42b05ecde3b83b193681d4244cc3eeb6cc6d3e39f201d38c6f0d5a665f08d0f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:23 GMT
x-goog-meta-goog-reserved-file-mtime: 1520950369
age: 0
x-guploader-uploadid: ADPycduy94xpYKqWcG6cTjjD6tAYrV0vuV7XZ_UVt_7GTwMNhzPkEWqWs5z7gEYsuxpAFcTzMOGbZPwRZP8R6sIRIP13QYRUIpQ2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2892
last-modified: Tue, 22 Feb 2022 12:14:30 GMT
server: UploadServer
etag: "35fb728fed9a2205e51029d277b2b687"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1645532070342262
content-language: en
content-type: image/png
x-goog-hash: crc32c=XIWEEw==, md5=Nftyj+2aIgXlECnSd7K2hw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2892
accept-ranges: bytes
expires: Wed, 01 Feb 2023 07:28:23 GMT

Redirect headers

Date: Wed, 01 Feb 2023 06:28:22 GMT
Via: 1.1 google
Server
X-CDN: Imperva
X-Powered-By: ASP.NET
Content-Type: text/html; charset=UTF-8
Location: https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/con-logo-wh-120.png
X-Iinfo: 14-126544992-126544099 2NNN RT(1675232902578 10) q(0 0 0 1) r(2 2) U11
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 215

GET
H2

200

iprefer_white2_120.png
storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/
Redirect Chain

https://gc.synxis.com/CHAIN/10237/IMAGES/SHELL/iprefer_white2_120.png
https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/iprefer_white2_120.png

4 KB
5 KB

81ms
20ms

Image
image/png

2a00:1450:400d:806::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/iprefer_white2_120.png
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Protocol: H2
Server: 2a00:1450:400d:806::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1f615645150521b8d95414b87467cd53e31af5049d8b0a3a795273bc6d62936b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:46:34 GMT
x-goog-meta-goog-reserved-file-mtime: 1516920183
age: 2509
x-guploader-uploadid: ADPycdv9hpptihAdH_gsLS4lXOi0Iy0XaMRtkx38P2GpQXw4EMfvA2VMkFqGV1R5lIdvqnrLY7_B6vgJbfEb0FkU_xBGjn5VZO95
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4552
last-modified: Tue, 22 Feb 2022 12:14:40 GMT
server: UploadServer
etag: "6d38cf33bd94c2be9d2895cb02aedd01"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1645532080128428
content-language: en
content-type: image/png
x-goog-hash: crc32c=Be3MKQ==, md5=bTjPM72Uwr6dKJXLAq7dAQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 4552
accept-ranges: bytes
expires: Wed, 01 Feb 2023 06:46:34 GMT

Redirect headers

Date: Wed, 01 Feb 2023 06:28:23 GMT
Via: 1.1 google
Server
X-CDN: Imperva
X-Powered-By: ASP.NET
Content-Type: text/html; charset=UTF-8
Location: https://storage.googleapis.com/webimages-p1shrd/chain/10237/images/shell/iprefer_white2_120.png
X-Iinfo: 13-108111356-108111115 2NNN RT(1675232902580 13) q(0 0 0 1) r(2 2) U11
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 218

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
74 KB 166ms
100ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53XCXJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05e824db4ee596584ab89b259d8b3c4fc756cea341e475bd119e00f7d013b166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75158
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Feb 2023 06:28:23 GMT

GET
H2 200 logo-plaza.png
be-cms-api.synxis.com/assets/chain/10237/hotel/69868/fileStorage/image/ 4 KB
4 KB 166ms
165ms Image
image/png 45.60.155.144
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be-cms-api.synxis.com/assets/chain/10237/hotel/69868/fileStorage/image/logo-plaza.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.155.144 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7f916b50cc0a83893a2a508acf6cd792f17b90020cb25c95ce5d5535c811023c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:22 GMT
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-117752399-117752405 PNNN RT(1675232902359 267) q(0 0 0 -1) r(1 1) U5
access-control-allow-credentials: true
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3876

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 84ms
20ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: integration.flip.to
URL: https://integration.flip.to/K2X4KDP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 06:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 399
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 01 Feb 2023 08:21:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 274 KB
82 KB 85ms
78ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2X4KDP&l=fliptoDataLayer

Requested by

Host: integration.flip.to
URL: https://integration.flip.to/K2X4KDP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd64bf122d8019357b5d313c158094b673b04ded23935984507b3eb51cca7cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84227
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Feb 2023 06:28:22 GMT

GET %JS_HOTEL_ID%
data.flip.to/cdn/data/2J/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 42ms
41ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=477698552&t=pageview&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABFAAAACAAI~&jid=193998088&gjid=970682460&cid=2057709485.1675232903&tid=UA-87550206-6&_gid=490411381.1675232903&_r=1&_slc=1&gtm=2wg1u053XCXJ&cd2=2023-02-01T06%3A28%3A23.145%2B00%3A00&z=2027198160

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotel_price_widget.js Show response
www.thehotelsnetwork.com/js/ 21 KB
9 KB 145ms
79ms Script
text/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53XCXJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

89e9e1059c9d13a4e98d06c2f7ed9dceaddf2871d63c222cbb38c3d682f7319f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:23 GMT
content-encoding: gzip
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 31 Jan 2023 18:46:04 GMT
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
x-iinfo: 14-112686507-112686512 NNNN CT(2 9 0) RT(1675232902781 15) q(0 0 1 1) r(1 1) U5
cache-control: max-age=7200
x-amz-cf-id: DhLZJpoyBQe18Tby9GiVEgJf8Xk0URnISX-zFPaFdrD1LuBMFUDiaA==

GET
H2 200 / Show response
www.thehotelsnetwork.com/widget/core/latest/hub/ Frame A214 5 KB
2 KB 41ms
40ms Document
text/html 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/latest/hub/

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6b17ba3a4e5a8886f4344a0412fb24df21e3cffb5a9ec07a0913081831c6cc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=7200 public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 01 Feb 2023 06:28:23 GMT
etag: W/"63d961e8-11fd"
expires: Wed, 01 Feb 2023 08:28:23 GMT
last-modified: Tue, 31 Jan 2023 18:46:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8671c9c28d4abb06df55e1091d0f124a.cloudfront.net (CloudFront)
x-amz-cf-id: vNljB0bsSB4s8z0JBmUjzTwsPWaM-RCohirnpHgTp_FD6Szf5q42Jw==
x-amz-cf-pop: LHR50-P4
x-cache: Miss from cloudfront
x-cdn: Imperva
x-iinfo: 14-112686507-112685973 3NNN RT(1675232902781 111) q(0 0 0 -1) r(1 1)

GET
H2 200 _Incapsula_Resource Show response
www.thehotelsnetwork.com/ Frame A214 158 KB
22 KB 15ms
15ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1241725225

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7858de309713780a7ecbce46ce2354ed6055e6262f85404baa7668a0518756cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 22682
content-type: application/javascript

GET
H2 200 get_loader_data Show response
www.thehotelsnetwork.com/ 118 B
540 B 46ms
46ms Fetch
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/get_loader_data?partnership_id=6

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ab1f10697ec6d903f4c0ecbd6bd693861bc47ea06c343a6bf70ccdada9425e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:23 GMT
content-encoding: gzip
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-iinfo: 14-112686507-112684864 PNNN RT(1675232902781 168) q(0 0 0 -1) r(0 0) U5
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: cp--E63mvorzAtOPUkgiB2TfhRc9X4h27EV0xYbyMFVMkiNUwLhSYA==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _Incapsula_Resource
www.thehotelsnetwork.com/ Frame A214 1 B
36 B 10ms
10ms Image
text/plain 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thehotelsnetwork.com/_Incapsula_Resource?SWKMTFSR=1&e=0.4152871474807651

