be.synxis.com Open in urlscan Pro
45.60.46.204 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=h...
Submission: On May 10 via api (May 10th 2021, 5:20:25 pm UTC) from US

Summary HTTP 115 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 23 domains to perform 115 HTTP transactions. The main IP is 45.60.46.204, located in United States and belongs to INCAPSULA, US. The main domain is be.synxis.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on April 30th 2021. Valid for: 6 months.

This is the only time be.synxis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	45.60.46.204 45.60.46.204	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
5	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
2	45.60.155.144 45.60.155.144	19551 (INCAPSULA) (INCAPSULA)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:214... 2600:9000:214f:c800:16:3eaa:9140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
6	54.149.237.2 54.149.237.2	16509 (AMAZON-02) (AMAZON-02)
1	184.30.235.132 184.30.235.132	2914 (NTT-COMMU...) (NTT-COMMUNICATIONS-2914)
4	107.154.192.208 107.154.192.208	19551 (INCAPSULA) (INCAPSULA)
7	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3 4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
4	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1 6	2606:4700:10:... 2606:4700:10::ac43:2653	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.89.66 13.224.89.66	16509 (AMAZON-02) (AMAZON-02)
1 3	52.54.154.195 52.54.154.195	14618 (AMAZON-AES) (AMAZON-AES)
1	54.68.139.192 54.68.139.192	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2 2	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3	35.186.195.233 35.186.195.233	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	34.237.9.237 34.237.9.237	14618 (AMAZON-AES) (AMAZON-AES)
3	151.101.193.182 151.101.193.182	54113 (FASTLY) (FASTLY)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
115	34

32 45.60.46.204 (United States)

ASN19551 (INCAPSULA, US)

be.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.155.144 (United States)

ASN19551 (INCAPSULA, US)

be-cms-api.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:c800:16:3eaa:9140:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.navisperformance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.149.237.2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-237-2.us-west-2.compute.amazonaws.com

fusion-api.navisperformance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.235.132 (Santa Clara, United States)

ASN2914 (NTT-COMMUNICATIONS-2914, US)
PTR: a184-30-235-132.deploy.static.akamaitechnologies.com

icm.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.154.192.208 (United States)

ASN19551 (INCAPSULA, US)

gc.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

8986102.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::ac43:2653 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onboard.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-66.zrh50.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.54.154.195 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-154-195.compute-1.amazonaws.com

gatag.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capture.gatag.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.139.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)

linkcenterus.derbysoftca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.52 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.195.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.9.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-9-237.compute-1.amazonaws.com

www.gatag.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.182 (United States)

ASN54113 (FASTLY, US)

static.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

messages.guest-experience.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	synxis.com be.synxis.com be-cms-api.synxis.com gc.synxis.com	2 MB
13	triptease.io 1 redirects onboard.triptease.io api.triptease.io static.triptease.io messages.guest-experience.triptease.io	231 KB
12	doubleclick.net 7 redirects googleads.g.doubleclick.net 8986102.fls.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	4 KB
9	navisperformance.com assets.navisperformance.com fusion-api.navisperformance.com	134 KB
8	google-analytics.com www.google-analytics.com google-analytics.com ssl.google-analytics.com	38 KB
6	google.com 1 redirects www.google.com adservice.google.com fcmatch.google.com	2 KB
5	googleapis.com maps.googleapis.com fonts.googleapis.com	125 KB
5	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	63 KB
4	gatag.it 1 redirects gatag.it www.gatag.it capture.gatag.it	17 KB
4	sojern.com beacon.sojern.com pixel.sojern.com	2 KB
4	google.de www.google.de adservice.google.de	759 B
4	facebook.com www.facebook.com	843 B
2	gstatic.com fonts.gstatic.com	46 KB
2	adsrvr.org 2 redirects match.adsrvr.org	1012 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	facebook.net connect.facebook.net	97 KB
2	fontawesome.com use.fontawesome.com	63 KB
2	googletagmanager.com www.googletagmanager.com	104 KB
1	youtube.com fcmatch.youtube.com	529 B
1	derbysoftca.com linkcenterus.derbysoftca.com	281 B
1	cloudfront.net d10lpsik1i8c69.cloudfront.net	3 KB
1	aexp-static.com icm.aexp-static.com	18 KB
1	googleadservices.com www.googleadservices.com	14 KB
115	23

	Domain	Requested by
32	be.synxis.com	be.synxis.com assets.navisperformance.com onboard.triptease.io static.triptease.io
6	onboard.triptease.io	1 redirects onboard.triptease.io
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	fusion-api.navisperformance.com	assets.navisperformance.com
5	dev.visualwebsiteoptimizer.com	be.synxis.com dev.visualwebsiteoptimizer.com
4	maps.googleapis.com	static.triptease.io maps.googleapis.com
4	cm.g.doubleclick.net	4 redirects
4	gc.synxis.com	be.synxis.com
4	www.facebook.com	be.synxis.com
3	static.triptease.io	onboard.triptease.io static.triptease.io
3	api.triptease.io	onboard.triptease.io static.triptease.io
3	pixel.sojern.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	www.google.de	be.synxis.com
3	www.google.com	be.synxis.com
3	assets.navisperformance.com	be.synxis.com assets.navisperformance.com
2	fonts.gstatic.com	fonts.googleapis.com
2	capture.gatag.it	1 redirects
2	match.adsrvr.org	2 redirects
2	ib.adnxs.com	2 redirects
2	adservice.google.com	8986102.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	8986102.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	be.synxis.com connect.facebook.net
2	be-cms-api.synxis.com	be.synxis.com
2	use.fontawesome.com	be.synxis.com use.fontawesome.com
2	www.googletagmanager.com	be.synxis.com
1	fonts.googleapis.com	static.triptease.io
1	messages.guest-experience.triptease.io	static.triptease.io
1	www.gatag.it	gatag.it
1	ssl.google-analytics.com
1	google-analytics.com	gatag.it
1	adservice.google.de	adservice.google.com
1	fcmatch.youtube.com
1	fcmatch.google.com	1 redirects
1	linkcenterus.derbysoftca.com
1	gatag.it	be.synxis.com
1	d10lpsik1i8c69.cloudfront.net	be.synxis.com
1	beacon.sojern.com	be.synxis.com
1	icm.aexp-static.com	be.synxis.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
115	42

This site contains links to these domains. Also see Links.

Domain
www.civanacarefree.com
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2021-10-30`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
incapsula.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-12` - `2021-07-21`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.navisperformance.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-27` - `2022-05-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2020-07-02` - `2021-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-10` - `2021-08-10`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
gatag.it Amazon	`2021-03-24` - `2022-04-22`	a year	crt.sh
linkcenter.derbysoftca.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.triptease.io Sectigo RSA Organization Validation Secure Server CA	`2020-04-16` - `2022-05-07`	2 years	crt.sh
*.gatag.it Amazon	`2021-03-24` - `2022-04-22`	a year	crt.sh
*.guest-experience.triptease.io R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Frame ID: 7FEF3E2C08FE162BC8C3AA4C3D7450AB
Requests: 98 HTTP requests in this frame

Frame: https://8986102.fls.doubleclick.net/activityi;dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
Frame ID: 51DC7CFAFC115CC9252CE172FA51A2CA
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
Frame ID: 52A40082E004015FE8FD2D440D011113
Requests: 1 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/v4179.39760/kernel-host.html?originHost=be.synxis.com
Frame ID: B8019E6BB606A419B64CE6709F5E4352
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
Frame ID: DE35B34F2E760D0BFDDAC47DBE4BEAAD
Requests: 1 HTTP requests in this frame

Frame: https://static.triptease.io/message-porter/dist/storageIframe.html
Frame ID: E559F8A5822D07F9E4DD60204F3F5EF0
Requests: 1 HTTP requests in this frame

Frame: https://static.triptease.io/message-porter/dist/notifications.html
Frame ID: 0ECF2254BC8A27A5548F4E1A9B9E3BAF
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

115
Requests

100 %
HTTPS

47 %
IPv6

23
Domains

42
Subdomains

34
IPs

4
Countries

3124 kB
Transfer

8837 kB
Size

8
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.civanacarefree.com/

Search URL Search Domain Scan URL

URL: http://www.civanacarefree.com/
Title: www.civanacarefree.com

Search URL Search Domain Scan URL

URL: https://www.civanacarefree.com/class-schedule/
Title: classes.

Search URL Search Domain Scan URL

URL: http://www.civanacarefree.com/reservations-policy/
Title: Reservations Policy

Search URL Search Domain Scan URL

URL: http://www.civanacarefree.com/area-attractions/
Title: Area Attractions

Search URL Search Domain Scan URL

URL: http://www.civanacarefree.com/local-activities/
Title: Local Activities

Search URL Search Domain Scan URL

URL: http://www.civanacarefree.com/press/
Title: Press

Search URL Search Domain Scan URL

URL: http://www.civanacarefree.com/reviews/
Title: Reviews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CIVANAResort/
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/civanaresort/
Title: instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/CIVANAResort
Title: twitter

Search URL Search Domain Scan URL

URL: http://www.civanacarefree.com/privacy-policy/
Title: Privacy

Search URL Search Domain Scan URL

URL: http://www.civanacarefree.com/terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://8986102.fls.doubleclick.net/activityi;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1 HTTP 302
https://8986102.fls.doubleclick.net/activityi;dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1

Request Chain 57

https://onboard.triptease.io/bootstrap.js?integrationId=01D9MZY8W95M5SR8WJHQ5NHAD5 HTTP 307
https://onboard.triptease.io/bootstrap/v4179.39760/bootstrap.js

Request Chain 70

https://ad.doubleclick.net/ddm/activity/src=8508538;type=searc0;cat=civan0;qty=1;cost=0;u1=;u2=;u3=;u4=2021-06-17;u5=2021-06-20;u9=3;u10=Carefree;u11=USA;u12=3;u13=Arizona;u14=;u15=;u16=;u19=13181;u20=Civana;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8508538;dc_pre=CJHNvurPv_ACFb4BogMdcSQA3Q;type=searc0;cat=civan0;qty=1;cost=0;u1=;u2=;u3=;u4=2021-06-17;u5=2021-06-20;u9=3;u10=Carefree;u11=USA;u12=3;u13=Arizona;u14=;u15=;u16=;u19=13181;u20=Civana;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=8508538;dc_pre=CJHNvurPv_ACFb4BogMdcSQA3Q;type=searc0;cat=civan0;qty=1;cost=0;u1=;u2=;u3=;u4=2021-06-17;u5=2021-06-20;u9=3;u10=Carefree;u11=USA;u12=3;u13=Arizona;u14=;u15=;u16=;u19=13181;u20=Civana;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=GCi7tKzD5OEIyB3G-tvudw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa&sjrn_ula=558339457 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=GCi7tKzD5OEIyB3G-tvudw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa&sjrn_ula=558339457&google_tc= HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa&sjrn_ula=558339457&google_gid=CAESENmNCZkuEI-HGLu_gE5QcVs&google_cver=1

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_hm=GCi7tKzD5OEIyB3G-tvudw&google_nid=sojern_adh HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=GCi7tKzD5OEIyB3G-tvudw&google_nid=sojern_adh&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDopW6508R88A2UOvWTmNHqXmJR0YGmNr-vbmvBzworZERa6JsNivPP8x22KIMLmgjUPiMuXHPkTUDlyjf34Bbo-rRZQb8soBc3cUV859Vj1eqhHmzgI HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopW6508R88A2UOvWTmNHqXmJR0YGmNr-vbmvBzworZERa6JsNivPP8x22KIMLmgjUPiMuXHPkTUDlyjf34Bbo-rRZQb8soBc3cUV859Vj1eqhHmzgI

Request Chain 73

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa HTTP 302
https://pixel.sojern.com/idsync/apn?id=2956187331911545191&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa

Request Chain 74

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=5f3db46c-5a30-430c-8848-d9d44f1b1931&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa

Request Chain 90

https://capture.gatag.it/?act=0&cid=0&apikey=%3FYXZkew%253D%253D&type=look&name=CIVANA%20Wellness%20Resort%20%26%20Spa&promo=GETAWAY&iata=&group=&arrival=2021%2F06%2F17&depart=2021%2F06%2F20&template=NGBE&chain=25041&hotel=7841&language=en-US&session=1235819468&date=2021-05-10%2017%3A20%3A09&campaign=direct&keyword=&medium=none&source=direct&visits=1&ref=&ref2=&cookies=1&extra1=&extra4=0&extra5=1013&window=38&device=not%20set&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36 HTTP 302
https://capture.gatag.it/smile.gif

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
be.synxis.com/ 402 KB
97 KB 1053ms
987ms Document
text/html 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

659ad827b061b240084975aa3a18b4872bd40b714bad1bc71f144881f627811f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: be.synxis.com
:scheme: https
:path: /?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:04 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
set-cookie: sessionID=NKRrznjDzSj304viky5jKqzF; Path=/ apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4NE44RUhOVzlWWUc5eURlSWJpdWFQcG91V3NYNXRCOFVpN2dkcWgyd0xTa2J2UG55OFRCSGRyL1VnTTlrQWVFZUovbWxkemZzZEZoT2xvSGZDcUdMbEYyeTcvQ3FJeVROcnVicEJaa3V0Z0tiYnZvTUNPaW9KU1kwYWswSXZ0dG0xbjFSL1VjL0EwYzZyd1BOc0VmMFJlSUJmK3NCLzB3VE9xT1dKZXJCL2xpVmJaaE4wMFY3QVdZL0s1TDM5N2VHNUh2enhLb3dpWERhejNSV1dVcDhtZmxXZ3RiU0tkcTNtWDNQKzdMZGZxT3c1UThJZXpWZlB4Zys5UWNiYy83NTdSaDVOWUpxMXpQOURVbHQ3bllrajVXTjJZRVdLNkJtQVRFZG1BZ3VyNnQ; Domain=.synxis.com; Path=/; HttpOnly; Secure; SameSite=Strict visid_incap_1215874=jvBU7MifQriANagXOoWnzENrmWAAAAAAQUIPAAAAAACseDETvlC79t2lF0+z/R2S; expires=Tue, 10 May 2022 10:50:42 GMT; HttpOnly; path=/; Domain=.synxis.com; Secure; SameSite=None nlbi_1215874=jmXRUwOyVl4WueALnAADWwAAAABYumMW3xE31m52uGS0lSu9; path=/; Domain=.synxis.com; Secure; SameSite=None incap_ses_260_1215874=XYwTKbjajR/iXxI45bSbA0RrmWAAAAAAaT2dlee8pZJf3daomm1czw==; path=/; Domain=.synxis.com; Secure; SameSite=None
content-security-policy-report-only: img-src data: *; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: *; media-src *; script-src 'strict-dynamic' 'nonce-YuwoosTkKpc8V75j37QXhg==' 'unsafe-inline' 'unsafe-eval' 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.gatag.it gatag.it *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com; default-src 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.gatag.it gatag.it *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com; report-uri /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
content-encoding: gzip
link: </public/js/font-spark-icon-fill.woff2>; rel=preload; as=font; type=font/woff2; crossOrigin=anonymous, </public/js/font-spark-icon-line.woff2>; rel=preload; as=font; type=font/woff2; crossOrigin=anonymous, </public/js/client.js>; rel=preload; as=script, </public/js/modules-main.js>; rel=preload; as=script,
x-cdn: Imperva
x-iinfo: 9-54247136-54247145 NNNN CT(164 329 0) RT(1620667203238 0) q(0 0 5 34) r(10 10) U12