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 index.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 389 KB
100 KB 73ms
57ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=d67e8839

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

02cf4c0726724e3eae89412f24091d7d94eae6dc5127975559afb46693e8adc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
Origin: https://be.synxis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:23 GMT
content-encoding: gzip
via: 1.1 f6512440d57ffd5ad26662c2a1156906.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: LHR50-P4
x-cache: Miss from cloudfront
x-iinfo: 4-33021842-33006090 3NNN RT(1675232903005 8) q(0 0 0 1) r(0 0)
last-modified: Tue, 31 Jan 2023 18:44:03 GMT
etag: W/"63d96173-612dd"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: gOd0J2vgUfZL7nm33Ug3aVGmtjVdqrfF4_91v49FKR5Wm-FX3jTRMA==
expires: Thu, 01 Feb 2024 06:28:23 GMT

GET
H2 200 vendors-en.js Show response
be.synxis.com/public/js/ 32 KB
4 KB 190ms
190ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/vendors-en.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8074a161d80ffca068c5a4969bccfa4b5a4189d3b0da84702d13d2f0b2b29606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Wed, 25 Jan 2023 15:14:26 GMT
x-cdn: Imperva
etag: W/"fdf-185e97e9850"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 15-99305572-99305882 PNNN RT(1675232900780 3079) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4063

POST
H2 200 getProductAvailability Show response
be.synxis.com/gw/product/v1/ 449 B
1 KB 520ms
520ms Fetch
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/product/v1/getProductAvailability

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

5348e180e41ac06594937cc417b835d2a9448f6197da8d16d853a7c9bc0793c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

ActivityID: xyduvwDPDwcelHBNMJu-beuu
Accept: application/json,application/x-javascript
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Context: BE
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: gzip
x-cdn: Imperva
accept-language: de-DE,de;q=0.9
x-api-session: MDAxMjF-MTlLcm5Jb2x6ZFF4ZktMK0kyc1RDdUFrNFVZTXg5Z0dxdU16MVJLVEpzOHc4aldLM3BHb1VIRmtxV1lKc2d4ZlF1eW81cldmR0VML204R2E3cFNQMUphZXZqVGpuWnJPclc5T1UzNUxiSC9GV0taejU4bHlOU0NiNWtmbktCcGdPNWc4RHF6NkhqSWZwUkhSLy9YQUM4cW12bm1id3d5WGJPdVRtN1M2b2tscjQ4bUNHMWNBNTZHTVRDVVJISjFra0x1U29YZGd3VGJOSUI2ak1qbEkwcGp5alBhUGNxWnAxNTJIUEo4RlNuMkJDZWhHcVpYeHRlcXFjQnNnWkFZSXhRZkFvdzIrczJSeldzWDVReVgrSEt3cjVaYjM1Q2ZYTGN0SDRjRnlsWjJLNldBelBhU3h0bGE4TE0vVmZOOVQ
x-iinfo: 15-99305572-99305882 PNNN RT(1675232900780 3394) q(0 0 0 -1) r(5 5) U6
cdn-loop: IncapCDN; id="728_1215874"
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-63da0688-0bc7bee80a8506d53fbff781
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
activityid: xyduvwDPDwcelHBNMJu-beuu
cache-control: no-cache
referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
context: BE
sec-fetch-mode: cors
date: Wed, 01 Feb 2023 06:28:24 GMT
message-id: 28cjjsgrr
origin: https://be.synxis.com
x-content-type-options: nosniff
via: 1.1 google, 1.1 google, 1.1 google
x-real-ip: 10.123.77.110
strict-transport-security: max-age=31536000
x-forwarded-for: 80.255.10.205, 149.126.78.15, 10.123.77.110,10.30.0.21,10.30.0.237
x-forwarded-proto: https
content-length: 302
true-client-ip: 80.255.10.205
server: nginx
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: 26s56qi6w
x-forwarded-port: 443
app-env: p1
incap-proxy-728: OK

GET
H2 200 0.js Show response
be.synxis.com/public/js/ 19 KB
4 KB 194ms
193ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/0.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5cc9c425d8c4dff3eea5401c7ea45524d14dacb8974850c7dc956bd0658cd716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Wed, 25 Jan 2023 15:14:26 GMT
x-cdn: Imperva
etag: W/"f56-185e97e9850"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 15-99305572-99305880 PNNN RT(1675232900780 3398) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 3926

GET
H2 200 1.js Show response
be.synxis.com/public/js/ 11 KB
3 KB 191ms
190ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/1.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

800ba494626a26d07497d02b79f0d23bf148cde410a5aa92ea9ec374697e84ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Wed, 25 Jan 2023 15:14:26 GMT
x-cdn: Imperva
etag: W/"aa9-185e97e9850"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 15-99305572-99305583 PNNN RT(1675232900780 3399) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2729

GET
H2 200 3.js Show response
be.synxis.com/public/js/ 41 KB
8 KB 193ms
192ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/3.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

dab60551446f220630b0085a0dc4a29fc1ce58feddbfd3601b324491ff45756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Wed, 25 Jan 2023 15:14:26 GMT
x-cdn: Imperva
etag: W/"1e7d-185e97e9850"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 15-99305572-99305878 PNNN RT(1675232900780 3400) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7805

GET
H2 200 6.js Show response
be.synxis.com/public/js/ 318 KB
48 KB 239ms
239ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/6.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1dda544792fdb6e3e64d05d3900f8ac24e2b1906e917218914e544e698aa2a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
last-modified: Wed, 25 Jan 2023 15:14:26 GMT
x-cdn: Imperva
etag: W/"bf49-185e97e9850"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 15-99305572-99305876 PNNN RT(1675232900780 3401) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 48969

GET
H2 200 2DDNS.jpg
be-cms-api.synxis.com/assets/chain/10237/hotel/69868/fileStorage/image/ 1 MB
1 MB 211ms
211ms Image
image/jpeg 45.60.155.144
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be-cms-api.synxis.com/assets/chain/10237/hotel/69868/fileStorage/image/2DDNS.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.155.144 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7667eefedd61bf060f0d3ac6bd73ea2c9da6d9f4cf9db6a4a3aa2af2c3356202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:24 GMT
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/jpeg
access-control-allow-origin: *
x-iinfo: 14-117752399-117752405 PNNN RT(1675232902359 1669) q(0 0 0 -1) r(2 2) U5
access-control-allow-credentials: true
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1374270

GET
H2 200 fffa28d1.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 971 B
1 KB 45ms
39ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/fffa28d1.min.js?h=d67e8839

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=d67e8839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

928309c962f205bb801fe22078fb41cd89b89d89c26e8c07ed3587773624c2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
Origin: https://be.synxis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 31 Jan 2023 18:46:04 GMT
x-cdn: Imperva
etag: W/"63d961ec-3cb"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-33021842-33020213 3VNN RT(1675232903005 1172) q(0 0 0 -1) r(1 1)
cache-control: max-age=60, public
content-length: 576
expires: Wed, 01 Feb 2023 06:29:24 GMT

GET
H2 200 get_hotel_property_rel Show response
www.thehotelsnetwork.com/ 32 B
807 B 80ms
77ms Fetch
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/get_hotel_property_rel?partnership_id=6&partnership_hotel_id=69868

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1506c80eb411afef8b09df3fb0f6701c617f081139d6356dbe0114e32c2e91d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:24 GMT
content-encoding: gzip
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-iinfo: 4-33021842-33021913 NNNN CT(2 6 0) RT(1675232903005 1219) q(0 0 0 -1) r(0 0) U5
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: m31Goz6nr7ju1WzOgr2UbferXTPVLXxIaiw_pdncxnUg17q1-Rcpkw==
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 GetUrgencyTriggers Show response
be.synxis.com/gw/product/v1/ 343 B
1 KB 450ms
449ms Fetch
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/product/v1/GetUrgencyTriggers

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

a34b401b19b84ad85cf85ad375f9680e26d139b5adc924364d2e2b3516867b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

ActivityID: xyduvwDPDwcelHBNMJu-beuu
Accept: application/json,application/x-javascript
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Context: BE
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: gzip
x-cdn: Imperva
accept-language: de-DE,de;q=0.9
x-iinfo: 15-99305572-99305882 PNNN RT(1675232900780 4083) q(0 0 0 -1) r(5 5) U6
cdn-loop: IncapCDN; id="728_1215874"
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-63da0689-7b68ca363adb6f594985d3cc
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
activityid: xyduvwDPDwcelHBNMJu-beuu
cache-control: no-cache
referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
context: BE
sec-fetch-mode: cors
date: Wed, 01 Feb 2023 06:28:25 GMT
message-id: 5ie7jesjm
origin: https://be.synxis.com
x-content-type-options: nosniff
via: 1.1 google, 1.1 google, 1.1 google
x-real-ip: 10.123.78.215
strict-transport-security: max-age=31536000
x-forwarded-for: 80.255.10.205, 149.126.78.15, 10.123.78.215,10.30.3.89,10.30.0.237
x-forwarded-proto: https
content-length: 234
true-client-ip: 80.255.10.205
server: nginx
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: 1s2halxlh
x-forwarded-port: 443
app-env: p1
incap-proxy-728: OK

POST
H2 200 QueryHotelList Show response
be.synxis.com/gw/partner/v1/ 36 KB
4 KB 1181ms
1181ms Fetch
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/partner/v1/QueryHotelList

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

407743ad7853a628f7c1809ddd2dde3cc9208ef69d107be41fd786cd26cda58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

ActivityID: xyduvwDPDwcelHBNMJu-beuu
Accept: application/json,application/x-javascript
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Context: BE
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: gzip
x-cdn: Imperva
accept-language: de-DE,de;q=0.9
x-api-session: MDAxMjF-MmV6NmNvZ2ZGMzRHTXFxUnE1dlVkTjdlYUlYaE5OVUFLbEY5ME4wbmtzNVJKd0FqWnFUWTBwNlVzdlM4aHJaR0V3c2RHYlRiNy9ycDJEOC8yKzJ4djhtanFYOURpdURjQm85ZVpzQVpPczhJYWdzYWVhcEk5OCtLM0pBRXkvSWdGcTByVDFOY20ycG8wSHI1RGtGVGkxTElQZjdtR3czakdMcUp6UHBnSklrUis5NmhTQnd6czVjbGlzRjVtbFBxSUovWGJzY3ZLcTE1dUM0dmlqSE9yY25ZRWpWQVgxL0x4NXpSN3d0VWo4amZ0QTEwV00wY3Z3QnFSZU1JSTNkYXlpdHM0UTF2NWlIVHVaMjlKS0FjdzRISlAwY21qYVFEV0JXSGFHczZmSmZZVVllOXFiZi9VekMzR3pqL1NJR00
x-iinfo: 15-99305572-99305876 PNNN RT(1675232900780 4231) q(0 0 0 -1) r(11 11) U6
cdn-loop: IncapCDN; id="728_1215874"
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-63da0689-5014b8627fe636027a26fb25
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
activityid: xyduvwDPDwcelHBNMJu-beuu
cache-control: no-cache
referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
context: BE
sec-fetch-mode: cors
date: Wed, 01 Feb 2023 06:28:26 GMT
message-id: 20hwwzboq
origin: https://be.synxis.com
x-content-type-options: nosniff
via: 1.1 google, 1.1 google, 1.1 google
x-real-ip: 10.123.78.215
strict-transport-security: max-age=31536000
x-forwarded-for: 80.255.10.205, 149.126.78.15, 10.123.78.215,10.30.3.89,10.30.0.237
x-forwarded-proto: https
content-length: 3611
true-client-ip: 80.255.10.205
server: nginx
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: ea5pnet7t
x-forwarded-port: 443
app-env: p1
incap-proxy-728: OK

GET
H2 200 dataStream.js Show response
be.synxis.com/public/js/ 10 KB
3 KB 186ms
186ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/dataStream.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

04025905c78ae9f9cc78a58e1387aa677c8548a8a5894eaa94447f082cf2c23f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 25 Jan 2023 15:10:53 GMT
x-cdn: Imperva
content-encoding: gzip
etag: W/"277a-185e97b5848"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 15-99305572-99305880 PNYN RT(1675232900780 4268) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
accept-ranges: bytes

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=477698552&t=timing&_s=2&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&ul=en-us&de=UTF-8&dt=Preferred%20Hotels%20%26%20Resorts%20(PV)%20-%20Reservations%20-%20Hotel%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4194&pdt=664&dns=0&rrt=1&srt=1276&tcp=0&dit=2013&clt=3007&_gbt=2122&_u=aGBACEABFAAAACAAI~&jid=&gjid=&cid=2057709485.1675232903&tid=UA-87550206-6&_gid=490411381.1675232903&gtm=2wg1u053XCXJ&cd2=2023-02-01T06%3A28%3A23.145%2B00%3A00&z=151333329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 17:40:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dxgtm.js Show response
be.synxis.com/public/js/ 63 KB
8 KB 248ms
248ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/dxgtm.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/dataStream.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e03678fb1a6b476aaa19050ea0bc60147c6c5e1e78be5e912b16f9183e6d5c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 25 Jan 2023 15:10:53 GMT
x-cdn: Imperva
content-encoding: gzip
etag: W/"fb5c-185e97b5848"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 15-99305572-99305880 PNYN RT(1675232900780 4458) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 get_hotel_property_rel Show response
www.thehotelsnetwork.com/ 32 B
646 B 74ms
74ms Fetch
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/get_hotel_property_rel?partnership_id=6&partnership_hotel_id=69868

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1506c80eb411afef8b09df3fb0f6701c617f081139d6356dbe0114e32c2e91d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:25 GMT
content-encoding: gzip
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-iinfo: 4-33021842-33022010 NNNN CT(2 6 0) RT(1675232903005 2081) q(0 0 0 -1) r(0 1) U5
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: bGcWDP8JWJYE9NgIlZlSJOrBddikNhH_CRVedrWMHh5fi9f-elQTYg==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
78 KB 44ms
44ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-902GY8W2RT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce34742b55908f533aaa9db369f0a7e5f6d3c1c508d3b05347a0e7f68267db40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79659
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Feb 2023 06:28:25 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 70ms
25ms XHR
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-106819988-1&cid=2057709485.1675232903&jid=807514295&gjid=51653012&_gid=490411381.1675232903&_u=aGDAiEABFAAAAGAAI~&z=616789552

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 06:28:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 06:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 01 Feb 2023 08:21:44 GMT

GET
H2 200 11 Show response
beacon.sojern.com/pixel/cp/ 6 KB
2 KB 132ms
18ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/11?f_v=cp_v3_js&p_v=2&hpid=69868&pt=SEARCH&hd1=2023-03-16&hd2=2023-03-25&hb=Preferred%20Hotels%20%26%20Resorts%20(PV)&hpr=Rosen%20Plaza%20Hotel&hr=1&tch=0&tad=1&t=1&hd=9&l=en-US&et=hs
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 8951b4d26e532da0599c21d135d877cb8a5645958b383599b0c5c95b8da1b85a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:25 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1358