GET
H2 200 font-spark-icon-fill.woff2
be.synxis.com/public/js/ 30 KB
30 KB 474ms
473ms Font
font/woff2 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/font-spark-icon-fill.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://be.synxis.com
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 22:39:20 GMT
x-cdn: Imperva
etag: W/"792c-17900e331c0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-iinfo: 9-54247333-54247334 NNNY CT(171 343 0) RT(1620667204230 0) q(0 0 0 -1) r(3 4) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 31020

GET
H2 200 font-spark-icon-line.woff2
be.synxis.com/public/js/ 39 KB
39 KB 510ms
508ms Font
font/woff2 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/font-spark-icon-line.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: sessionID=NKRrznjDzSj304viky5jKqzF; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4NE44RUhOVzlWWUc5eURlSWJpdWFQcG91V3NYNXRCOFVpN2dkcWgyd0xTa2J2UG55OFRCSGRyL1VnTTlrQWVFZUovbWxkemZzZEZoT2xvSGZDcUdMbEYyeTcvQ3FJeVROcnVicEJaa3V0Z0tiYnZvTUNPaW9KU1kwYWswSXZ0dG0xbjFSL1VjL0EwYzZyd1BOc0VmMFJlSUJmK3NCLzB3VE9xT1dKZXJCL2xpVmJaaE4wMFY3QVdZL0s1TDM5N2VHNUh2enhLb3dpWERhejNSV1dVcDhtZmxXZ3RiU0tkcTNtWDNQKzdMZGZxT3c1UThJZXpWZlB4Zys5UWNiYy83NTdSaDVOWUpxMXpQOURVbHQ3bllrajVXTjJZRVdLNkJtQVRFZG1BZ3VyNnQ; visid_incap_1215874=jvBU7MifQriANagXOoWnzENrmWAAAAAAQUIPAAAAAACseDETvlC79t2lF0+z/R2S; nlbi_1215874=jmXRUwOyVl4WueALnAADWwAAAABYumMW3xE31m52uGS0lSu9; incap_ses_260_1215874=XYwTKbjajR/iXxI45bSbA0RrmWAAAAAAaT2dlee8pZJf3daomm1czw==
:path: /public/js/font-spark-icon-line.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://be.synxis.com
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 22:39:20 GMT
x-cdn: Imperva
etag: W/"9a0c-17900e331c0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-iinfo: 9-54247335-54247336 NNNY CT(167 334 0) RT(1620667204231 0) q(0 0 0 -1) r(5 5) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 39436

GET
H2 200 client.js Show response
be.synxis.com/public/js/ 2 MB
342 KB 237ms
236ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e9f3669758048ed79ab6b00dae279c35c21752d0e2f822e9eaf7689dcbd73db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/js/client.js
pragma: no-cache
cookie: sessionID=NKRrznjDzSj304viky5jKqzF; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4NE44RUhOVzlWWUc5eURlSWJpdWFQcG91V3NYNXRCOFVpN2dkcWgyd0xTa2J2UG55OFRCSGRyL1VnTTlrQWVFZUovbWxkemZzZEZoT2xvSGZDcUdMbEYyeTcvQ3FJeVROcnVicEJaa3V0Z0tiYnZvTUNPaW9KU1kwYWswSXZ0dG0xbjFSL1VjL0EwYzZyd1BOc0VmMFJlSUJmK3NCLzB3VE9xT1dKZXJCL2xpVmJaaE4wMFY3QVdZL0s1TDM5N2VHNUh2enhLb3dpWERhejNSV1dVcDhtZmxXZ3RiU0tkcTNtWDNQKzdMZGZxT3c1UThJZXpWZlB4Zys5UWNiYy83NTdSaDVOWUpxMXpQOURVbHQ3bllrajVXTjJZRVdLNkJtQVRFZG1BZ3VyNnQ; visid_incap_1215874=jvBU7MifQriANagXOoWnzENrmWAAAAAAQUIPAAAAAACseDETvlC79t2lF0+z/R2S; nlbi_1215874=jmXRUwOyVl4WueALnAADWwAAAABYumMW3xE31m52uGS0lSu9; incap_ses_260_1215874=XYwTKbjajR/iXxI45bSbA0RrmWAAAAAAaT2dlee8pZJf3daomm1czw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 22:39:20 GMT
x-cdn: Imperva
etag: W/"5560f-17900e331c0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 9-54247337-54247338 NNNY CT(166 335 0) RT(1620667204233 0) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 349711

GET
H2 200 modules-main.js Show response
be.synxis.com/public/js/ 2 MB
296 KB 361ms
361ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/modules-main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

12de0e51dcc9c2dcb92219c925cb462c23dc6babf482ea7f2bc77dd3078593ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/js/modules-main.js
pragma: no-cache
cookie: sessionID=NKRrznjDzSj304viky5jKqzF; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4NE44RUhOVzlWWUc5eURlSWJpdWFQcG91V3NYNXRCOFVpN2dkcWgyd0xTa2J2UG55OFRCSGRyL1VnTTlrQWVFZUovbWxkemZzZEZoT2xvSGZDcUdMbEYyeTcvQ3FJeVROcnVicEJaa3V0Z0tiYnZvTUNPaW9KU1kwYWswSXZ0dG0xbjFSL1VjL0EwYzZyd1BOc0VmMFJlSUJmK3NCLzB3VE9xT1dKZXJCL2xpVmJaaE4wMFY3QVdZL0s1TDM5N2VHNUh2enhLb3dpWERhejNSV1dVcDhtZmxXZ3RiU0tkcTNtWDNQKzdMZGZxT3c1UThJZXpWZlB4Zys5UWNiYy83NTdSaDVOWUpxMXpQOURVbHQ3bllrajVXTjJZRVdLNkJtQVRFZG1BZ3VyNnQ; visid_incap_1215874=jvBU7MifQriANagXOoWnzENrmWAAAAAAQUIPAAAAAACseDETvlC79t2lF0+z/R2S; nlbi_1215874=jmXRUwOyVl4WueALnAADWwAAAABYumMW3xE31m52uGS0lSu9; incap_ses_260_1215874=XYwTKbjajR/iXxI45bSbA0RrmWAAAAAAaT2dlee8pZJf3daomm1czw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 22:39:20 GMT
x-cdn: Imperva
etag: W/"49d33-17900e331c0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 9-54247339-54247340 NNNY CT(164 332 0) RT(1620667204235 0) q(0 0 0 -1) r(2 3) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 302387

GET
H2 200 NeueHaasUnicaPro-Regular.woff
be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/font/ 45 KB
45 KB 779ms
778ms Font
font/woff 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/font/NeueHaasUnicaPro-Regular.woff

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7487882a39b5a43954c21c701fbde23054e280320f275a6da2c66c4ad636b8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: sessionID=NKRrznjDzSj304viky5jKqzF; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4NE44RUhOVzlWWUc5eURlSWJpdWFQcG91V3NYNXRCOFVpN2dkcWgyd0xTa2J2UG55OFRCSGRyL1VnTTlrQWVFZUovbWxkemZzZEZoT2xvSGZDcUdMbEYyeTcvQ3FJeVROcnVicEJaa3V0Z0tiYnZvTUNPaW9KU1kwYWswSXZ0dG0xbjFSL1VjL0EwYzZyd1BOc0VmMFJlSUJmK3NCLzB3VE9xT1dKZXJCL2xpVmJaaE4wMFY3QVdZL0s1TDM5N2VHNUh2enhLb3dpWERhejNSV1dVcDhtZmxXZ3RiU0tkcTNtWDNQKzdMZGZxT3c1UThJZXpWZlB4Zys5UWNiYy83NTdSaDVOWUpxMXpQOURVbHQ3bllrajVXTjJZRVdLNkJtQVRFZG1BZ3VyNnQ; visid_incap_1215874=jvBU7MifQriANagXOoWnzENrmWAAAAAAQUIPAAAAAACseDETvlC79t2lF0+z/R2S; nlbi_1215874=jmXRUwOyVl4WueALnAADWwAAAABYumMW3xE31m52uGS0lSu9; incap_ses_260_1215874=XYwTKbjajR/iXxI45bSbA0RrmWAAAAAAaT2dlee8pZJf3daomm1czw==
:path: /assets/chain/25041/hotel/7841/fileStorage/font/NeueHaasUnicaPro-Regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://be.synxis.com
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 18:03:53 GMT
x-cdn: Imperva
etag: W/"46016-1551981833000"
x-frame-options: SAMEORIGIN
content-type: font/woff
x-iinfo: 9-54247341-54242561 2NNN RT(1620667204239 0) q(0 0 0 -1) r(7 7) U12
strict-transport-security: max-age=31536000;includeSubDomains
accept-ranges: bytes
content-length: 46016
x-xss-protection: 1; mode=block

GET
H2 200 NeueHaasUnicaPro-Bold.woff
be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/font/ 44 KB
44 KB 1256ms
1255ms Font
font/woff 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/font/NeueHaasUnicaPro-Bold.woff

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

047fafd3b2178a65a2f5a0b202dcf9cd3e53195b22cb7d8bd853178a02ff061a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: sessionID=NKRrznjDzSj304viky5jKqzF; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4NE44RUhOVzlWWUc5eURlSWJpdWFQcG91V3NYNXRCOFVpN2dkcWgyd0xTa2J2UG55OFRCSGRyL1VnTTlrQWVFZUovbWxkemZzZEZoT2xvSGZDcUdMbEYyeTcvQ3FJeVROcnVicEJaa3V0Z0tiYnZvTUNPaW9KU1kwYWswSXZ0dG0xbjFSL1VjL0EwYzZyd1BOc0VmMFJlSUJmK3NCLzB3VE9xT1dKZXJCL2xpVmJaaE4wMFY3QVdZL0s1TDM5N2VHNUh2enhLb3dpWERhejNSV1dVcDhtZmxXZ3RiU0tkcTNtWDNQKzdMZGZxT3c1UThJZXpWZlB4Zys5UWNiYy83NTdSaDVOWUpxMXpQOURVbHQ3bllrajVXTjJZRVdLNkJtQVRFZG1BZ3VyNnQ; visid_incap_1215874=jvBU7MifQriANagXOoWnzENrmWAAAAAAQUIPAAAAAACseDETvlC79t2lF0+z/R2S; nlbi_1215874=jmXRUwOyVl4WueALnAADWwAAAABYumMW3xE31m52uGS0lSu9; incap_ses_260_1215874=XYwTKbjajR/iXxI45bSbA0RrmWAAAAAAaT2dlee8pZJf3daomm1czw==
:path: /assets/chain/25041/hotel/7841/fileStorage/font/NeueHaasUnicaPro-Bold.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://be.synxis.com
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 18:04:25 GMT
x-cdn: Imperva
etag: W/"45200-1551981865000"
x-frame-options: SAMEORIGIN
content-type: font/woff
x-iinfo: 9-54247342-54244256 2NNN RT(1620667204240 0) q(0 4 4 -1) r(12 12) U12
strict-transport-security: max-age=31536000;includeSubDomains
accept-ranges: bytes
content-length: 45200
x-xss-protection: 1; mode=block

GET
H2 200 Canela-Regular.woff
be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/font/ 42 KB
42 KB 1213ms
1212ms Font
font/woff 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/font/Canela-Regular.woff

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

92767da0c932790435f815124bafab8e0a030d0a5b29cab22bc6653abdbfea7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: sessionID=NKRrznjDzSj304viky5jKqzF; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4NE44RUhOVzlWWUc5eURlSWJpdWFQcG91V3NYNXRCOFVpN2dkcWgyd0xTa2J2UG55OFRCSGRyL1VnTTlrQWVFZUovbWxkemZzZEZoT2xvSGZDcUdMbEYyeTcvQ3FJeVROcnVicEJaa3V0Z0tiYnZvTUNPaW9KU1kwYWswSXZ0dG0xbjFSL1VjL0EwYzZyd1BOc0VmMFJlSUJmK3NCLzB3VE9xT1dKZXJCL2xpVmJaaE4wMFY3QVdZL0s1TDM5N2VHNUh2enhLb3dpWERhejNSV1dVcDhtZmxXZ3RiU0tkcTNtWDNQKzdMZGZxT3c1UThJZXpWZlB4Zys5UWNiYy83NTdSaDVOWUpxMXpQOURVbHQ3bllrajVXTjJZRVdLNkJtQVRFZG1BZ3VyNnQ; visid_incap_1215874=jvBU7MifQriANagXOoWnzENrmWAAAAAAQUIPAAAAAACseDETvlC79t2lF0+z/R2S; nlbi_1215874=jmXRUwOyVl4WueALnAADWwAAAABYumMW3xE31m52uGS0lSu9; incap_ses_260_1215874=XYwTKbjajR/iXxI45bSbA0RrmWAAAAAAaT2dlee8pZJf3daomm1czw==
:path: /assets/chain/25041/hotel/7841/fileStorage/font/Canela-Regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://be.synxis.com
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 11:44:25 GMT
x-cdn: Imperva
etag: W/"42550-1552563865000"
x-frame-options: SAMEORIGIN
content-type: font/woff
x-iinfo: 9-54247343-54244260 2NNN RT(1620667204241 0) q(0 4 4 -1) r(12 12) U12
strict-transport-security: max-age=31536000;includeSubDomains
accept-ranges: bytes
content-length: 42550
x-xss-protection: 1; mode=block

GET
H2 200 Canela-Light.woff
be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/font/ 49 KB
49 KB 1270ms
1270ms Font
font/woff 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/font/Canela-Light.woff