POST
H/1.1 200
OK trackbooking Show response
halo.phgsecure.com/api/cookiereader/ 46 B
832 B 1157ms
345ms Fetch
application/json 52.184.193.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://halo.phgsecure.com/api/cookiereader/trackbooking
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.193.103 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9e1000583dedef5ddb1d1d57c36e907aa1edc95f5ea71b90db37543b4cd755be

Request headers

Referer: https://be.synxis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 01 Feb 2023 06:28:26 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://be.synxis.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex,nofollow
Access-Control-Allow-Headers: Content-Type
Content-Length: 46
Expires: -1

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Feb 2023 07:12:54 GMT

GET
H2 200 / Show response
gatag.it/v2/ 15 KB
15 KB 387ms
182ms Script
application/javascript 34.232.148.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gatag.it/v2/
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/public/js/dxgtm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.148.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-148-211.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 64b58c75d96c74e9f836236ca9764b5c55ac3d58d91fe295bb76a6b1cf320c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: application/javascript
date: Wed, 01 Feb 2023 06:28:25 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=477698552&t=pageview&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&dp=ngbe%2F69868%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Preferred%20Hotels%20%26%20Resorts%20(PV)%20-%20Reservations%20-%20Hotel%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABFAAAACAAI~&jid=807514295&gjid=51653012&cid=2057709485.1675232903&tid=UA-106819988-1&_gid=490411381.1675232903&gtm=2wg1u0W866TTJ&cd1=69868&cd2=10237&cd3=Preferred%20Hotels%20%26%20Resorts%20(PV)&cd4=Rosen%20Plaza%20Hotel&cd29=ORLRZ&cd30=ORLRZ&cd31=Orlando&cd32=Florida&cd33=United%20States&cd34=32819&cd36=0&cd37=9&cd38=2023%2F03%2F16&cd39=2023%2F03%2F25&cd40=43&cd41=1&cd42=&cd43=&cd44=&cd45=&cd46=1&cd47=0&cd48=False&cd49=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&cd50=empty&z=1506395137

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 17:40:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=477698552&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&dp=ngbe%2F69868%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Preferred%20Hotels%20%26%20Resorts%20(PV)%20-%20Reservations%20-%20Hotel%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Impression&_u=aGHAiEALFAAAAGAMI~&jid=&gjid=&cid=2057709485.1675232903&tid=UA-106819988-1&_gid=490411381.1675232903&gtm=2wg1u0W866TTJ&cd1=69868&cd2=10237&cd3=Preferred%20Hotels%20%26%20Resorts%20(PV)&cd4=Rosen%20Plaza%20Hotel&cd29=ORLRZ&cd30=ORLRZ&z=609643170

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 17:40:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 52ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-902GY8W2RT&gtm=2oe1u0&_p=477698552&cid=2057709485.1675232903&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=be.synxis.com%2Fsbe%2F69868%2Fbooking-engine%2Frooms&dt=Preferred%20Hotels%20%26%20Resorts%20(PV)%20-%20Reservations%20-%20Hotel%20Availability&sid=1675232905&sct=1&seg=0&dr=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-902GY8W2RT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 54ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/cp/11?f_v=cp_v3_js&p_v=2&hpid=69868&pt=SEARCH&hd1=2023-03-16&hd2=2023-03-25&hb=Preferred%20Hotels%20%26%20Resorts%20(PV)&hpr=Rosen%20Plaza%20Hotel&hr=1&tch=0&tad=1&t=1&hd=9&l=en-US&et=hs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 Feb 2023 06:28:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: VXmpEahGZDafxh2S6ADWXSa0KDimcS872TLcO2ScThX3QklaDAwnMZKifrzuFvlma3Q5SjP/C4kPtENUnJfu1w==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

src=5390319;dc_pre=CJnNkvLY8_wCFQMLewodwmYNKA;type=sales;cat=lbdddhup;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHote...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=5390319;type=sales;cat=lbdddhup;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%...
https://ad.doubleclick.net/ddm/activity/src=5390319;dc_pre=CJnNkvLY8_wCFQMLewodwmYNKA;type=sales;cat=lbdddhup;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;...
https://adservice.google.com/ddm/fls/z/src=5390319;dc_pre=CJnNkvLY8_wCFQMLewodwmYNKA;type=sales;cat=lbdddhup;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u...

42 B
401 B

222ms
56ms

Image
image/gif

2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=5390319;dc_pre=CJnNkvLY8_wCFQMLewodwmYNKA;type=sales;cat=lbdddhup;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHotels%2B%2526%2BResorts%2B%2528PV%2529;u18=;u19=69868;u20=Rosen%2BPlaza%2BHotel;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID]

Protocol

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=5390319;dc_pre=CJnNkvLY8_wCFQMLewodwmYNKA;type=sales;cat=lbdddhup;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHotels%2B%2526%2BResorts%2B%2528PV%2529;u18=;u19=69868;u20=Rosen%2BPlaza%2BHotel;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID]
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10755720;dc_pre=CPHWkvLY8_wCFUkAewodmeQO8w;type=searc0;cat=rosen0;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHote...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10755720;type=searc0;cat=rosen0;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%...
https://ad.doubleclick.net/ddm/activity/src=10755720;dc_pre=CPHWkvLY8_wCFUkAewodmeQO8w;type=searc0;cat=rosen0;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;...
https://adservice.google.com/ddm/fls/z/src=10755720;dc_pre=CPHWkvLY8_wCFUkAewodmeQO8w;type=searc0;cat=rosen0;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u...

42 B
107 B

233ms
57ms

Image
image/gif

2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10755720;dc_pre=CPHWkvLY8_wCFUkAewodmeQO8w;type=searc0;cat=rosen0;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHotels%2B%2526%2BResorts%2B%2528PV%2529;u18=;u19=69868;u20=Rosen%2BPlaza%2BHotel;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Protocol

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=10755720;dc_pre=CPHWkvLY8_wCFUkAewodmeQO8w;type=searc0;cat=rosen0;qty=1;cost=0;u1=;u2=;u3=;u4=2023-03-16;u5=2023-03-25;u6=;u8=en-US;u9=9;u10=;u11=;u12=1;u13=;u14=;u15=;u16=;u17=Preferred%2BHotels%2B%2526%2BResorts%2B%2528PV%2529;u18=;u19=69868;u20=Rosen%2BPlaza%2BHotel;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1476628&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1476628%26t%3D1

0
1 KB

8ms
8ms

Image
application/javascript

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1476628%26t%3D1

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Feb 2023 06:28:25 GMT
AN-X-Request-Uuid: 3ec21c96-e58c-459d-bcd0-4a89fea38392
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Feb 2023 06:28:25 GMT
AN-X-Request-Uuid: 58d37149-9a5b-4ee4-b816-5efea863ebcc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1476628%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=26388468&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26388468%26t%3D1

0
1 KB

48ms
47ms

Image
application/javascript

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26388468%26t%3D1

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Feb 2023 06:28:25 GMT
AN-X-Request-Uuid: a97ef3f6-cc9c-4276-b666-2d6c674c58b0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Wed, 01 Feb 2023 06:28:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: dc1cbaa7-2bd7-4331-a10b-71a0df60eadf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26388468%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=mIBxf8n4Ke3t_NJjypxpag&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6L...
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=mIBxf8n4Ke3t_NJjypxpag&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6L...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D&sjrn_ula=211640886&google_gid=CAESEOBdzcn3Nty48IHBTGrQZuY&google_cver=1

42 B
272 B

17ms
16ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D&sjrn_ula=211640886&google_gid=CAESEOBdzcn3Nty48IHBTGrQZuY&google_cver=1
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Wed, 01 Feb 2023 06:28:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D&sjrn_ula=211640886&google_gid=CAESEOBdzcn3Nty48IHBTGrQZuY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=mIBxf8n4Ke3t_NJjypxpag&google_nid=sojern_adh
https://cm.g.doubleclick.net/pixel?google_hm=mIBxf8n4Ke3t_NJjypxpag&google_nid=sojern_adh&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDoruj-dC9g7at7l3UvUAcAi33B-_XuayvSpyTmF6q-BwXdamw57fjwewnHAECFLbuGhuXglLYY9U5lkq-d6JyuEwwwbS5NVobxL7QGA4gYWCByPpO3A
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoruj-dC9g7at7l3UvUAcAi33B-_XuayvSpyTmF6q-BwXdamw57fjwewnHAECFLbuGhuXglLYY9U5lkq-d6JyuEwwwbS5NVobxL7QGA4gYWCByPpO3A

170 B
432 B

219ms
144ms

Image
image/png

2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoruj-dC9g7at7l3UvUAcAi33B-_XuayvSpyTmF6q-BwXdamw57fjwewnHAECFLbuGhuXglLYY9U5lkq-d6JyuEwwwbS5NVobxL7QGA4gYWCByPpO3A

Protocol

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:26 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:26 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoruj-dC9g7at7l3UvUAcAi33B-_XuayvSpyTmF6q-BwXdamw57fjwewnHAECFLbuGhuXglLYY9U5lkq-d6JyuEwwwbS5NVobxL7QGA4gYWCByPpO3A
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D
https://pixel.sojern.com/idsync/apn?id=2493800708808810220&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D

42 B
274 B

79ms
16ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=2493800708808810220&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Wed, 01 Feb 2023 06:28:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Date: Wed, 01 Feb 2023 06:28:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2faca9cc-03dd-4208-8b36-343d7f395e6b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://pixel.sojern.com/idsync/apn?id=2493800708808810220&sjrn_id=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 121ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0jPeJ0DfUmo4satDckGglqzy8O2nk3QIQQ2uVLSN3wD9UYQ3q6LwUTpJYrgnU76D&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 01 Feb 2023 06:28:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 168548481809762 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 68ms
66ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/168548481809762?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1afea121d31635a12ee2201bc3774fe762948e981560ad1b5578bbb11152ac4c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 Feb 2023 06:28:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: J7VYHGCp6lhXLa32oJ+/ZE2+R9i5EUbTl0eCOx71E8z35C0QaBG/ROgoDikje4NmTMCcFEnU3M7bP1WxpjzBKA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 47ms
11ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=168548481809762&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&rl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&if=false&ts=1675232905925&sw=1600&sh=1200&v=2.9.95&r=stable&a=trplsojern&ec=0&o=30&cs_est=true&fbp=fb.1.1675232905924.901506443&it=1675232905796&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 06:28:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 47ms
11ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=168548481809762&ev=Search&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&rl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&if=false&ts=1675232905927&cd[content_type]=hotel&cd[checkin_date]=2023-03-16&cd[checkout_date]=2023-03-25&cd[custom_param11]=Preferred%252BHotels%252B%252526%252BResorts%252B%252528PV%252529&cd[custom_param13]=Rosen%252BPlaza%252BHotel&cd[custom_param7]=1&cd[content_ids]=%5B%2269868%22%5D&cd[custom_param6]=9&cd[value]=0&cd[purchase_value]=0&cd[custom_param5]=en-US&sw=1600&sh=1200&v=2.9.95&r=stable&a=trplsojern&ec=1&o=30&fbp=fb.1.1675232905924.901506443&it=1675232905796&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 06:28:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga.js Show response
google-analytics.com/ 45 KB
17 KB 117ms
19ms Script
text/javascript 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/ga.js

Requested by

Host: gatag.it
URL: https://gatag.it/v2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 05:54:21 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2045
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 01 Feb 2023 07:54:21 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
224 B 54ms
41ms Image
image/gif 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=278090504&utmhn=be.synxis.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Preferred%20Hotels%20%26%20Resorts%20(PV)%20-%20Reservations%20-%20Hotel%20Availability&utmhid=477698552&utmr=0&utmp=%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&utmht=1675232906142&utmac=UA-41848973-1&utmcc=__utma%3D77553030.2057709485.1675232903.1675232906.1675232906.1%3B%2B__utmz%3D77553030.1675232906.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1198040275&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAABAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.php Show response
www.gatag.it/ 146 B
764 B 348ms
99ms Script
application/javascript 34.232.148.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gatag.it/index.php?&skey=$48R3&device=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&callback=callback
Requested by: Host: gatag.it
URL: https://gatag.it/v2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.148.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-148-211.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 50f10898342061c80fea923b4a5ec511ce9e9fe32457dc69ecb5524bd3a8b44e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Wed, 01 Feb 2023 06:28:26 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length: 146
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

smile.gif
capture.gatag.it/
Redirect Chain

https://capture.gatag.it/?act=0&cid=0&apikey=%3FYXZkew%253D%253D&type=look&name=Rosen%20Plaza%20Hotel&promo=&iata=&group=GRPAPEC2023&arrival=2023%2F03%2F16&depart=2023%2F03%2F25&template=NGBE&chain...
https://capture.gatag.it/smile.gif

43 B
543 B

91ms
91ms

Image
image/gif

52.72.241.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.gatag.it/smile.gif
Protocol: H2
Server: 52.72.241.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-241-80.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:26 GMT
last-modified: Tue, 05 Apr 2022 12:37:22 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "2b-5dbe7819c8480"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:26 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type: text/html; charset=UTF-8
location: /smile.gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 getLeadAvailability Show response
be.synxis.com/gw/product/v1/ 1 KB
1 KB 333ms
332ms Fetch
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/product/v1/getLeadAvailability

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

8932184a4d15a2e4673b9acb8112b2c3c147cb20487f8be868d815e999e97eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

ActivityID: xyduvwDPDwcelHBNMJu-beuu
Accept: application/json,application/x-javascript
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Context: BE
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: gzip
x-cdn: Imperva
accept-language: de-DE,de;q=0.9
x-api-session: MDAxMjF-MmV6NmNvZ2ZGMzRHTXFxUnE1dlVkTFBaOFpUam1kdDhtaE11VmxVOE9rRHhiNnQ1N1NTazRhV2hIR3BNYno0QWVnWDkzT21CVWpwdFZDbDFlamNIRVJrZ2N1VitOenRWRnE5ZEo1Z3U2NXpDeitaUkNYU2o2enNwU3h5RHhyQ3pLajd6WkwzcUZUV0d0Q2ZXMEs3S2diZFhySWNpeXRMejRUaEVRZ1dYL2pzQWs4d1NZZ0JlUFlENURQSVp5d2R0Z1VMUm04WTFVaDY4L1BaRklLYzlrc0R2dnBPVmlMUVF1NUxIWTFhK0I4VDBQd25UR1BLQkI5ZFVlcVR4RnZvSFp2K1M3UWtQOEs3aEc2dDI1MkVOT2o1VEdhNDZta1V5MGQvYXNZZTRiVnNuODFWckxibmFmdEJyTVNOSFBaVFQ
x-iinfo: 15-99305572-99305876 PNNN RT(1675232900780 5437) q(0 0 0 -1) r(3 3) U6
cdn-loop: IncapCDN; id="728_1215874"
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-63da068a-66e5fd1f7e7c176033a92452
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
activityid: xyduvwDPDwcelHBNMJu-beuu
cache-control: no-cache
referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
context: BE
sec-fetch-mode: cors
date: Wed, 01 Feb 2023 06:28:26 GMT
message-id: 2ch3jfwj8
origin: https://be.synxis.com
x-content-type-options: nosniff
via: 1.1 google, 1.1 google, 1.1 google
x-real-ip: 10.123.77.110
strict-transport-security: max-age=31536000
x-forwarded-for: 80.255.10.205, 149.126.78.15, 10.123.77.110,10.30.2.15,10.30.0.237
x-forwarded-proto: https
content-length: 404
true-client-ip: 80.255.10.205
server: nginx
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: 1mbrncc1q
x-forwarded-port: 443
app-env: p1
incap-proxy-728: OK