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c041a4620d6ee19ae87d3171afcef1dc2f5e9ffb02162353937f11ffbeaa19a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: sessionID=NKRrznjDzSj304viky5jKqzF; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4NE44RUhOVzlWWUc5eURlSWJpdWFQcG91V3NYNXRCOFVpN2dkcWgyd0xTa2J2UG55OFRCSGRyL1VnTTlrQWVFZUovbWxkemZzZEZoT2xvSGZDcUdMbEYyeTcvQ3FJeVROcnVicEJaa3V0Z0tiYnZvTUNPaW9KU1kwYWswSXZ0dG0xbjFSL1VjL0EwYzZyd1BOc0VmMFJlSUJmK3NCLzB3VE9xT1dKZXJCL2xpVmJaaE4wMFY3QVdZL0s1TDM5N2VHNUh2enhLb3dpWERhejNSV1dVcDhtZmxXZ3RiU0tkcTNtWDNQKzdMZGZxT3c1UThJZXpWZlB4Zys5UWNiYy83NTdSaDVOWUpxMXpQOURVbHQ3bllrajVXTjJZRVdLNkJtQVRFZG1BZ3VyNnQ; visid_incap_1215874=jvBU7MifQriANagXOoWnzENrmWAAAAAAQUIPAAAAAACseDETvlC79t2lF0+z/R2S; nlbi_1215874=jmXRUwOyVl4WueALnAADWwAAAABYumMW3xE31m52uGS0lSu9; incap_ses_260_1215874=XYwTKbjajR/iXxI45bSbA0RrmWAAAAAAaT2dlee8pZJf3daomm1czw==
:path: /assets/chain/25041/hotel/7841/fileStorage/font/Canela-Light.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://be.synxis.com
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 18:09:17 GMT
x-cdn: Imperva
etag: W/"50168-1551982157000"
x-frame-options: SAMEORIGIN
content-type: font/woff
x-iinfo: 9-54247344-54244884 2NNN RT(1620667204242 0) q(0 7 7 -1) r(12 12) U12
strict-transport-security: max-age=31536000;includeSubDomains
accept-ranges: bytes
content-length: 50168
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
48 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91e3d1195c0b803623c680edc0ac9108332300ee607c0ad98778bef6985edfd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48805
x-xss-protection: 0
last-modified: Mon, 10 May 2021 15:49:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 May 2021 17:20:05 GMT

GET
H2 200 customization.css
be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/customization/ 4 KB
1 KB 309ms
309ms Stylesheet
text/css 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/customization/customization.css?=v3

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9adecad8ae89426a58abde57220ee66b83294c1f60543bb576420dc04b981652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /assets/chain/25041/hotel/7841/fileStorage/customization/customization.css?=v3
pragma: no-cache
cookie: sessionID=NKRrznjDzSj304viky5jKqzF; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4NE44RUhOVzlWWUc5eURlSWJpdWFQcG91V3NYNXRCOFVpN2dkcWgyd0xTa2J2UG55OFRCSGRyL1VnTTlrQWVFZUovbWxkemZzZEZoT2xvSGZDcUdMbEYyeTcvQ3FJeVROcnVicEJaa3V0Z0tiYnZvTUNPaW9KU1kwYWswSXZ0dG0xbjFSL1VjL0EwYzZyd1BOc0VmMFJlSUJmK3NCLzB3VE9xT1dKZXJCL2xpVmJaaE4wMFY3QVdZL0s1TDM5N2VHNUh2enhLb3dpWERhejNSV1dVcDhtZmxXZ3RiU0tkcTNtWDNQKzdMZGZxT3c1UThJZXpWZlB4Zys5UWNiYy83NTdSaDVOWUpxMXpQOURVbHQ3bllrajVXTjJZRVdLNkJtQVRFZG1BZ3VyNnQ; visid_incap_1215874=jvBU7MifQriANagXOoWnzENrmWAAAAAAQUIPAAAAAACseDETvlC79t2lF0+z/R2S; nlbi_1215874=jmXRUwOyVl4WueALnAADWwAAAABYumMW3xE31m52uGS0lSu9; incap_ses_260_1215874=XYwTKbjajR/iXxI45bSbA0RrmWAAAAAAaT2dlee8pZJf3daomm1czw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:04 GMT
content-encoding: gzip
last-modified: Wed, 11 Sep 2019 15:25:05 GMT
x-cdn: Imperva
etag: W/"3592-1568215505000"
strict-transport-security: max-age=31536000
content-type: text/css
x-iinfo: 9-54247361-54244869 2cNN RT(1620667204405 0) q(0 2 2 -1) r(2 2) U18
cache-control: max-age=1, public
content-length: 1104
expires: Mon, 10 May 2021 17:20:05 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.7/css/ 35 KB
9 KB 48ms
14ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.7/css/all.css
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:04 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2018 20:53:41 GMT
server: NetDNA-cache/2.2
etag: W/"16f4f6797931e43125885e1741f125a7"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

POST
H2 200 getProductAvailability Show response
be.synxis.com/gw/product/v1/ 35 KB
8 KB 1828ms
1828ms XHR
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/product/v1/getProductAvailability

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

0ecf8ae6fef9a09979c1d2d3480c6dbc9579ade16059ebcf020c2fa1d6c02153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
:authority: be.synxis.com
sec-fetch-dest: empty
cookie: sessionID=NKRrznjDzSj304viky5jKqzF; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4NE44RUhOVzlWWUc5eURlSWJpdWFQcG91V3NYNXRCOFVpN2dkcWgyd0xTa2J2UG55OFRCSGRyL1VnTTlrQWVFZUovbWxkemZzZEZoT2xvSGZDcUdMbEYyeTcvQ3FJeVROcnVicEJaa3V0Z0tiYnZvTUNPaW9KU1kwYWswSXZ0dG0xbjFSL1VjL0EwYzZyd1BOc0VmMFJlSUJmK3NCLzB3VE9xT1dKZXJCL2xpVmJaaE4wMFY3QVdZL0s1TDM5N2VHNUh2enhLb3dpWERhejNSV1dVcDhtZmxXZ3RiU0tkcTNtWDNQKzdMZGZxT3c1UThJZXpWZlB4Zys5UWNiYy83NTdSaDVOWUpxMXpQOURVbHQ3bllrajVXTjJZRVdLNkJtQVRFZG1BZ3VyNnQ; visid_incap_1215874=jvBU7MifQriANagXOoWnzENrmWAAAAAAQUIPAAAAAACseDETvlC79t2lF0+z/R2S; nlbi_1215874=jmXRUwOyVl4WueALnAADWwAAAABYumMW3xE31m52uGS0lSu9; incap_ses_260_1215874=XYwTKbjajR/iXxI45bSbA0RrmWAAAAAAaT2dlee8pZJf3daomm1czw==
content-length: 736
:path: /gw/product/v1/getProductAvailability
pragma: no-cache
x-business-context: BE
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
activityid: NKRrznjDzSj304viky5jKqzF
accept: */*
cache-control: no-cache
context: BE
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
content-type: application/json; charset=UTF-8
:method: POST
x-business-context: BE
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
context: BE
ActivityID: NKRrznjDzSj304viky5jKqzF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

origin: https://be.synxis.com
content-encoding: gzip
x-cdn: Imperva
accept-language: en-US
x-api-session: MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4N3NIM2EvUVRROUFnNGRMalJYenY2NVJqTXNIbTFIVlZJNU9aRG02cVZMTFhVQXJxeUFQaG5ldlRtaCtiOEV2cHpNN1lVSndrT1poM1RKZ2NVQnVMamMvK1MzVXh2OHdFY3RVV3hhMnRWSHcwWmVJeXdQT1AyQ0FLMHNsWEVwL3E4TktOK1hxSGJ3MGV4L0Z5YXFzN1FKeS8wSWN3bWhKM2xDT2NiOEsrWnRaRHhmK3VIWWhqdzFUbE1iOGlvMytYUSt6VVQ5dXZ3Y2dxSkJHeCtnQXFsbGpWQ2RCRTJ0cHE4K0FPZmFjaysweU9ZMXBJTU8rWFJhNjFpbXovZXJGRGhnS3k3SkdHQ0dNN3BXVkt0ZHFnNTVpRlJPNHdWb0MySSsvZFk3WWF3SU0
x-iinfo: 9-54247363-54247336 PNNy RT(1620667204412 0) q(0 7 7 -1) r(18 18) U6
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-60996b45-0a28827b7cf7d70c6bf87491
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
activityid: NKRrznjDzSj304viky5jKqzF
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache
context: BE
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
incap-proxy-260: OK
sec-fetch-mode: cors
strict-transport-security: max-age=31536000
message-id: 2nali8jmp
x-content-type-options: nosniff
x-forwarded-for: 185.212.171.67, 149.126.78.4, 10.123.76.176
set-cookie: apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4N3NIM2EvUVRROUFnNGRMalJYenY2NVJqTXNIbTFIVlZJNU9aRG02cVZMTFhVQXJxeUFQaG5ldlRtaCtiOEV2cHpNN1lVSndrT1poM1RKZ2NVQnVMamMvK1MzVXh2OHdFY3RVV3hhMnRWSHcwWmVJeXdQT1AyQ0FLMHNsWEVwL3E4TktOK1hxSGJ3MGV4L0Z5YXFzN1FKeS8wSWN3bWhKM2xDT2NiOEsrWnRaRHhmK3VIWWhqdzFUbE1iOGlvMytYUSt6VVQ5dXZ3Y2dxSkJHeCtnQXFsbGpWQ2RCRTJ0cHE4K0FPZmFjaysweU9ZMXBJTU8rWFJhNjFpbXovZXJGRGhnS3k3SkdHQ0dNN3BXVkt0ZHFnNTVpRlJPNHdWb0MySSsvZFk3WWF3SU0; Domain=synxis.com; Path=/; HttpOnly; Secure
x-forwarded-proto: https
content-length: 6503
true-client-ip: 185.212.171.67
x-business-context: BE
server: Apache-Coyote/1.1
access-control-max-age: 3600
x-forwarded-port: 443
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: gikzn03wa
content-type: application/json;charset=UTF-8
date: Mon, 10 May 2021 17:20:06 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 5 KB
2 KB 65ms
32ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=437458&u=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&f=1&r=0.09464092764821741
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 2ed362bdcbf13f4904a84a3fd3281f5e5a11dcf0f31a57170b45d6acd6c6f2a3

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 May 2021 17:20:05 GMT
via: 1.1 google
server: gams1
content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 civana-logo.svg
be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/image/ 6 KB
2 KB 782ms
782ms Image
image/svg+xml 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be.synxis.com/assets/chain/25041/hotel/7841/fileStorage/image/civana-logo.svg

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a36b52d9785995f5f1ede91f448350248b4ac74e7d2f1fe75b8abccbdc3bd28c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/chain/25041/hotel/7841/fileStorage/image/civana-logo.svg
pragma: no-cache
cookie: _vwo_uuid_v2=DB66B860AFBE8A5490FE2B96B5F38E42B|e1a533e6b47231aaab3847d87d4e22b7; _gcl_au=1.1.1485726809.1620667205; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _fbp=fb.1.1620667205246.2061213071; visid_incap_2103294=mWMQUqZDQOaBfZib74MYzERrmWAAAAAAQUIPAAAAAAD/gI3VCgjXM3GiFBkW37bu; nlbi_2103294=Qg77IDkpwzRZhUy6ZtZ5egAAAAA9R8h6m8VkqXHVjBlpUMre; incap_ses_1367_2103294=QcNZG+093XeDr0rWXY/4EkRrmWAAAAAA+t2bhK7zNQXHqT0ZK+OZXQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 16:35:15 GMT
x-cdn: Imperva
set-cookie: visid_incap_1215874=4gymwY8NSZasO3E5TbuOgkVrmWAAAAAAQUIPAAAAAABoP/7c5/KOaFVdil29aB6E; expires=Tue, 10 May 2022 10:50:42 GMT; HttpOnly; path=/; Domain=.synxis.com; Secure; SameSite=None nlbi_1215874=XoD8QqfPODDrLj1KnAADWwAAAAD7d8p0QU2khYpxbkoRK5Hp; path=/; Domain=.synxis.com; Secure; SameSite=None incap_ses_260_1215874=cKq8LzUrGRtMYRI45bSbA0ZrmWAAAAAAdcLSESZSebQwi9MV0wT+fg==; path=/; Domain=.synxis.com; Secure; SameSite=None
etag: W/"5692-1583253315000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 9-54247486-54247487 NNYN CT(172 345 0) RT(1620667205456 0) q(0 0 5 0) r(8 8) U18
strict-transport-security: max-age=31536000;includeSubDomains
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
56 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPV8LG3

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84a8b03a22184e7d5d88d70956bbc08b7ab195c613c2f5fef47054fb866a2f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56977
x-xss-protection: 0
last-modified: Mon, 10 May 2021 15:49:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 May 2021 17:20:05 GMT

GET
H2 200 civana-logo.svg
be-cms-api.synxis.com/assets/chain/25041/hotel/7841/fileStorage/image/ 6 KB
2 KB 593ms
538ms Image
image/svg+xml 45.60.155.144
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be-cms-api.synxis.com/assets/chain/25041/hotel/7841/fileStorage/image/civana-logo.svg

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.155.144 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a36b52d9785995f5f1ede91f448350248b4ac74e7d2f1fe75b8abccbdc3bd28c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 16:35:15 GMT
x-cdn: Imperva
etag: W/"5692-1583253315000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 8-52838680-52838681 NNYN CT(126 267 0) RT(1620667204266 0) q(0 0 4 0) r(5 5) U5
date: Mon, 10 May 2021 17:20:05 GMT
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.7/webfonts/ 53 KB
54 KB 45ms
14ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.7/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.7/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: abbcb43a4cf5b5c586d440527b87830cc4d6d069e2eabaeb7e0c433ca0edf8d5

Request headers

Origin: https://be.synxis.com
Referer: https://use.fontawesome.com/releases/v5.0.7/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
last-modified: Mon, 26 Feb 2018 20:53:53 GMT
server: NetDNA-cache/2.2
etag: "877700a37b705486d19bdce3f7586754"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 54468

GET
H3-Q050 200 va-9d6ac57dbcbba3321dd904e6ee78b647.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 210 KB
60 KB 51ms
34ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=437458&u=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&f=1&r=0.09464092764821741
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 13f18aef32583a35f254e172c3091e6644610777b1e4718cadfed48d19582017

Request headers

Origin: https://be.synxis.com
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
content-encoding: br
last-modified: Mon, 10 May 2021 06:23:27 GMT
server: gams1
etag: "6098d15f-efea"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61418
via: 1.1 google

GET
H3-Q050 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
301 B 115ms
98ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=437458&d=be.synxis.com&u=DB66B860AFBE8A5490FE2B96B5F38E42B&h=e1a533e6b47231aaab3847d87d4e22b7&t=false&r=0.5897301488340774

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:05 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 85ms
32ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPV8LG3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13939
x-xss-protection: 0
server: cafe
etag: 16751590114636182394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 May 2021 17:20:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: LfdbGOvgfzlpKIBWlOLc6jKZF7rqnadPnrtAyiqKINW7EUUHWyoZRta0rfic9tsKQFAuTGgcR9t5Do4A73WmPw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 May 2021 17:20:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 navis-fusion-loader.js Show response
assets.navisperformance.com/NWRC/Fusion/ 35 KB
13 KB 54ms
10ms Script
application/javascript 2600:9000:214f:c800:16:3eaa:9140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:c800:16:3eaa:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37a7918f1596d21356e4fba56ae52f2099325c3fc04d6b195358f9cc666f681e

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 17:58:11 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers
age: 84115
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 03 Sep 2020 23:26:09 GMT
server: AmazonS3
etag: W/"cc9d6a022deff35e3282ef6ab843f37f"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
x-amz-version-id: YBr8SRJCzRKJ8ZhphEqzZ4HNkEzVdCx_
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: UdfwnSLDiLHnt4UDFnJU73Rk8zjJP4Mqm6KenpcZTO-6YNqwsUk1mA==

GET
H3-29 200 364202050984118 Show response
connect.facebook.net/signals/config/ 255 KB
72 KB 59ms
52ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/364202050984118?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f05e6cd9abe24d15e3929bea86f560c67d66c8bfaae5c81ed209658f9c330e0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: PP5BryooK/vvL3BZeKgQsv8byvPnxLUOH+59Bt90cotDZwtSvced0Fr+HhjaPdNEJxEBM51gpzXu66RNuglx3Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 May 2021 17:20:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 340 B
329 B 20ms
20ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=437458&settings_type=1&vn=7.0&r=0.026444396319896146
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: b0aa686dc09ecce69917f52d2e22f35224cdba18ec286e604d2cbfcfdcdc61e3

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:04 GMT
via: 1.1 google
server: gams1
content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

POST
H2 200 reports
be.synxis.com/ 1 KB
1 KB 705ms
705ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF

Requested by

Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

541402f05aeb7c8cde883a037fb5ac809b3a6f57a687867fcbe9ae547f9096e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: no-cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
cookie: _vwo_uuid_v2=DB66B860AFBE8A5490FE2B96B5F38E42B|e1a533e6b47231aaab3847d87d4e22b7; _gcl_au=1.1.1485726809.1620667205; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _fbp=fb.1.1620667205246.2061213071; visid_incap_2103294=mWMQUqZDQOaBfZib74MYzERrmWAAAAAAQUIPAAAAAAD/gI3VCgjXM3GiFBkW37bu; nlbi_2103294=Qg77IDkpwzRZhUy6ZtZ5egAAAAA9R8h6m8VkqXHVjBlpUMre; incap_ses_1367_2103294=QcNZG+093XeDr0rWXY/4EkRrmWAAAAAA+t2bhK7zNQXHqT0ZK+OZXQ==
content-length: 1289
:path: /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 May 2021 17:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-frame-options: SAMEORIGIN
etag: W/"55b-0Of5CSPu8RZvi9MGqsEtUtZ6KdM"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
x-iinfo: 9-54247498-54247499 NNYN CT(171 335 0) RT(1620667205609 0) q(0 0 5 0) r(6 6) U6
set-cookie: visid_incap_1215874=4gymwY8NSZasO3E5TbuOgkVrmWAAAAAAQUIPAAAAAABoP/7c5/KOaFVdil29aB6E; expires=Tue, 10 May 2022 10:50:42 GMT; HttpOnly; path=/; Domain=.synxis.com; Secure; SameSite=None nlbi_1215874=i6rBcBHrmD5umH3BnAADWwAAAADqVhXc3gwpqn8uw35IaxOh; path=/; Domain=.synxis.com; Secure; SameSite=None incap_ses_260_1215874=UrhjWYb3wnNMYRI45bSbA0ZrmWAAAAAAJ72syONvrSwIZ3MNlqM8yA==; path=/; Domain=.synxis.com; Secure; SameSite=None

GET
H2 200 discovery.json Show response
assets.navisperformance.com/NWRC/Fusion/ 61 B
551 B 31ms
10ms Fetch
application/json 2600:9000:214f:c800:16:3eaa:9140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.navisperformance.com/NWRC/Fusion/discovery.json
Requested by: Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:c800:16:3eaa:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d2071d21c7728e75e882a3240e59f7e175809de3296ca06cdd14273e84d6684

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 17:58:18 GMT
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers
age: 84108
x-cache: Hit from cloudfront
content-length: 61
last-modified: Mon, 24 Aug 2020 19:13:13 GMT
server: AmazonS3
etag: "abb936b7e075c6e92be7f68866771f0f"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
x-amz-version-id: 7tcDAQ7c5ivWOL6SzEdqjJeDxOoT5c_Z
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: X1hCx0L9Ez94PO23aevWX8GD8EDiN8pOejMlq_qM2HT8TCft4Uvs2Q==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/811733663/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/811733663/?random=1620667205227&cv=9&fst=1620667205227&num=1&label=xLU-CJTG85UBEJ-liIMD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340e629c32e1e49f23b7fab70129273617b51ad31ec33e2a14fa8de7655847aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1140
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 22ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=364202050984118&ev=PageView&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&rl=&if=false&ts=1620667205249&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620667205246.2061213071&it=1620667205160&coo=false&exp=l1&rqm=GET

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 10 May 2021 17:20:05 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/811733663/ 42 B
154 B 21ms
20ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/811733663/?random=1620667205227&cv=9&fst=1620666000000&num=1&label=xLU-CJTG85UBEJ-liIMD&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&frm=0&url=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&async=1&fmt=3&is_vtc=1&random=28649736&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/811733663/ 42 B
154 B 21ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/811733663/?random=1620667205227&cv=9&fst=1620666000000&num=1&label=xLU-CJTG85UBEJ-liIMD&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&frm=0&url=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&async=1&fmt=3&is_vtc=1&random=28649736&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 getFusionConfig
fusion-api.navisperformance.com/fusion-config/ Frame 0
0 564ms
183ms Preflight 54.149.237.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-api.navisperformance.com/fusion-config/getFusionConfig?account=15989&url=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
Protocol: H2
Server: 54.149.237.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-237-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: secret
Origin: https://be.synxis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 10 May 2021 17:20:05 GMT
content-length: 0
requestguid: 3ef6a910-0cc1-407f-b600-869b2f41329d
access-control-allow-credentials: true
access-control-allow-origin: https://be.synxis.com
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: origin, content-type, accept, x-requested-with, secret
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

POST
H2 200 reports
be.synxis.com/ 2 KB
1 KB 202ms
201ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF

Requested by

Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1a25986f58f552d86885ccd3ee53d049abd487b96565918476c5e31f3db09f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: no-cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
cookie: _vwo_uuid_v2=DB66B860AFBE8A5490FE2B96B5F38E42B|e1a533e6b47231aaab3847d87d4e22b7; _gcl_au=1.1.1485726809.1620667205; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _fbp=fb.1.1620667205246.2061213071; visid_incap_2103294=mWMQUqZDQOaBfZib74MYzERrmWAAAAAAQUIPAAAAAAD/gI3VCgjXM3GiFBkW37bu; nlbi_2103294=Qg77IDkpwzRZhUy6ZtZ5egAAAAA9R8h6m8VkqXHVjBlpUMre; incap_ses_1367_2103294=QcNZG+093XeDr0rWXY/4EkRrmWAAAAAA+t2bhK7zNQXHqT0ZK+OZXQ==
content-length: 1524
:path: /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 May 2021 17:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-frame-options: SAMEORIGIN
etag: W/"646-4//AgNlSkpePQSA4TTlCuEZcq0w"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
x-iinfo: 9-54247505-54247338 PNYy RT(1620667205715 0) q(0 0 0 0) r(1 1) U6
set-cookie: visid_incap_1215874=4gymwY8NSZasO3E5TbuOgkVrmWAAAAAAQUIPAAAAAABoP/7c5/KOaFVdil29aB6E; expires=Tue, 10 May 2022 10:50:42 GMT; HttpOnly; path=/; Domain=.synxis.com; Secure; SameSite=None nlbi_1215874=g269e+N+3UPK0xShnAADWwAAAAA2ERhjBTj5D5KQyrV4OM57; path=/; Domain=.synxis.com; Secure; SameSite=None incap_ses_260_1215874=T6Umb/zwlFBMYRI45bSbA0VrmWAAAAAA7oGX5bz87iPWMY/eZmIHDQ==; path=/; Domain=.synxis.com; Secure; SameSite=None

GET
H2 200 getFusionConfig Show response
fusion-api.navisperformance.com/fusion-config/ 524 B
891 B 567ms
202ms Fetch
application/json 54.149.237.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-api.navisperformance.com/fusion-config/getFusionConfig?account=15989&url=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
Requested by: Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.237.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-237-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 2d21409da1f0a40fd3d6f3348204f6b85f79879148521b9427cce802ea64907c

Request headers

secret: j1718lyvzwgdl0kycc6o
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://be.synxis.com
date: Mon, 10 May 2021 17:20:06 GMT
access-control-allow-credentials: true
requestguid: 530b9e25-49d7-49d9-a1a9-936733964c12
access-control-allow-headers: origin, content-type, accept, x-requested-with, secret
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json;charset=UTF-8

GET
H2 200 vendors-en.js Show response
be.synxis.com/public/js/ 32 KB
5 KB 196ms
196ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/vendors-en.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

aeabb31a048925fbbbaca0302188fea71511e06cad7eb4582aeb4e945d029345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/js/vendors-en.js
pragma: no-cache
cookie: _vwo_uuid_v2=DB66B860AFBE8A5490FE2B96B5F38E42B|e1a533e6b47231aaab3847d87d4e22b7; _gcl_au=1.1.1485726809.1620667205; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _fbp=fb.1.1620667205246.2061213071; visid_incap_2103294=mWMQUqZDQOaBfZib74MYzERrmWAAAAAAQUIPAAAAAAD/gI3VCgjXM3GiFBkW37bu; nlbi_2103294=Qg77IDkpwzRZhUy6ZtZ5egAAAAA9R8h6m8VkqXHVjBlpUMre; incap_ses_1367_2103294=QcNZG+093XeDr0rWXY/4EkRrmWAAAAAA+t2bhK7zNQXHqT0ZK+OZXQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 22:39:20 GMT
x-cdn: Imperva
etag: W/"13d4-17900e331c0"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
x-iinfo: 9-54247515-54244256 2NNN RT(1620667205868 0) q(0 0 0 0) r(2 2) U2
cache-control: public, max-age=0
set-cookie: nlbi_1215874=UfBsaPPgpwrQLYytnAADWwAAAAAXfnNKgF32XgUup+mwoJnW; path=/; Domain=.synxis.com; Secure; SameSite=None visid_incap_1215874=4gymwY8NSZasO3E5TbuOgkVrmWAAAAAAQUIPAAAAAABoP/7c5/KOaFVdil29aB6E; expires=Tue, 10 May 2022 10:50:42 GMT; HttpOnly; path=/; Domain=.synxis.com; Secure; SameSite=None incap_ses_260_1215874=vEHDEVTF615MYRI45bSbA0ZrmWAAAAAAodQ2zldHNoKxjHGaecHCSg==; path=/; Domain=.synxis.com; Secure; SameSite=None
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5076

GET
H2 200 1.js Show response
be.synxis.com/public/js/ 10 KB
3 KB 202ms
201ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/1.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ad23034ae52031da548a5d33ef865dde597449f0fa2204fd33b36f2635673af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/js/1.js
pragma: no-cache
cookie: _vwo_uuid_v2=DB66B860AFBE8A5490FE2B96B5F38E42B|e1a533e6b47231aaab3847d87d4e22b7; _gcl_au=1.1.1485726809.1620667205; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _fbp=fb.1.1620667205246.2061213071; visid_incap_2103294=mWMQUqZDQOaBfZib74MYzERrmWAAAAAAQUIPAAAAAAD/gI3VCgjXM3GiFBkW37bu; nlbi_2103294=Qg77IDkpwzRZhUy6ZtZ5egAAAAA9R8h6m8VkqXHVjBlpUMre; incap_ses_1367_2103294=QcNZG+093XeDr0rWXY/4EkRrmWAAAAAA+t2bhK7zNQXHqT0ZK+OZXQ==; visid_incap_1215874=4gymwY8NSZasO3E5TbuOgkVrmWAAAAAAQUIPAAAAAABoP/7c5/KOaFVdil29aB6E; nlbi_1215874=UfBsaPPgpwrQLYytnAADWwAAAAAXfnNKgF32XgUup+mwoJnW; incap_ses_260_1215874=vEHDEVTF615MYRI45bSbA0ZrmWAAAAAAodQ2zldHNoKxjHGaecHCSg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 22:39:20 GMT
x-cdn: Imperva
etag: W/"a07-17900e331c0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 9-54247542-54247543 NNNY CT(175 418 0) RT(1620667206147 0) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2567

GET
H2 200 7.js Show response
be.synxis.com/public/js/ 93 KB
15 KB 572ms
571ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/7.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b8113d4207bccaa0bf6bc54664b56a513427e696b17c3db6302c47212b3c296c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/js/7.js
pragma: no-cache
cookie: _vwo_uuid_v2=DB66B860AFBE8A5490FE2B96B5F38E42B|e1a533e6b47231aaab3847d87d4e22b7; _gcl_au=1.1.1485726809.1620667205; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _fbp=fb.1.1620667205246.2061213071; visid_incap_2103294=mWMQUqZDQOaBfZib74MYzERrmWAAAAAAQUIPAAAAAAD/gI3VCgjXM3GiFBkW37bu; nlbi_2103294=Qg77IDkpwzRZhUy6ZtZ5egAAAAA9R8h6m8VkqXHVjBlpUMre; incap_ses_1367_2103294=QcNZG+093XeDr0rWXY/4EkRrmWAAAAAA+t2bhK7zNQXHqT0ZK+OZXQ==; visid_incap_1215874=4gymwY8NSZasO3E5TbuOgkVrmWAAAAAAQUIPAAAAAABoP/7c5/KOaFVdil29aB6E; nlbi_1215874=UfBsaPPgpwrQLYytnAADWwAAAAAXfnNKgF32XgUup+mwoJnW; incap_ses_260_1215874=vEHDEVTF615MYRI45bSbA0ZrmWAAAAAAodQ2zldHNoKxjHGaecHCSg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 22:39:20 GMT
x-cdn: Imperva
etag: W/"3af1-17900e331c0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 9-54247544-54247545 NNNY CT(172 415 0) RT(1620667206149 0) q(0 0 0 -1) r(4 5) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 15089

GET
H2 200 0.js Show response
be.synxis.com/public/js/ 23 KB
5 KB 200ms
199ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/0.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7d96e4be23aa330ce6525d315c0d8d9452814b017528e8119c1230fb1e701c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/js/0.js
pragma: no-cache
cookie: _vwo_uuid_v2=DB66B860AFBE8A5490FE2B96B5F38E42B|e1a533e6b47231aaab3847d87d4e22b7; _gcl_au=1.1.1485726809.1620667205; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _fbp=fb.1.1620667205246.2061213071; visid_incap_2103294=mWMQUqZDQOaBfZib74MYzERrmWAAAAAAQUIPAAAAAAD/gI3VCgjXM3GiFBkW37bu; nlbi_2103294=Qg77IDkpwzRZhUy6ZtZ5egAAAAA9R8h6m8VkqXHVjBlpUMre; incap_ses_1367_2103294=QcNZG+093XeDr0rWXY/4EkRrmWAAAAAA+t2bhK7zNQXHqT0ZK+OZXQ==; visid_incap_1215874=4gymwY8NSZasO3E5TbuOgkVrmWAAAAAAQUIPAAAAAABoP/7c5/KOaFVdil29aB6E; nlbi_1215874=UfBsaPPgpwrQLYytnAADWwAAAAAXfnNKgF32XgUup+mwoJnW; incap_ses_260_1215874=vEHDEVTF615MYRI45bSbA0ZrmWAAAAAAodQ2zldHNoKxjHGaecHCSg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 22:39:20 GMT
x-cdn: Imperva
etag: W/"1454-17900e331c0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 9-54247546-54247547 NNNY CT(169 341 0) RT(1620667206151 0) q(0 0 0 -1) r(2 2) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5204