POST
H2 200 getLeadAvailability Show response
be.synxis.com/gw/product/v1/ 5 KB
3 KB 468ms
468ms Fetch
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/product/v1/getLeadAvailability

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

ff8166b6c0fd73c866f355212c2df8b0af3273b239179ef005f1aa04325c5a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

ActivityID: xyduvwDPDwcelHBNMJu-beuu
Accept: application/json,application/x-javascript
Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
Context: BE
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: gzip
x-cdn: Imperva
accept-language: de-DE,de;q=0.9
x-api-session: MDAxMjF-YWdNQkt1RVFmaDdxSE1Db1VGR2F5VGE3OHhqa0twMTkvczIwM2w0dE5hK1pORDFKMnovUTZhb2RUVXdDL01SVFYzSXBNTTRYV0RkMGcyejI5K243TnBzZ2loTXJMam9OZnN0V1lPT3Qza25ESzJBS0xZSEh2UGFlMnQ4MDRGc3FKS3c0eGhTaUgrczBFV0pLcFdSc2tuZGRGcmt6aThEZThnckc5MWxOa2E5M1FyMDBFYjRrRFZLK1RkVWFEck5xSTkrWnBJRCthR0JmUWpzT0ZVVDdxaHo3Y3hxWFVoZDVnQThEcHBUZzlmQVZVRVcrOEVGWVFYQ1dYZW4vWTJLQlJ1U0JTK1lRVlBNSlorWGNsdGN5aFNjd3ExYkt0ckZxV1UvR2p1NlNQbkh1MTE2TnplelA0QUMrWHowa1dIejE
x-iinfo: 15-99305572-99305876 PNNN RT(1675232900780 5774) q(0 0 0 -1) r(5 5) U6
cdn-loop: IncapCDN; id="728_1215874"
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-63da068a-2088e594535931485adf59ee
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
activityid: xyduvwDPDwcelHBNMJu-beuu
cache-control: no-cache
referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
context: BE
sec-fetch-mode: cors
date: Wed, 01 Feb 2023 06:28:26 GMT
message-id: 1w55lwa85
origin: https://be.synxis.com
x-content-type-options: nosniff
via: 1.1 google, 1.1 google, 1.1 google
x-real-ip: 10.123.78.215
strict-transport-security: max-age=31536000
x-forwarded-for: 80.255.10.205, 149.126.78.15, 10.123.78.215,10.30.0.21,10.30.0.237
x-forwarded-proto: https
content-length: 1055
true-client-ip: 80.255.10.205
server: nginx
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: dzntjqdum
x-forwarded-port: 443
app-env: p1
incap-proxy-728: OK

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 9ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=168548481809762&ev=Microdata&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&rl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&if=false&ts=1675232907432&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Preferred%20Hotels%20%26%20Resorts%20(PV)%20-%20Reservations%20-%20Hotel%20Availability%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&a=trplsojern&ec=2&o=30&fbp=fb.1.1675232905924.901506443&it=1675232905796&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 06:28:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 get_hotel_property_rel Show response
www.thehotelsnetwork.com/ 32 B
691 B 89ms
88ms Fetch
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/get_hotel_property_rel?partnership_id=6&partnership_hotel_id=69868

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1506c80eb411afef8b09df3fb0f6701c617f081139d6356dbe0114e32c2e91d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:27 GMT
content-encoding: gzip
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-iinfo: 4-33021842-33022142 NNNN CT(1 4 0) RT(1675232903005 4146) q(0 0 0 -1) r(0 1) U5
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: C5D02euTqVVr03F0i2eAkMOgDz29Ly1Ba4Otpx5-j2EPqSRarXJJkw==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 get_hotel_property_rel Show response
www.thehotelsnetwork.com/ 32 B
637 B 79ms
79ms Fetch
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/get_hotel_property_rel?partnership_id=6&partnership_hotel_id=69868

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1506c80eb411afef8b09df3fb0f6701c617f081139d6356dbe0114e32c2e91d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:28:28 GMT
content-encoding: gzip
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-iinfo: 4-33021842-33022142 PNNN RT(1675232903005 4930) q(0 0 0 -1) r(1 1) U5
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: bSu-El_Dr1nswI-AYLSrErDOpBcWrSjsfjdZREl1hoKJEOT6_dUNAQ==
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 events Show response
be.synxis.com/gw/v1/log/ 181 B
263 B 279ms
278ms Fetch
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/v1/log/events

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

657d45953a9dba97f66a14e13dab9a8b7e4e3f9e666a92096be26d1b83eb43a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

content-encoding: gzip
x-cdn: Imperva
accept-language: de-DE,de;q=0.9
x-iinfo: 15-99305572-99305876 PNNN RT(1675232900780 8928) q(0 0 0 -1) r(2 2) U6
cdn-loop: IncapCDN; id="728_1215874"
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-63da068d-6deca4c24a3adadb2bb7d7b9
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache
referer: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ
sec-fetch-mode: cors
date: Wed, 01 Feb 2023 06:28:29 GMT
message-id: 1w28mvyiq
origin: https://be.synxis.com
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 google
x-real-ip: 10.123.77.110
x-forwarded-for: 80.255.10.205, 149.126.78.15, 10.123.77.110,10.30.2.15,10.30.0.237
x-forwarded-proto: https
content-length: 53
true-client-ip: 80.255.10.205
server: nginx
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: 9wyzovr4v
x-forwarded-port: 443
app-env: p1
incap-proxy-728: OK

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-902GY8W2RT&gtm=2oe1u0&_p=477698552&cid=2057709485.1675232903&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1675232905&sct=1&seg=0&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&dr=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D1%26arrive%3D2023-03-16%26chain%3D10237%26child%3D0%26config%3DORLRZ%26currency%3DUSD%26depart%3D2023-03-25%26group%3DGRPAPEC2023%26hotel%3D69868%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DORLRZ&dt=Preferred%20Hotels%20%26%20Resorts%20(PV)%20-%20Reservations%20-%20Hotel%20Availability&en=scroll&epn.percent_scrolled=90&_et=12
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-902GY8W2RT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 06:28:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: be.synxis.com
URL: https://be.synxis.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A0%2Cc%3A10%2Cr%3A1291)

Domain: data.flip.to
URL: https://data.flip.to/cdn/data/2J/%JS_HOTEL_ID%?z=be.synxis.com