GET
H2 200 3.js Show response
be.synxis.com/public/js/ 34 KB
7 KB 791ms
790ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/3.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4001935996894a1faf8563ab6ce68297665b2dd6bbfae41140be1ec8eb41a137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/js/3.js
pragma: no-cache
cookie: _vwo_uuid_v2=DB66B860AFBE8A5490FE2B96B5F38E42B|e1a533e6b47231aaab3847d87d4e22b7; _gcl_au=1.1.1485726809.1620667205; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _fbp=fb.1.1620667205246.2061213071; visid_incap_2103294=mWMQUqZDQOaBfZib74MYzERrmWAAAAAAQUIPAAAAAAD/gI3VCgjXM3GiFBkW37bu; nlbi_2103294=Qg77IDkpwzRZhUy6ZtZ5egAAAAA9R8h6m8VkqXHVjBlpUMre; incap_ses_1367_2103294=QcNZG+093XeDr0rWXY/4EkRrmWAAAAAA+t2bhK7zNQXHqT0ZK+OZXQ==; visid_incap_1215874=4gymwY8NSZasO3E5TbuOgkVrmWAAAAAAQUIPAAAAAABoP/7c5/KOaFVdil29aB6E; nlbi_1215874=XoD8QqfPODDrLj1KnAADWwAAAAD7d8p0QU2khYpxbkoRK5Hp; incap_ses_260_1215874=cKq8LzUrGRtMYRI45bSbA0ZrmWAAAAAAdcLSESZSebQwi9MV0wT+fg==; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4N3NIM2EvUVRROUFnNGRMalJYenY2NVJqTXNIbTFIVlZJNU9aRG02cVZMTFhVQXJxeUFQaG5ldlRtaCtiOEV2cHpNN1lVSndrT1poM1RKZ2NVQnVMamMvK1MzVXh2OHdFY3RVV3hhMnRWSHcwWmVJeXdQT1AyQ0FLMHNsWEVwL3E4TktOK1hxSGJ3MGV4L0Z5YXFzN1FKeS8wSWN3bWhKM2xDT2NiOEsrWnRaRHhmK3VIWWhqdzFUbE1iOGlvMytYUSt6VVQ5dXZ3Y2dxSkJHeCtnQXFsbGpWQ2RCRTJ0cHE4K0FPZmFjaysweU9ZMXBJTU8rWFJhNjFpbXovZXJGRGhnS3k3SkdHQ0dNN3BXVkt0ZHFnNTVpRlJPNHdWb0MySSsvZFk3WWF3SU0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 22:39:20 GMT
x-cdn: Imperva
etag: W/"1a74-17900e331c0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 9-54247564-54247487 PNNN RT(1620667206241 0) q(0 0 0 -1) r(8 8) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 6772

GET
H2 200 6.js Show response
be.synxis.com/public/js/ 294 KB
44 KB 503ms
502ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/6.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0c464277028382dc98f12cd756ae82463f923f975fc1f7b68d84f562097ed814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/js/6.js
pragma: no-cache
cookie: _vwo_uuid_v2=DB66B860AFBE8A5490FE2B96B5F38E42B|e1a533e6b47231aaab3847d87d4e22b7; _gcl_au=1.1.1485726809.1620667205; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _fbp=fb.1.1620667205246.2061213071; visid_incap_2103294=mWMQUqZDQOaBfZib74MYzERrmWAAAAAAQUIPAAAAAAD/gI3VCgjXM3GiFBkW37bu; nlbi_2103294=Qg77IDkpwzRZhUy6ZtZ5egAAAAA9R8h6m8VkqXHVjBlpUMre; incap_ses_1367_2103294=QcNZG+093XeDr0rWXY/4EkRrmWAAAAAA+t2bhK7zNQXHqT0ZK+OZXQ==; visid_incap_1215874=4gymwY8NSZasO3E5TbuOgkVrmWAAAAAAQUIPAAAAAABoP/7c5/KOaFVdil29aB6E; nlbi_1215874=XoD8QqfPODDrLj1KnAADWwAAAAD7d8p0QU2khYpxbkoRK5Hp; incap_ses_260_1215874=cKq8LzUrGRtMYRI45bSbA0ZrmWAAAAAAdcLSESZSebQwi9MV0wT+fg==; apisession=MDAxMTZ-cWQzbFVpbk1COGdOUkhOUjVXV1Y4N3NIM2EvUVRROUFnNGRMalJYenY2NVJqTXNIbTFIVlZJNU9aRG02cVZMTFhVQXJxeUFQaG5ldlRtaCtiOEV2cHpNN1lVSndrT1poM1RKZ2NVQnVMamMvK1MzVXh2OHdFY3RVV3hhMnRWSHcwWmVJeXdQT1AyQ0FLMHNsWEVwL3E4TktOK1hxSGJ3MGV4L0Z5YXFzN1FKeS8wSWN3bWhKM2xDT2NiOEsrWnRaRHhmK3VIWWhqdzFUbE1iOGlvMytYUSt6VVQ5dXZ3Y2dxSkJHeCtnQXFsbGpWQ2RCRTJ0cHE4K0FPZmFjaysweU9ZMXBJTU8rWFJhNjFpbXovZXJGRGhnS3k3SkdHQ0dNN3BXVkt0ZHFnNTVpRlJPNHdWb0MySSsvZFk3WWF3SU0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 22:39:20 GMT
x-cdn: Imperva
etag: W/"afe2-17900e331c0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 9-54247565-54247566 NNNY CT(163 330 0) RT(1620667206244 0) q(0 0 0 -1) r(3 5) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 45026

GET
H2 200 AEC.js Show response
icm.aexp-static.com/Internet/IMDC/AmexExpressCheckout/js/2.0/ 62 KB
18 KB 556ms
171ms Script
application/javascript 184.30.235.132
NTT-COMMUNICATION...

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/IMDC/AmexExpressCheckout/js/2.0/AEC.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.235.132 Santa Clara, United States, ASN2914 (NTT-COMMUNICATIONS-2914, US),

Reverse DNS

a184-30-235-132.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

bc51f8dd0d7127599286da555403fe95d18c0ce434529112874ee588276c6f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 09:08:27 GMT
server: Akamai Resource Optimizer
etag: "f7d7-571c722630ffe-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=8167
accept-ranges: bytes
content-length: 18157

GET
H2 200 Civana-Website-Booking-Hero.jpg
be-cms-api.synxis.com/assets/chain/25041/hotel/7841/fileStorage/image/ 859 KB
860 KB 152ms
151ms Image
image/jpeg 45.60.155.144
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be-cms-api.synxis.com/assets/chain/25041/hotel/7841/fileStorage/image/Civana-Website-Booking-Hero.jpg

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.155.144 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c8bff04bdc1d36e4395163f5ac102d73d762f2f8317d3d471e23a7918e6fcbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 06 Aug 2020 23:16:29 GMT
x-cdn: Imperva
etag: W/"879644-1596755789000"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-iinfo: 8-52838746-52838681 PNNN RT(1620667205662 0) q(0 0 0 -1) r(1 1) U5
date: Mon, 10 May 2021 17:20:06 GMT
accept-ranges: bytes
content-length: 879644
x-xss-protection: 1; mode=block

GET
H3-Q050 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 340 B
292 B 27ms
27ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=437458&settings_type=2&vn=7.0&r=0.07043630110511434&u=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: b0aa686dc09ecce69917f52d2e22f35224cdba18ec286e604d2cbfcfdcdc61e3

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:06 GMT
via: 1.1 google
server: gams1
content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 abandoned-cart-config.bundle.js Show response
assets.navisperformance.com/abandoned-cart-client/ 119 KB
119 KB 591ms
591ms Script
application/javascript 2600:9000:214f:c800:16:3eaa:9140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.navisperformance.com/abandoned-cart-client/abandoned-cart-config.bundle.js
Requested by: Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:c800:16:3eaa:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40591be85e53aa287d7d721d6d75d12d3d8eebc56b5e9271388b564e7f21f1d0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PvJIPkFvJURLkcKZVvQpfLx7646UaBsc
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Mon, 10 May 2021 16:40:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "be70d61f5050abf9c8e64ef241510ce3"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
date: Mon, 10 May 2021 17:20:08 GMT
accept-ranges: bytes
content-length: 121799
x-amz-cf-id: af4RA75PZC1he4axyt-clkpvRM3M1EqSDzyNU7Pp_T_U5ciTspdXVg==

GET
H/1.1 404
Not Found double_queen_main_image.jpg
gc.synxis.com/hotel/7841/Images/medium/Room/ 0
0 196ms
144ms Image
text/html 107.154.192.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gc.synxis.com/hotel/7841/Images/medium/Room/double_queen_main_image.jpg
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK civana_king.jpg
gc.synxis.com/hotel/7841/Images/medium/Room/ 14 KB
14 KB 72ms
20ms Image
image/jpeg 107.154.192.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gc.synxis.com/hotel/7841/Images/medium/Room/civana_king.jpg
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 52a5c994c46b06c1a0f38d78bda93efc8fbdf79bdefc0f84b7ae064a691cbb3b

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:20:06 GMT
Last-Modified: Thu, 21 Mar 2019 19:27:22 GMT
X-CDN: Imperva
Etag: "313861b1ce0d41:0"
Content-Type: image/jpeg
X-Iinfo: 9-93390563-93382198 2CNN RT(1620667206278 25) q(0 0 0 0) r(0 0) U18
Cache-Control: max-age=86148, public
Content-Length: 13968
Expires: Tue, 11 May 2021 17:15:54 GMT

GET
H/1.1 200
OK spa_king_bathroom2.jpg
gc.synxis.com/hotel/7841/Images/medium/Room/ 10 KB
11 KB 220ms
161ms Image
image/jpeg 107.154.192.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gc.synxis.com/hotel/7841/Images/medium/Room/spa_king_bathroom2.jpg
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d892a63f41cf7f1440457e514796b1a680f65500252d52cdc14718c9d808fbac

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:20:06 GMT
Last-Modified: Fri, 22 Mar 2019 13:26:54 GMT
X-CDN: Imperva
Etag: "7e55d2eab2e0d41:0"
Content-Type: image/jpeg
X-Iinfo: 14-83633852-83633857 2VNN RT(1620667206099 24) q(0 0 0 1) r(0 1) U18
Cache-Control: max-age=1, public
Content-Length: 10279
Expires: Mon, 10 May 2021 17:20:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=364202050984118&ev=Microdata&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&rl=&if=false&ts=1620667207067&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22CIVANA%20Wellness%20Resort%20%26%20Spa%20-%20Reservations%20-%20Room%20Availability%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620667207066.1757373277&it=1620667205160&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 10 May 2021 17:20:07 GMT

POST
H2 200 reports
be.synxis.com/ 2 KB
1 KB 358ms
358ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF

Requested by

Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/abandoned-cart-client/abandoned-cart-config.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2e06eed86d2bb78f57ef80ee8e720e3e499929eceb6a58c08917bf960b5dbee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: no-cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
cookie: _fbp=fb.1.1620667207066.1757373277; visid_incap_1814716=oMDh2ZiZQaOsqrCtTGq3XEZrmWAAAAAAQUIPAAAAAACzv3cR7NRWIUyRm69fzqZR; incap_ses_282_1814716=147lKkwRNRg4q7YE4d3pA0ZrmWAAAAAALZ+qQaTqQpPNjAZMHWaxPQ==
content-length: 1527
:path: /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 May 2021 17:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-frame-options: SAMEORIGIN
etag: W/"649-nV4tAGbW5bpCgm8Lu03s4YJxWX4"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
x-iinfo: 9-54247636-54247336 PNYy RT(1620667206816 0) q(0 0 0 0) r(3 3) U6
set-cookie: visid_incap_1215874=CJuJB6ofQfCVeOGQMvQmp0ZrmWAAAAAAQUIPAAAAAAAq/5SpMl3Ptj0UiLlSIusC; expires=Tue, 10 May 2022 10:50:42 GMT; HttpOnly; path=/; Domain=.synxis.com; Secure; SameSite=None nlbi_1215874=hHBSHUg7kRtDeDuqnAADWwAAAAAs4atTjNNaDXZMqsfpS4UQ; path=/; Domain=.synxis.com; Secure; SameSite=None incap_ses_260_1215874=jGAEKbhYAisYYhI45bSbA0drmWAAAAAAHpqEfkGwdrnfaMfeyWVH5w==; path=/; Domain=.synxis.com; Secure; SameSite=None

GET
H2 200 fusion-config Show response
fusion-api.navisperformance.com/ 33 B
331 B 207ms
207ms Fetch
application/json 54.149.237.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-api.navisperformance.com/fusion-config?account=15989&url=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
Requested by: Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/abandoned-cart-client/abandoned-cart-config.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.237.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-237-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 09205cd7fbd7212073f63606f659e7d8a03ab0c3cdd5bd39f601f705228a1296

Request headers

secret: j1718lyvzwgdl0kycc6o
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://be.synxis.com
date: Mon, 10 May 2021 17:20:07 GMT
access-control-allow-credentials: true
requestguid: 658886f4-a457-4299-8e7f-741de9d7783f
access-control-allow-headers: origin, content-type, accept, x-requested-with, secret
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 fusion-config
fusion-api.navisperformance.com/ Frame 0
0 183ms
183ms Preflight 54.149.237.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-api.navisperformance.com/fusion-config?account=15989&url=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
Protocol: H2
Server: 54.149.237.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-237-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: secret
Origin: https://be.synxis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 10 May 2021 17:20:07 GMT
content-length: 0
requestguid: 5309374a-a53c-4d48-8de9-9392535f3ee7
access-control-allow-credentials: true
access-control-allow-origin: https://be.synxis.com
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: origin, content-type, accept, x-requested-with, secret
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

PUT
H2 200 notify_missing Show response
be.synxis.com/gw/v1/images/ 0
632 B 262ms
261ms Fetch 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/v1/images/notify_missing?hotel=7841&image=%2Fhotel%2F7841%2FImages%2FRoom%2Fdouble_queen_main_image.jpg&target=medium

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-fetch-mode: cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: undefined
:authority: be.synxis.com
sec-fetch-dest: empty
cookie: _fbp=fb.1.1620667207066.1757373277; visid_incap_1814716=oMDh2ZiZQaOsqrCtTGq3XEZrmWAAAAAAQUIPAAAAAACzv3cR7NRWIUyRm69fzqZR; nlbi_1814716=L2aOeiOSbQCdvLSQT2lvQgAAAABRFjerGRCg4XCs9NZvZsvs; incap_ses_282_1814716=RlctJv0R+FQ4q7YE4d3pA0ZrmWAAAAAA1Ki9xPEtBFOYPqOMR0livQ==
content-length: 2
:path: /gw/v1/images/notify_missing?hotel=7841&image=%2Fhotel%2F7841%2FImages%2FRoom%2Fdouble_queen_main_image.jpg&target=medium
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
activityid: undefined
accept: application/json,application/x-javascript
cache-control: no-cache
context: BE
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
content-type: application/json; charset=utf-8
:method: PUT
Accept: application/json,application/x-javascript
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Context: BE
ActivityID: undefined
Accept-Language: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: gzip
x-cdn: Imperva
hotel: 7841
accept-language: undefined
x-iinfo: 9-54247651-54247499 PNNN RT(1620667206941 0) q(0 0 0 0) r(2 2) U6
sec-fetch-dest: empty
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-60996b47-3a096d9f5ce668f12cf7e57e
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
activityid: undefined
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache
context: BE
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
incap-proxy-260: OK
sec-fetch-mode: cors
strict-transport-security: max-age=31536000
message-id: arj0osrh0
origin: https://be.synxis.com
x-forwarded-for: 185.212.171.67, 149.126.78.4, 10.123.78.64
set-cookie: visid_incap_1215874=CJuJB6ofQfCVeOGQMvQmp0ZrmWAAAAAAQUIPAAAAAAAq/5SpMl3Ptj0UiLlSIusC; expires=Tue, 10 May 2022 10:50:42 GMT; HttpOnly; path=/; Domain=.synxis.com; Secure; SameSite=None nlbi_1215874=FGH/dRwkhXI9r1ZwnAADWwAAAADEv9CZcH12hJQz8F1aUa7n; path=/; Domain=.synxis.com; Secure; SameSite=None incap_ses_260_1215874=cyqCfUIqFz8YYhI45bSbA0drmWAAAAAA6Bz30xRQN7JErEn3mJCBEg==; path=/; Domain=.synxis.com; Secure; SameSite=None
image: /hotel/7841/Images/Room/double_queen_main_image.jpg
x-forwarded-proto: https
content-length: 20
true-client-ip: 185.212.171.67
server: Apache-Coyote/1.1
access-control-max-age: 3600
access-control-allow-credentials: true
target: medium
sec-fetch-site: same-origin
conversation-id: 10nywnri7
x-forwarded-port: 443
date: Mon, 10 May 2021 17:20:07 GMT

GET
H/1.1 200
OK double_queen_main_image.jpg
gc.synxis.com/hotel/7841/Images/Room/ 182 KB
183 KB 18ms
18ms Image
image/jpeg 107.154.192.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gc.synxis.com/hotel/7841/Images/Room/double_queen_main_image.jpg
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9702279d3a747c49a6be9863327de219eca065da20a2d35fb7ed9e7b1db99619

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:20:06 GMT
Last-Modified: Tue, 01 Sep 2020 15:27:00 GMT
X-CDN: Imperva
Etag: "c7e3f2557480d61:0"
Content-Type: image/jpeg
X-Iinfo: 9-93390563-93388317 2CNN RT(1620667206278 175) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=86149, public
Content-Length: 186638
Expires: Tue, 11 May 2021 17:15:55 GMT

GET
H2 200 dataStream.js Show response
be.synxis.com/public/js/ 9 KB
3 KB 197ms
196ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/dataStream.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

16b47d4a800018ed8ee5dd69231621116d9dc72d9b57d54959b0ce0e4255d0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/js/dataStream.js
pragma: no-cache
cookie: _fbp=fb.1.1620667207066.1757373277; incap_ses_282_1814716=RlctJv0R+FQ4q7YE4d3pA0ZrmWAAAAAA1Ki9xPEtBFOYPqOMR0livQ==; nlbi_1814716=nG+8RH0ekyME2qhjT2lvQgAAAACF7wjWesgJE5b51KXXaqVO; incap_ses_247_1814716=bhGxO0Csv2+I1IQrgIVtA0ZrmWAAAAAAtF/95vYApnAvPjxfXOi7VA==; visid_incap_1814716=oMDh2ZiZQaOsqrCtTGq3XEZrmWAAAAAAQUIPAAAAAACzv3cR7NRWIUyRm69fzqZR; visid_incap_1215874=CJuJB6ofQfCVeOGQMvQmp0ZrmWAAAAAAQUIPAAAAAAAq/5SpMl3Ptj0UiLlSIusC; nlbi_1215874=FGH/dRwkhXI9r1ZwnAADWwAAAADEv9CZcH12hJQz8F1aUa7n; incap_ses_260_1215874=cyqCfUIqFz8YYhI45bSbA0drmWAAAAAA6Bz30xRQN7JErEn3mJCBEg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 08:22:46 GMT
x-cdn: Imperva
etag: W/"256c-178a646dff0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 9-54247830-54247499 PNYN RT(1620667208314 0) q(0 0 0 -1) r(1 1) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes

GET
H2 200 dxgtm.js Show response
be.synxis.com/public/js/ 31 KB
5 KB 192ms
192ms Script
application/javascript 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/public/js/dxgtm.js

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/dataStream.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

535f445ead838725a329d12ba4d04071c0cd6bfb3f98f97c9a7d9360a69242e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/js/dxgtm.js
pragma: no-cache
cookie: _fbp=fb.1.1620667207066.1757373277; incap_ses_282_1814716=RlctJv0R+FQ4q7YE4d3pA0ZrmWAAAAAA1Ki9xPEtBFOYPqOMR0livQ==; nlbi_1814716=nG+8RH0ekyME2qhjT2lvQgAAAACF7wjWesgJE5b51KXXaqVO; incap_ses_247_1814716=bhGxO0Csv2+I1IQrgIVtA0ZrmWAAAAAAtF/95vYApnAvPjxfXOi7VA==; visid_incap_1814716=oMDh2ZiZQaOsqrCtTGq3XEZrmWAAAAAAQUIPAAAAAACzv3cR7NRWIUyRm69fzqZR; visid_incap_1215874=CJuJB6ofQfCVeOGQMvQmp0ZrmWAAAAAAQUIPAAAAAAAq/5SpMl3Ptj0UiLlSIusC; nlbi_1215874=FGH/dRwkhXI9r1ZwnAADWwAAAADEv9CZcH12hJQz8F1aUa7n; incap_ses_260_1215874=cyqCfUIqFz8YYhI45bSbA0drmWAAAAAA6Bz30xRQN7JErEn3mJCBEg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 08:22:46 GMT
x-cdn: Imperva
etag: W/"7d6a-178a646dff0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-iinfo: 9-54247856-54247499 PNYN RT(1620667208508 0) q(0 0 0 -1) r(1 1) U2
cache-control: public, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3197
date: Mon, 10 May 2021 16:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 10 May 2021 18:26:52 GMT

GET
H3-29

200

activityi;dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22... Show response
8986102.fls.doubleclick.net/ Frame 51DC
Redirect Chain

https://8986102.fls.doubleclick.net/activityi;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u...
https://8986102.fls.doubleclick.net/activityi;dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=0...

726 B
547 B

63ms
33ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8986102.fls.doubleclick.net/activityi;dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPV8LG3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

6f1982257aab2aca51870958d71715e3a5051c09e72d32ecea2d8308ee982235

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8986102.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://be.synxis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 10 May 2021 17:20:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 522
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 10-May-2021 17:35:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 10 May 2021 17:20:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8986102.fls.doubleclick.net/activityi;dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 43 Show response
beacon.sojern.com/pixel/cp/ 4 KB
1 KB 54ms
22ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/43?f_v=cp_v3_js&p_v=5&hpid=13181&pt=SEARCH&hd1=2021-06-17&hd2=2021-06-20&hc1=Carefree&hs1=Arizona&hn1=USA&hpr=Civana&hr=3&hc=&tch=0&tad=2&hd=3&et=hs
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: b770015d173544a024e63c3219a433ad8b9d70acbc1da238ce430018c006e699

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
content-encoding: gzip
content-type: application/javascript
alt-svc: clear
content-length: 776

GET
H3-29

200

bootstrap.js Show response
onboard.triptease.io/bootstrap/v4179.39760/
Redirect Chain

https://onboard.triptease.io/bootstrap.js?integrationId=01D9MZY8W95M5SR8WJHQ5NHAD5
https://onboard.triptease.io/bootstrap/v4179.39760/bootstrap.js

78 KB
22 KB

55ms
43ms

Script
application/javascript

2606:4700:10::ac43:2653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/bootstrap/v4179.39760/bootstrap.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c03b5e88be65f5822781b3a8c1d061a52b0eea84cfc54defb146d92609e0f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-goog-meta-git-hash: 8fa8a49e6898c52dd1598442a7dcdc83334bb808
age: 3744
x-guploader-uploadid: ABg5-UymWl_UoGzob9m7jEabqqNYRpwpJIHjQ04mZJnXfRTYTn1rmcBJ7kNzeqhUuN0LweiRu5yP2l0_dLx0IaJoG2KUKscAcA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 4179.39760
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f8e42e880000bec4ae0a5000000001
cf-ray: 64d4d62a79d1bec4-FRA
last-modified: Mon, 10 May 2021 16:12:15 GMT
server: cloudflare
etag: W/"4548e138f5f7b6e4df2d28a0b9ae058b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-goog-hash: crc32c=W0iuKA==, md5=RUjhOPX3tuTfLSigua4Fiw==
x-goog-generation: 1620663135891231
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 80164
content-type: application/javascript; charset=utf-8
expires: Tue, 10 May 2022 16:17:23 GMT

Redirect headers

date: Mon, 10 May 2021 17:20:09 GMT
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
location: https://onboard.triptease.io/bootstrap/v4179.39760/bootstrap.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=600
strict-transport-security: max-age=15552000
cf-ray: 64d4d629ea164e25-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63
cf-request-id: 09f8e42e3500004e25483d9000000001

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 115ms
37ms Script
application/javascript 13.224.89.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-66.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 610ab00f8de8912637a2f94ba8a2976e1eef3c240276657b55851f6f6d8163cb

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:09:58 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 19:45:34 GMT
server: AmazonS3
age: 612
etag: W/"8e8d63ac39f7baa3ae59c19edea3f4a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: g4rAaTFLhoffSbqP0uktKQJ9wlu0zD6j1aUX0Ek30uXRMLjNidmtrw==

GET
H2 200 / Show response
gatag.it/v2/ 15 KB
15 KB 310ms
101ms Script
application/javascript 52.54.154.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gatag.it/v2/
Requested by: Host: be.synxis.com
URL: https://be.synxis.com/public/js/dxgtm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.154.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-154-195.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 20bfa21014f452774eca1dffa8ec595bacb01bbc1a4ff613adacd6b5a0b423a3

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
content-type: application/javascript
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips

GET
H2 200 pixelTagging
linkcenterus.derbysoftca.com/dplatform-linkcenter/ 44 B
281 B 558ms
189ms Image
image/gif 54.68.139.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkcenterus.derbysoftca.com/dplatform-linkcenter/pixelTagging?pixel_id=10056&account_id=cendyn&event_type=rate_selection&is_landing_page=FALSE&hotel_id=7841&check_in_date=2021%2F06%2F17&check_out_date=2021%2F06%2F20&stay_length=3&total_guests=2&rooms=1&adults=2&children=0&gtm=yes

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.68.139.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-content-type-options: nosniff
server: Apache-Coyote/1.1
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex
content-length: 44
expires: Thursday, 1 January 1970 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 15ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=364202050984118&ev=Search&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&rl=&if=false&ts=1620667209237&sw=1600&sh=1200&v=2.9.39&r=stable&ec=2&o=30&fbp=fb.1.1620667207066.1757373277&it=1620667205160&coo=false&tm=1&exp=l1&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 10 May 2021 17:20:09 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 15ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=364202050984118&ev=Cen_Civana_ChooseRoom&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&rl=&if=false&ts=1620667209238&sw=1600&sh=1200&v=2.9.39&r=stable&ec=3&o=30&fbp=fb.1.1620667207066.1757373277&it=1620667205160&coo=false&tm=2&exp=l1&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 10 May 2021 17:20:09 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 16:33:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2828
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Mon, 10 May 2021 17:33:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
85 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-106819988-1&cid=1235819468.1620667209&jid=878912773&gjid=1808803544&_gid=227890954.1620667209&_u=YGBAgAALAAAAAE~&z=276427679

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 May 2021 17:20:09 GMT
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=870825967&t=pageview&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&dp=ngbe%2F7841%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAL~&jid=878912773&gjid=1808803544&cid=1235819468.1620667209&tid=UA-106819988-1&_gid=227890954.1620667209&gtm=2wg4s0W866TTJ&cd1=7841&cd2=25041&cd3=CIVANA&cd4=CIVANA%20Wellness%20Resort%20%26%20Spa&cd29=initialTheme&cd30=test&cd31=Carefree&cd32=Arizona&cd33=United%20States&cd34=85377&cd36=12&cd37=3&cd38=2021%2F06%2F17&cd39=2021%2F06%2F20&cd40=38&cd41=1&cd42=&cd43=&cd44=&cd45=&cd46=2&cd47=0&cd48=False&cd49=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&z=1347066764