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.synxis.com/	1970-01-20 18:05:40	Name: visid_incap_1215874 Value: rboEGepOQrCQZ6yU6cD40IQG2mMAAAAAQUIPAAAAAABYGG/I5msJksZ51Ry4L23+
.synxis.com/	1969-12-31 23:59:59	Name: incap_ses_728_1215874 Value: owT1GAv4VzsjElnaV2AaCoQG2mMAAAAAxiR+x+z9ZgNsVLjUcE+pSA==
be.synxis.com/	1969-12-31 23:59:59	Name: sessionID Value: xyduvwDPDwcelHBNMJu-beuu
.synxis.com/	1969-12-31 23:59:59	Name: nlbi_1215874 Value: oBVBNBevcH3H66JLrJ/xDgAAAAARjKq67UZjadRW7GeYXpwQ
.synxis.com/	1970-01-20 18:05:41	Name: visid_incap_2103294 Value: H3Jn/D4hQwyTR5D7iK5tnYYG2mMAAAAAQUIPAAAAAACkOOk9vC5oYcN/7i+QX8Yz
.synxis.com/	1969-12-31 23:59:59	Name: incap_ses_729_2103294 Value: l9H2Q7tqbQlyF+QmcO4dCoYG2mMAAAAANdL2EhwQEWU4vwd2O5Pt3w==
.synxis.com/	1970-01-20 18:05:42	Name: visid_incap_1814716 Value: krqkI5woSVyIf9O6n46W64YG2mMAAAAAQUIPAAAAAABd/4OSTLw+Znra2BhG1Wzf
gc.synxis.com/	1969-12-31 23:59:59	Name: GCLB Value: CInJifT569zrCA
.synxis.com/	1969-12-31 23:59:59	Name: incap_ses_8077_1814716 Value: IMq4O2eSzit4WjZ+TkUXcIYG2mMAAAAA1Dcjl9q2hJUtGkzyz/NHMw==
.synxis.com/	1970-01-20 11:30:08	Name: _gcl_au Value: 1.1.1114118031.1675232903
.synxis.com/	1970-01-20 09:21:59	Name: _gid Value: GA1.2.490411381.1675232903
.synxis.com/	1970-01-20 09:20:32	Name: _gat_UA-87550206-6 Value: 1
www.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: __thn_ss Value: d70e157b97aee3674480be3fb502ab57
.thehotelsnetwork.com/	1970-01-20 18:05:41	Name: visid_incap_2454396 Value: W7JXIYK4SY+z/7TjxlK2UoYG2mMAAAAAQUIPAAAAAACzt6SNE1Fbvysjtg4qz1ld
.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: incap_ses_730_2454396 Value: CnR1BJX2CAj0c6rM7nshCoYG2mMAAAAAS2fUdm8FGeGu71sGSFkXlw==
.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: nlbi_2454396 Value: QdYONh0jzHrbbUsG5i1CcAAAAAC2D/4g/k+WHgtmzDcB6yBh
.be.synxis.com/	1970-01-20 18:56:32	Name: _ga Value: GA1.3.2057709485.1675232903
.be.synxis.com/	1970-01-20 09:21:59	Name: _gid Value: GA1.3.490411381.1675232903
.be.synxis.com/	1970-01-20 09:20:32	Name: _dc_gtm_UA-106819988-1 Value: 1
.synxis.com/	1970-01-20 18:56:32	Name: _ga Value: GA1.1.2057709485.1675232903
.synxis.com/	1970-01-20 18:56:32	Name: _ga_902GY8W2RT Value: GS1.1.1675232905.1.0.1675232905.0.0.0
.sojern.com/	1970-01-20 18:06:08	Name: dc-adv Value: %5B%7B%22dr%22%3A%229%22%2C%22dt%22%3A%222023-03-16%22%2C%22et%22%3A%22hs%22%2C%22hb%22%3A%22Preferred+Ho%22%2C%22nt%22%3A%221%22%2C%22pid%22%3A%2269868%22%2C%22pn%22%3A%22Rosen+Plaza+%22%2C%22rt%22%3A%222023-03-25%22%7D%5D
.adnxs.com/	1970-01-20 11:30:08	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C$OjvPj#!]tbP6j2F-XstGt!@DCV$[dvh
.adnxs.com/	1970-01-20 11:30:08	Name: uuid2 Value: 2493800708808810220
.sojern.com/	1970-01-20 18:06:08	Name: cid Value: 9880717f-c9f8-29ed-edfc-d263ca9c696a#1675209600000
.sojern.com/	1970-01-20 11:30:08	Name: apnid Value: 2493800708808810220
.synxis.com/	1970-01-20 11:30:08	Name: _fbp Value: fb.1.1675232905924.901506443
.doubleclick.net/	1970-01-20 18:42:08	Name: IDE Value: AHWqTUlTckSpCNSr01S_YPRL8wesYnpzEYzyh-N6H84gsiJVVv_t8oYcweTcxaR9Hio
.sojern.com/	1970-01-20 18:06:08	Name: gid Value: CAESEOBdzcn3Nty48IHBTGrQZuY
gatag.it/	1970-01-20 09:30:37	Name: AWSALBCORS Value: cjK0UWNVRh/eKsQ/tRDPQXDBlkejg7xU8Qn/sQDmh3ecoq6tAAGKjFIlGx15GP9N4Iuywoi8XrL+RnVJa/RmUNFtkUFx6FN3Eu/kyCxkbq+5cDTClaxknLCuGFLr
.be.synxis.com/	1970-01-20 18:56:32	Name: __utma Value: 77553030.2057709485.1675232903.1675232906.1675232906.1
.be.synxis.com/	1969-12-31 23:59:59	Name: __utmc Value: 77553030
.be.synxis.com/	1970-01-20 13:43:20	Name: __utmz Value: 77553030.1675232906.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.be.synxis.com/	1970-01-20 09:20:33	Name: __utmt Value: 1
.be.synxis.com/	1970-01-20 09:20:34	Name: __utmb Value: 77553030.1.10.1675232906
www.gatag.it/	1970-01-20 09:30:37	Name: AWSALBCORS Value: xT0Gg1FExxTp/6M6Z/s2LdFdP+STzV2K4B7zZDRGkz2EkP0JZB6fRz9UEzT98XoGknaWHrHsSoc39LirHG19W8Rf0Fo0UlpCJL8nmy3wCOBH1aM18Mz3lgV0d1MT
www.gatag.it/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9l4t4780593u4gpdc1cbc9hs40
.be.synxis.com/	1970-01-20 18:56:32	Name: __utmv Value: 77553030.\|4=device=pc=1
capture.gatag.it/	1970-01-20 09:30:37	Name: AWSALBCORS Value: F/wHQLR/PA1oZR4CqK2tDr2pT8H0wx4t5ohzZza9qyC0nRD3cjfMwPOQI1wF8D1pwZUdAo6/MsIsSpGXGE2JuXO+nDG0aPr2cW5pRCfC9+GbrE7/4Rpc30D/upxq
.halo.phgsecure.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 6ea5681bb75f3dbfdd1dcce0c85b847dc607eec124330a19f289894fc01746b9
.synxis.com/	1969-12-31 23:59:59	Name: apisession Value: MDAxMjF-YWdNQkt1RVFmaDdxSE1Db1VGR2F5VGE3OHhqa0twMTkvczIwM2w0dE5hK1pORDFKMnovUTZhb2RUVXdDL01SVFYzSXBNTTRYV0RkMGcyejI5K243TnBzZ2loTXJMam9OZnN0V1lPT3Qza25ESzJBS0xZSEh2UGFlMnQ4MDRGc3FKS3c0eGhTaUgrczBFV0pLcFdSc2tuZGRGcmt6aThEZThnckc5MWxOa2E5M1FyMDBFYjRrRFZLK1RkVWFEck5xSTkrWnBJRCthR0JmUWpzT0ZVVDdxaHo3Y3hxWFVoZDVnQThEcHBUZzlmQVZVRVcrOEVGWVFYQ1dYZW4vWTJLQlJ1U0JTK1lRVlBNSlorWGNsdGN5aFNjd3ExYkt0ckZxV1UvR2p1NlNQbkh1MTE2TnplelA0QUMrWHowa1dIejE