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 15:49:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5432
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=870825967&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&dp=ngbe%2F7841%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Impression&_u=aGDAAAALAAAAAG~&jid=658461428&gjid=780040072&cid=1235819468.1620667209&tid=UA-106819988-1&_gid=227890954.1620667209&_r=1&gtm=2wg4s0W866TTJ&cd1=7841&cd2=25041&cd3=CIVANA&cd4=CIVANA%20Wellness%20Resort%20%26%20Spa&cd29=initialTheme&cd30=test&il1nm=Room%20Results&il1pi1nm=DOUBLE%20QUEEN%20ROOM&il1pi1id=7841%20-%20Q2%20-%20AP30&il1pi1pr=356.43333333333334&il1pi1br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi1ca=Rooms%20%2F%2030%20Day%20Advance%20Purchase%20%2F%20DOUBLE%20QUEEN%20ROOM&il1pi1va=30%20Day%20Advance%20Purchase&il1pi1ps=1&il1pi2nm=KING%20ROOM&il1pi2id=7841%20-%20K1%20-%20AP30&il1pi2pr=373.43333333333334&il1pi2br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi2ca=Rooms%20%2F%2030%20Day%20Advance%20Purchase%20%2F%20KING%20ROOM&il1pi2va=30%20Day%20Advance%20Purchase&il1pi2ps=2&il1pi3nm=SPA%20KING&il1pi3id=7841%20-%20K1S%20-%20AP30&il1pi3pr=398.93333333333334&il1pi3br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi3ca=Rooms%20%2F%2030%20Day%20Advance%20Purchase%20%2F%20SPA%20KING&il1pi3va=30%20Day%20Advance%20Purchase&il1pi3ps=3&il1pi4nm=DOUBLE%20QUEEN%20ROOM&il1pi4id=7841%20-%20Q2%20-%20BAR&il1pi4pr=419.3333333333333&il1pi4br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi4ca=Rooms%20%2F%20Best%20Flexible%20Rate%20%2F%20DOUBLE%20QUEEN%20ROOM&il1pi4va=Best%20Flexible%20Rate&il1pi4ps=4&il1pi5nm=KING%20ROOM&il1pi5id=7841%20-%20K1%20-%20BAR&il1pi5pr=439.3333333333333&il1pi5br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi5ca=Rooms%20%2F%20Best%20Flexible%20Rate%20%2F%20KING%20ROOM&il1pi5va=Best%20Flexible%20Rate&il1pi5ps=5&il1pi6nm=SPA%20KING&il1pi6id=7841%20-%20K1S%20-%20BAR&il1pi6pr=469.3333333333333&il1pi6br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi6ca=Rooms%20%2F%20Best%20Flexible%20Rate%20%2F%20SPA%20KING&il1pi6va=Best%20Flexible%20Rate&il1pi6ps=6&il1pi7nm=DOUBLE%20QUEEN%20ROOM&il1pi7id=7841%20-%20Q2%20-%20GETAWAY&il1pi7pr=519.3333333333334&il1pi7br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi7ca=Rooms%20%2F%20Girls%20Getaway%20%2F%20DOUBLE%20QUEEN%20ROOM&il1pi7va=Girls%20Getaway&il1pi7ps=7&il1pi8nm=KING%20ROOM&il1pi8id=7841%20-%20K1%20-%20GETAWAY&il1pi8pr=539.3333333333334&il1pi8br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi8ca=Rooms%20%2F%20Girls%20Getaway%20%2F%20KING%20ROOM&il1pi8va=Girls%20Getaway&il1pi8ps=8&il1pi9nm=SPA%20KING&il1pi9id=7841%20-%20K1S%20-%20GETAWAY&il1pi9pr=569.3333333333334&il1pi9br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi9ca=Rooms%20%2F%20Girls%20Getaway%20%2F%20SPA%20KING&il1pi9va=Girls%20Getaway&il1pi9ps=9&il1pi10nm=DOUBLE%20QUEEN%20ROOM&il1pi10id=7841%20-%20Q2%20-%20INCLTO&il1pi10pr=952&il1pi10br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi10ca=Rooms%20%2F%20CIVANA%20Inclusive%20-%2020%25%20off%20%2F%20DOUBLE%20QUEEN%20ROOM&il1pi10va=CIVANA%20Inclusive%20-%2020%25%20off&il1pi10ps=10&il1pi11nm=KING%20ROOM&il1pi11id=7841%20-%20K1%20-%20INCLTO&il1pi11pr=968&il1pi11br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi11ca=Rooms%20%2F%20CIVANA%20Inclusive%20-%2020%25%20off%20%2F%20KING%20ROOM&il1pi11va=CIVANA%20Inclusive%20-%2020%25%20off&il1pi11ps=11&il1pi12nm=SPA%20KING&il1pi12id=7841%20-%20K1S%20-%20INCLTO&il1pi12pr=992&il1pi12br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi12ca=Rooms%20%2F%20CIVANA%20Inclusive%20-%2020%25%20off%20%2F%20SPA%20KING&il1pi12va=CIVANA%20Inclusive%20-%2020%25%20off&il1pi12ps=12&z=675153907

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-115809663-1&cid=1235819468.1620667209&jid=1583843087&gjid=1147883229&_gid=227890954.1620667209&_u=aGDAgEALAAAAAG~&z=918376025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 May 2021 17:20:09 GMT
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=870825967&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&dp=sbe%2F7841%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Impression&_u=aGHACEALBAAAAG~&jid=737855617&gjid=2007299587&cid=1235819468.1620667209&tid=UA-115809663-1&_gid=227890954.1620667209&_r=1&gtm=2wg4s0NPV8LG3&il1nm=Room%20Results&il1pi1nm=DOUBLE%20QUEEN%20ROOM&il1pi1id=7841%20-%20Q2%20-%20AP30&il1pi1pr=356.43333333333334&il1pi1br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi1ca=Rooms%20%2F%2030%20Day%20Advance%20Purchase%20%2F%20DOUBLE%20QUEEN%20ROOM&il1pi1va=30%20Day%20Advance%20Purchase&il1pi1ps=1&il1pi2nm=KING%20ROOM&il1pi2id=7841%20-%20K1%20-%20AP30&il1pi2pr=373.43333333333334&il1pi2br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi2ca=Rooms%20%2F%2030%20Day%20Advance%20Purchase%20%2F%20KING%20ROOM&il1pi2va=30%20Day%20Advance%20Purchase&il1pi2ps=2&il1pi3nm=SPA%20KING&il1pi3id=7841%20-%20K1S%20-%20AP30&il1pi3pr=398.93333333333334&il1pi3br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi3ca=Rooms%20%2F%2030%20Day%20Advance%20Purchase%20%2F%20SPA%20KING&il1pi3va=30%20Day%20Advance%20Purchase&il1pi3ps=3&il1pi4nm=DOUBLE%20QUEEN%20ROOM&il1pi4id=7841%20-%20Q2%20-%20BAR&il1pi4pr=419.3333333333333&il1pi4br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi4ca=Rooms%20%2F%20Best%20Flexible%20Rate%20%2F%20DOUBLE%20QUEEN%20ROOM&il1pi4va=Best%20Flexible%20Rate&il1pi4ps=4&il1pi5nm=KING%20ROOM&il1pi5id=7841%20-%20K1%20-%20BAR&il1pi5pr=439.3333333333333&il1pi5br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi5ca=Rooms%20%2F%20Best%20Flexible%20Rate%20%2F%20KING%20ROOM&il1pi5va=Best%20Flexible%20Rate&il1pi5ps=5&il1pi6nm=SPA%20KING&il1pi6id=7841%20-%20K1S%20-%20BAR&il1pi6pr=469.3333333333333&il1pi6br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi6ca=Rooms%20%2F%20Best%20Flexible%20Rate%20%2F%20SPA%20KING&il1pi6va=Best%20Flexible%20Rate&il1pi6ps=6&il1pi7nm=DOUBLE%20QUEEN%20ROOM&il1pi7id=7841%20-%20Q2%20-%20GETAWAY&il1pi7pr=519.3333333333334&il1pi7br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi7ca=Rooms%20%2F%20Girls%20Getaway%20%2F%20DOUBLE%20QUEEN%20ROOM&il1pi7va=Girls%20Getaway&il1pi7ps=7&il1pi8nm=KING%20ROOM&il1pi8id=7841%20-%20K1%20-%20GETAWAY&il1pi8pr=539.3333333333334&il1pi8br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi8ca=Rooms%20%2F%20Girls%20Getaway%20%2F%20KING%20ROOM&il1pi8va=Girls%20Getaway&il1pi8ps=8&il1pi9nm=SPA%20KING&il1pi9id=7841%20-%20K1S%20-%20GETAWAY&il1pi9pr=569.3333333333334&il1pi9br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi9ca=Rooms%20%2F%20Girls%20Getaway%20%2F%20SPA%20KING&il1pi9va=Girls%20Getaway&il1pi9ps=9&il1pi10nm=DOUBLE%20QUEEN%20ROOM&il1pi10id=7841%20-%20Q2%20-%20INCLTO&il1pi10pr=952&il1pi10br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi10ca=Rooms%20%2F%20CIVANA%20Inclusive%20-%2020%25%20off%20%2F%20DOUBLE%20QUEEN%20ROOM&il1pi10va=CIVANA%20Inclusive%20-%2020%25%20off&il1pi10ps=10&il1pi11nm=KING%20ROOM&il1pi11id=7841%20-%20K1%20-%20INCLTO&il1pi11pr=968&il1pi11br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi11ca=Rooms%20%2F%20CIVANA%20Inclusive%20-%2020%25%20off%20%2F%20KING%20ROOM&il1pi11va=CIVANA%20Inclusive%20-%2020%25%20off&il1pi11ps=11&il1pi12nm=SPA%20KING&il1pi12id=7841%20-%20K1S%20-%20INCLTO&il1pi12pr=992&il1pi12br=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%207841%20-%20CIVANA&il1pi12ca=Rooms%20%2F%20CIVANA%20Inclusive%20-%2020%25%20off%20%2F%20SPA%20KING&il1pi12va=CIVANA%20Inclusive%20-%2020%25%20off&il1pi12ps=12&z=1606524022

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 15:49:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5432
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

src=8508538;dc_pre=CJHNvurPv_ACFb4BogMdcSQA3Q;type=searc0;cat=civan0;qty=1;cost=0;u1=;u2=;u3=;u4=2021-06-17;u5=2021-06-20;u9=3;u10=Carefree;u11=USA;u12=3;u13=Arizona;u14=;u15=;u16=;u19=13181;u20=Ci...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8508538;type=searc0;cat=civan0;qty=1;cost=0;u1=;u2=;u3=;u4=2021-06-17;u5=2021-06-20;u9=3;u10=Carefree;u11=USA;u12=3;u13=Arizona;u14=;u15=;u16=;u19=13181;...
https://ad.doubleclick.net/ddm/activity/src=8508538;dc_pre=CJHNvurPv_ACFb4BogMdcSQA3Q;type=searc0;cat=civan0;qty=1;cost=0;u1=;u2=;u3=;u4=2021-06-17;u5=2021-06-20;u9=3;u10=Carefree;u11=USA;u12=3;u13...
https://adservice.google.com/ddm/fls/z/src=8508538;dc_pre=CJHNvurPv_ACFb4BogMdcSQA3Q;type=searc0;cat=civan0;qty=1;cost=0;u1=;u2=;u3=;u4=2021-06-17;u5=2021-06-20;u9=3;u10=Carefree;u11=USA;u12=3;u13=...

42 B
63 B

43ms
42ms

Image
image/gif

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8508538;dc_pre=CJHNvurPv_ACFb4BogMdcSQA3Q;type=searc0;cat=civan0;qty=1;cost=0;u1=;u2=;u3=;u4=2021-06-17;u5=2021-06-20;u9=3;u10=Carefree;u11=USA;u12=3;u13=Arizona;u14=;u15=;u16=;u19=13181;u20=Civana;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8508538;dc_pre=CJHNvurPv_ACFb4BogMdcSQA3Q;type=searc0;cat=civan0;qty=1;cost=0;u1=;u2=;u3=;u4=2021-06-17;u5=2021-06-20;u9=3;u10=Carefree;u11=USA;u12=3;u13=Arizona;u14=;u15=;u16=;u19=13181;u20=Civana;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=GCi7tKzD5OEIyB3G-tvudw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC...
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=GCi7tKzD5OEIyB3G-tvudw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa&sjrn_ula=558339457&google_gid=CAESENmNCZkuEI-HGLu_gE5QcVs&google_cver=1

42 B
272 B

22ms
21ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa&sjrn_ula=558339457&google_gid=CAESENmNCZkuEI-HGLu_gE5QcVs&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa&sjrn_ula=558339457&google_gid=CAESENmNCZkuEI-HGLu_gE5QcVs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=GCi7tKzD5OEIyB3G-tvudw&google_nid=sojern_adh
https://cm.g.doubleclick.net/pixel?google_hm=GCi7tKzD5OEIyB3G-tvudw&google_nid=sojern_adh&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDopW6508R88A2UOvWTmNHqXmJR0YGmNr-vbmvBzworZERa6JsNivPP8x22KIMLmgjUPiMuXHPkTUDlyjf34Bbo-rRZQb8soBc3cUV859Vj1eqhHmzgI
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopW6508R88A2UOvWTmNHqXmJR0YGmNr-vbmvBzworZERa6JsNivPP8x22KIMLmgjUPiMuXHPkTUDlyjf34Bbo-rRZQb8soBc3cUV859Vj1eqhHmzgI

170 B
529 B

34ms
14ms

Image
image/png

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDopW6508R88A2UOvWTmNHqXmJR0YGmNr-vbmvBzworZERa6JsNivPP8x22KIMLmgjUPiMuXHPkTUDlyjf34Bbo-rRZQb8soBc3cUV859Vj1eqhHmzgI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDopW6508R88A2UOvWTmNHqXmJR0YGmNr-vbmvBzworZERa6JsNivPP8x22KIMLmgjUPiMuXHPkTUDlyjf34Bbo-rRZQb8soBc3cUV859Vj1eqhHmzgI
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa
https://pixel.sojern.com/idsync/apn?id=2956187331911545191&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa

42 B
264 B

23ms
23ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=2956187331911545191&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:20:09 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: 57c66f8d-397b-4c83-9f0d-324a20b27845
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.sojern.com/idsync/apn?id=2956187331911545191&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=5f3db46c-5a30-430c-8848-d9d44f1b1931&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa

42 B
287 B

30ms
28ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=5f3db46c-5a30-430c-8848-d9d44f1b1931&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.sojern.com/idsync/ttd?id=5f3db46c-5a30-430c-8848-d9d44f1b1931&sjrn_id=7Ca5SrSrscM1gII_qC1iEKdNKpA5xWbKW83JIWO_1w3UCE-eQDC3p7xPQ6-9isYa
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 327

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-115809663-1&cid=1235819468.1620667209&jid=1583843087&_u=aGDAgEALAAAAAG~&z=1569918558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-115809663-1&cid=1235819468.1620667209&jid=1583843087&_u=aGDAgEALAAAAAG~&z=1569918558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-115809663-1&cid=1235819468.1620667209&jid=737855617&gjid=2007299587&_gid=227890954.1620667209&_u=aGHACEALBAAAAG~&z=203166880

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 May 2021 17:20:09 GMT
content-type: text/plain
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-115809663-1&cid=1235819468.1620667209&jid=737855617&_u=aGHACEALBAAAAG~&z=2015948038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-115809663-1&cid=1235819468.1620667209&jid=737855617&_u=aGHACEALBAAAAG~&z=2015948038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~... Show response
adservice.google.com/ddm/fls/i/ Frame 52A4 725 B
753 B 44ms
42ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1