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ(Line 3) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'nonce-67n5UqUoUe9VNidy2p/ftA==' 'unsafe-inline' 'unsafe-eval' 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com pdx-col.eum-appdynamics.com halo.phgsecure.com .triptease.io .hotjar.com .hotjar.io vars.hotjar.com in.hotjar.com vc.hotjar.io .navisperformance.com fusion-api.navisperformance.com assets.navisperformance.com .facebook.com .youtube.com https://.perfmaker.net .gbqofs.io .gbqofs.com https://.flip.to https://.phgsecure.com". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
javascript	error	URL: https://be.synxis.com/?adult=1&arrive=2023-03-16&chain=10237&child=0&config=ORLRZ&currency=USD&depart=2023-03-25&group=GRPAPEC2023&hotel=69868&level=hotel&locale=en-US&rooms=1&theme=ORLRZ Message: Access to XMLHttpRequest at 'https://data.flip.to/cdn/data/2J/%JS_HOTEL_ID%?z=be.synxis.com' from origin 'https://be.synxis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://data.flip.to/cdn/data/2J/%JS_HOTEL_ID%?z=be.synxis.com Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?partnership_id=6(Line 2) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
ajax.googleapis.com
be-cms-api.synxis.com
be.synxis.com
beacon.sojern.com
capture.gatag.it
cm.g.doubleclick.net
connect.facebook.net
data.flip.to
fcmatch.google.com
fcmatch.youtube.com
gatag.it
gc.synxis.com
google-analytics.com
halo.phgsecure.com
ib.adnxs.com
integration.flip.to
match.adsrvr.org
pixel.sojern.com
region1.google-analytics.com
secure.adnxs.com
ssl.google-analytics.com
stats.g.doubleclick.net
storage.googleapis.com
www.facebook.com
www.gatag.it
www.google-analytics.com
www.googletagmanager.com
www.thehotelsnetwork.com
be.synxis.com
data.flip.to
107.154.192.208
107.178.244.119
142.250.180.198
142.251.208.98
2001:4860:4802:32::36
2606:4700:10::6816:3591
2a00:1450:400d:802::2002
2a00:1450:400d:802::200a
2a00:1450:400d:803::200e
2a00:1450:400d:806::2010
2a00:1450:400d:808::200e
2a00:1450:400d:80c::2004
2a00:1450:400d:80d::2008
2a00:1450:400d:80d::200e
2a00:1450:4025:401::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.232.148.211
35.71.131.137
37.252.171.149
37.252.173.215
45.60.155.144
45.60.198.96
45.60.46.204
52.184.193.103
52.72.241.80
02cf4c0726724e3eae89412f24091d7d94eae6dc5127975559afb46693e8adc4
04025905c78ae9f9cc78a58e1387aa677c8548a8a5894eaa94447f082cf2c23f
045733432d805ad3c5ad9c98cb3c380de2fb41034b62b367279315069a774e5c
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05e824db4ee596584ab89b259d8b3c4fc756cea341e475bd119e00f7d013b166
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03
1506c80eb411afef8b09df3fb0f6701c617f081139d6356dbe0114e32c2e91d2
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1afea121d31635a12ee2201bc3774fe762948e981560ad1b5578bbb11152ac4c
1dda544792fdb6e3e64d05d3900f8ac24e2b1906e917218914e544e698aa2a70
1e2aaf8bbfdc9c6a05fdc20d17e925b5ddc7822da1b160c65d87d8affa5dc494
1f615645150521b8d95414b87467cd53e31af5049d8b0a3a795273bc6d62936b
2ddd034d60b268a110e79a61fbcc4c13dbc0ffa7b83a72e8a934ff8d2c44346e
3fef4739f1cf200ed5ad8f17d7b332df45cacbbe147d2affa3348491c45900f3
407743ad7853a628f7c1809ddd2dde3cc9208ef69d107be41fd786cd26cda58c
42b05ecde3b83b193681d4244cc3eeb6cc6d3e39f201d38c6f0d5a665f08d0f9
50f10898342061c80fea923b4a5ec511ce9e9fe32457dc69ecb5524bd3a8b44e
5348e180e41ac06594937cc417b835d2a9448f6197da8d16d853a7c9bc0793c2
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5cc9c425d8c4dff3eea5401c7ea45524d14dacb8974850c7dc956bd0658cd716
625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1
64b58c75d96c74e9f836236ca9764b5c55ac3d58d91fe295bb76a6b1cf320c11
657d45953a9dba97f66a14e13dab9a8b7e4e3f9e666a92096be26d1b83eb43a4
6b17ba3a4e5a8886f4344a0412fb24df21e3cffb5a9ec07a0913081831c6cc97
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d68ee8000766d7fd86ef15d5b414f866a5b0c69ff048074e45b331e4285744b
7667eefedd61bf060f0d3ac6bd73ea2c9da6d9f4cf9db6a4a3aa2af2c3356202
7858de309713780a7ecbce46ce2354ed6055e6262f85404baa7668a0518756cb
7f916b50cc0a83893a2a508acf6cd792f17b90020cb25c95ce5d5535c811023c
800ba494626a26d07497d02b79f0d23bf148cde410a5aa92ea9ec374697e84ca
8074a161d80ffca068c5a4969bccfa4b5a4189d3b0da84702d13d2f0b2b29606
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88eee8de8bbd4c302c4df5babab025b0a91a3571ce387ed5504726354052f551
8932184a4d15a2e4673b9acb8112b2c3c147cb20487f8be868d815e999e97eab
8951b4d26e532da0599c21d135d877cb8a5645958b383599b0c5c95b8da1b85a
89e9e1059c9d13a4e98d06c2f7ed9dceaddf2871d63c222cbb38c3d682f7319f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
928309c962f205bb801fe22078fb41cd89b89d89c26e8c07ed3587773624c2cb
9e1000583dedef5ddb1d1d57c36e907aa1edc95f5ea71b90db37543b4cd755be
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a34b401b19b84ad85cf85ad375f9680e26d139b5adc924364d2e2b3516867b15
ab1f10697ec6d903f4c0ecbd6bd693861bc47ea06c343a6bf70ccdada9425e7b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37b72afbef1c5309b598804257b21f6f8aa642ed1d01fdb5a92b9b0cc406074
ba5516ed9a3e0b64251359fa5c90475a5aad49c25a69df9d12afd913b5c8bbbe
bd64bf122d8019357b5d313c158094b673b04ded23935984507b3eb51cca7cab
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
ce34742b55908f533aaa9db369f0a7e5f6d3c1c508d3b05347a0e7f68267db40
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d68b52f33931a2b6396d0532397fe9bd2872e99ea90735164a026104735821cd
dab60551446f220630b0085a0dc4a29fc1ce58feddbfd3601b324491ff45756a
e03678fb1a6b476aaa19050ea0bc60147c6c5e1e78be5e912b16f9183e6d5c17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff8166b6c0fd73c866f355212c2df8b0af3273b239179ef005f1aa04325c5a83

be.synxis.com Open in urlscan Pro 45.60.46.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

85 %HTTPS

50 %IPv6

16 Domains

30 Subdomains

22 IPs

4 Countries

3202 kBTransfer

10696 kBSize

41 Cookies

7 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

be.synxis.com Open in urlscan Pro
45.60.46.204 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

85 %
HTTPS

50 %
IPv6

16
Domains

30
Subdomains

22
IPs

4
Countries

3202 kB
Transfer

10696 kB
Size

41
Cookies

78 HTTP transactions
0 data transactions