Requested by

Host: 8986102.fls.doubleclick.net
URL: https://8986102.fls.doubleclick.net/activityi;dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30ab49c56aecac7421bd1eb6cc21daf59a2fd4e55a3b55f9844f8e7bbc2067e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8986102.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8986102.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 10 May 2021 17:20:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 521
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 reports
be.synxis.com/ 1 KB
770 B 206ms
205ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D9MZY8W95M5SR8WJHQ5NHAD5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6b3ec9a4dae6b5ed0110cb37604356035b674e50a6d01f7b404974453d9488e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: no-cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
cookie: _fbp=fb.1.1620667207066.1757373277; incap_ses_282_1814716=RlctJv0R+FQ4q7YE4d3pA0ZrmWAAAAAA1Ki9xPEtBFOYPqOMR0livQ==; nlbi_1814716=nG+8RH0ekyME2qhjT2lvQgAAAACF7wjWesgJE5b51KXXaqVO; incap_ses_247_1814716=bhGxO0Csv2+I1IQrgIVtA0ZrmWAAAAAAtF/95vYApnAvPjxfXOi7VA==; visid_incap_1814716=oMDh2ZiZQaOsqrCtTGq3XEZrmWAAAAAAQUIPAAAAAACzv3cR7NRWIUyRm69fzqZR; visid_incap_1215874=CJuJB6ofQfCVeOGQMvQmp0ZrmWAAAAAAQUIPAAAAAAAq/5SpMl3Ptj0UiLlSIusC; nlbi_1215874=FGH/dRwkhXI9r1ZwnAADWwAAAADEv9CZcH12hJQz8F1aUa7n; incap_ses_260_1215874=cyqCfUIqFz8YYhI45bSbA0drmWAAAAAA6Bz30xRQN7JErEn3mJCBEg==; _ga=GA1.3.1235819468.1620667209; _gid=GA1.3.227890954.1620667209; _dc_gtm_UA-106819988-1=1; _gat_UA-106819988-1=1; _ga=GA1.2.1235819468.1620667209; _gid=GA1.2.227890954.1620667209; _dc_gtm_UA-115809663-1=1; _gat_UA-115809663-1=1
content-length: 1248
:path: /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
etag: W/"532-iIavisHvqCzmDpAbD59ei4TmvkE"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 9-54247891-54247499 PNYN RT(1620667209099 0) q(0 1 1 -1) r(2 2) U6
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 identity Show response
api.triptease.io/identity-service/ 138 B
774 B 211ms
111ms Fetch
application/json 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/identity-service/identity
Requested by: Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D9MZY8W95M5SR8WJHQ5NHAD5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.11.3 /
Resource Hash: 8c9b31ae1b3b5970d056c454618e310239e9a23bd187a8e8ffc4cfe8dfd5fdd5

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
via: 1.1 google
last-modified: Mon, 10 May 2021 17:20:09 GMT
server: nginx/1.11.3
etag: W/eyJ1c2VySWQiOiIwMUY1Qk1QNVRaMlJIS1g5QkM1QlM5N1JWWCIsInNlc3Npb25JZCI6IjAxRjVCTVA1VFpNTk5QQ1k3R0dNWDVSQlM1IiwidmFsaWRGcm9tIjoiMTYyMDY2NzIwOTU2OCJ9
p3p: policyref="/p3p/policy.xml", CP="NON DEV PSA IVA IVD HIS OTP OUR OTR IND UNI NAV INT STA PUR"
access-control-allow-origin: https://be.synxis.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
alt-svc: clear
content-length: 138
expires: -1

GET
H3-29 200 kernel-host.html Show response
onboard.triptease.io/kernel/v4179.39760/ Frame B801 52 KB
16 KB 58ms
58ms Document
text/html 2606:4700:10::ac43:2653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v4179.39760/kernel-host.html?originHost=be.synxis.com

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D9MZY8W95M5SR8WJHQ5NHAD5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12193b6d23a95d6b7828829f18829a4b3643f7ec29446031967b9e69a02b0332

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onboard.triptease.io
:scheme: https
:path: /kernel/v4179.39760/kernel-host.html?originHost=be.synxis.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://be.synxis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://be.synxis.com/

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
content-type: text/html; charset=utf-8
cf-ray: 64d4d62aea97bec4-FRA
access-control-allow-origin: *
age: 3744
cache-control: public, max-age=31536000
expires: Tue, 10 May 2022 16:17:41 GMT
last-modified: Mon, 10 May 2021 16:12:17 GMT
strict-transport-security: max-age=15552000
vary: Accept-Encoding
cf-cache-status: HIT
access-control-expose-headers: Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f8e42ee50000bec4d8302000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-generation: 1620663137765127
x-goog-hash: crc32c=n9jU8w== md5=Cln/bKDeGCzToVBe68VQ9w==
x-goog-meta-build-version: 4179.39760
x-goog-meta-git-hash: 8fa8a49e6898c52dd1598442a7dcdc83334bb808
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 52935
x-guploader-uploadid: ABg5-Uwp64O13Nq85HP7YYO7bj4rDIcgSnzx8WfNflhJ0SfM_P6j-5AKdBrD9q0Xf-8AiOk4S-vtsj3NTkx34VX4ibU52L5m7g
server: cloudflare
content-encoding: br

POST
H2 200 reports
be.synxis.com/ 1 KB
696 B 218ms
218ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

49fbccedd48fcd934d15855314cf85fcccbc7eb6c93c1e7b992c5a6de6aef530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: no-cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
cookie: _fbp=fb.1.1620667207066.1757373277; incap_ses_282_1814716=RlctJv0R+FQ4q7YE4d3pA0ZrmWAAAAAA1Ki9xPEtBFOYPqOMR0livQ==; nlbi_1814716=nG+8RH0ekyME2qhjT2lvQgAAAACF7wjWesgJE5b51KXXaqVO; incap_ses_247_1814716=bhGxO0Csv2+I1IQrgIVtA0ZrmWAAAAAAtF/95vYApnAvPjxfXOi7VA==; visid_incap_1814716=oMDh2ZiZQaOsqrCtTGq3XEZrmWAAAAAAQUIPAAAAAACzv3cR7NRWIUyRm69fzqZR; visid_incap_1215874=CJuJB6ofQfCVeOGQMvQmp0ZrmWAAAAAAQUIPAAAAAAAq/5SpMl3Ptj0UiLlSIusC; nlbi_1215874=FGH/dRwkhXI9r1ZwnAADWwAAAADEv9CZcH12hJQz8F1aUa7n; incap_ses_260_1215874=cyqCfUIqFz8YYhI45bSbA0drmWAAAAAA6Bz30xRQN7JErEn3mJCBEg==; _ga=GA1.3.1235819468.1620667209; _gid=GA1.3.227890954.1620667209; _dc_gtm_UA-106819988-1=1; _gat_UA-106819988-1=1; _ga=GA1.2.1235819468.1620667209; _gid=GA1.2.227890954.1620667209; _dc_gtm_UA-115809663-1=1; _gat_UA-115809663-1=1
content-length: 1126
:path: /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
etag: W/"4b8-GD8l2OkGn4L0rB6qxz4r2RRR6z0"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 9-54247892-54247893 NNYY CT(173 348 0) RT(1620667209113 0) q(0 0 0 -1) r(2 2) U6
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~... Show response
adservice.google.de/ddm/fls/i/ Frame DE35 194 B
391 B 43ms
43ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CKquu-rPv_ACFVCO3god31AMOw;src=8986102;type=choosroo;cat=choos0;ord=548146579715;gtm=2wg4s0;auiddc=1485726809.1620667205;u1=3;u4=7841;u6=3;u16=06%2F17%2F2021;u17=06%2F20%2F2021;u22=2;u23=0;~oref=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 10 May 2021 17:20:09 GMT
expires: Mon, 10 May 2021 17:20:09 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 kernel.js
onboard.triptease.io/kernel/v4179.39760/ Frame B801 51 KB
16 KB 22ms
22ms Other
application/javascript 2606:4700:10::ac43:2653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v4179.39760/kernel.js?

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/kernel/v4179.39760/kernel-host.html?originHost=be.synxis.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a53fadbdc7781ac6b9df702aea54803293a71e8c8791e8d544b0129dd27175b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onboard.triptease.io/kernel/v4179.39760/kernel-host.html?originHost=be.synxis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-goog-meta-git-hash: 8fa8a49e6898c52dd1598442a7dcdc83334bb808
age: 3744
x-guploader-uploadid: ABg5-UyeOc7-3CHUIwt3fZhYsGUrsgy_TSN_Sm61b2aTZPJL8FRbGmEkgg4tKDITV2WT9qH3EnsVvwUeCrO8VnawH7d_D7vyDA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 4179.39760
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f8e42f100000bec4a424c000000001
cf-ray: 64d4d62b4ac1bec4-FRA
last-modified: Mon, 10 May 2021 16:12:17 GMT
server: cloudflare
etag: W/"c656d30276a18d6ec6ed6f5c4d75f499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-goog-hash: crc32c=+PjG8w==, md5=xlbTAnahjW7G7W9cTXX0mQ==
x-goog-generation: 1620663137752523
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 52733
content-type: application/javascript; charset=utf-8
expires: Tue, 10 May 2022 16:17:24 GMT

GET
H2 200 ga.js Show response
google-analytics.com/ 45 KB
17 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/ga.js

Requested by

Host: gatag.it
URL: https://gatag.it/v2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4735
date: Mon, 10 May 2021 16:01:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 10 May 2021 18:01:14 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
400 B 33ms
12ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=13580682&utmhn=be.synxis.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=CIVANA%20Wellness%20Resort%20%26%20Spa%20-%20Reservations%20-%20Room%20Availability&utmhid=870825967&utmr=-&utmp=%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&utmht=1620667209693&utmac=UA-41848973-1&utmcc=__utma%3D77553030.1235819468.1620667209.1620667210.1620667210.1%3B%2B__utmz%3D77553030.1620667210.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=636312905&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAABAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.php Show response
www.gatag.it/ 146 B
763 B 353ms
115ms Script
application/javascript 34.237.9.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gatag.it/index.php?&skey=$48R3&device=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1&callback=callback
Requested by: Host: gatag.it
URL: https://gatag.it/v2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.9.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-9-237.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 50f10898342061c80fea923b4a5ec511ce9e9fe32457dc69ecb5524bd3a8b44e

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type: application/javascript
content-length: 146
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

smile.gif
capture.gatag.it/
Redirect Chain

https://capture.gatag.it/?act=0&cid=0&apikey=%3FYXZkew%253D%253D&type=look&name=CIVANA%20Wellness%20Resort%20%26%20Spa&promo=GETAWAY&iata=&group=&arrival=2021%2F06%2F17&depart=2021%2F06%2F20&templa...
https://capture.gatag.it/smile.gif

43 B
550 B

100ms
100ms

Image
image/gif

52.54.154.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.gatag.it/smile.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.154.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-154-195.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:10 GMT
last-modified: Fri, 12 Jun 2020 06:43:02 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "2b-5a7dd63786980"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:10 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type: text/html; charset=UTF-8
location: /smile.gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 synxis-v2.js Show response
onboard.triptease.io/integrations/v4179.39760/ 129 KB
36 KB 84ms
64ms Script
application/javascript 2606:4700:10::ac43:2653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/integrations/v4179.39760/synxis-v2.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D9MZY8W95M5SR8WJHQ5NHAD5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df85bb939ef28b13cb02a35c0a475969baac64efa5f5ad6e79e4ead2d1420e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Origin: https://be.synxis.com
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-goog-meta-git-hash: 8fa8a49e6898c52dd1598442a7dcdc83334bb808
age: 3745
x-guploader-uploadid: ABg5-UxmM5D0JoR_feRMVgtpTcv-Bp-qLzr8le_95fF8cCVj_kAsOby7ySV-59XtNA4IbjFNS8eM9xkrDEMDvwhYbw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 4179.39760
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f8e4339a00004eaf9d8b3000000001
cf-ray: 64d4d63289c04eaf-FRA
last-modified: Mon, 10 May 2021 16:15:06 GMT
server: cloudflare
etag: W/"766a4d527beb3e69666dfdeaef91d67c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-goog-hash: crc32c=edeW8g==, md5=dmpNUnvrPmlmbf3q75HWfA==
x-goog-generation: 1620663306424104
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 131904
content-type: application/javascript; charset=utf-8
expires: Tue, 10 May 2022 16:17:25 GMT

GET
H2 200 bootstrap-message-engine.js Show response
static.triptease.io/message-porter/dist/ 134 KB
42 KB 63ms
15ms Script
application/javascript 151.101.193.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D9MZY8W95M5SR8WJHQ5NHAD5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

35257f9bfd6d7dd2b30ce6f289b83d57a45aad69b7d61bcc1a1ee6aa536e118d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Origin: https://be.synxis.com
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
vary: Accept-Encoding
age: 202
x-guploader-uploadid: ABg5-Uy679ap9Z1H_cjbHXiOKp7QPsNlN4o8Cs_EcApwVRMJKt115EqE2KJ-F46w1vNrRP0vNCsEZk1pPFIXrf7epAhfcnSrow
x-goog-stored-content-encoding: identity
x-served-by: cache-ams21076-AMS
x-timer: S1620667211.034209,VS0,VE0
etag: "7d8792e809de851d6ef43f6c2008a913"
pseudo-session-id: 16242f0a3395bec74e477b327f47e4576a9dd070c8a71052b91283b693f8b8ec
x-goog-generation: 1620383795321940
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, Surrogate-Control=86400, max-age=600
x-cache-hits: 3
date: Mon, 10 May 2021 17:20:11 GMT
via: 1.1 varnish
x-goog-meta-goog-reserved-file-mtime: 1620383444
x-cache: HIT
x-goog-storage-class: STANDARD
backend-url: /message-porter/dist/bootstrap-message-engine.js
x-goog-metageneration: 2
content-length: 42241
last-modified: Fri, 07 May 2021 10:36:35 GMT
server: UploadServer
strict-transport-security: max-age=31557600
x-goog-hash: crc32c=m4DYPg==, md5=fYeS6AnehR1u9D9sIAipEw==
pseudo-device-id: a1dbf16633c15d1ade3e8ddc3819a0c22cee57113ec916401796db5a97523acc
expires: Fri, 07 May 2021 10:46:44 GMT
x-goog-stored-content-length: 137578
surrogate-key-debug: message-porter message-porter-bootstrap-message-engine message-porter-js
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 reports
be.synxis.com/ 1 KB
1 KB 239ms
238ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D9MZY8W95M5SR8WJHQ5NHAD5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d2c1f4f390169aed7baa34ee82e57b4eee54760f262a5833f3c44f5f98e0a1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: no-cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
cookie: __utma=77553030.1235819468.1620667209.1620667210.1620667210.1; __utmb=77553030.1.10.1620667210; __utmc=77553030; __utmz=77553030.1620667210.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=77553030.|4=device=pc=1
content-length: 1240
:path: /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 May 2021 17:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-frame-options: SAMEORIGIN
etag: W/"52a-/5nNIyx173nZ1OMWN5qUJDuaHGw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
x-iinfo: 9-54248045-54247487 PNYN RT(1620667211096 0) q(0 0 0 1) r(3 3) U6
set-cookie: visid_incap_1215874=x10u8XdbQq+EdYizVRWmD0trmWAAAAAAQUIPAAAAAADRQYFnhzJTXQlCa/LMRtaY; expires=Tue, 10 May 2022 10:50:42 GMT; HttpOnly; path=/; Domain=.synxis.com; Secure; SameSite=None nlbi_1215874=oJChNAK4Txh/K7VenAADWwAAAABNOSuM+DQx0fH8xE74P9a9; path=/; Domain=.synxis.com; Secure; SameSite=None incap_ses_260_1215874=yOWlb57uEWiuZBI45bSbA0trmWAAAAAAttnwpMI0lIspCxZ8qoeLAA==; path=/; Domain=.synxis.com; Secure; SameSite=None

POST
H3-29 204 batch
onboard.triptease.io/message/ 0
313 B 186ms
186ms Ping
text/plain 2606:4700:10::ac43:2653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/message/batch

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D9MZY8W95M5SR8WJHQ5NHAD5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 10 May 2021 17:20:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
x-cloud-trace-context: e1cadb5055869410fe579b42ca547b52
strict-transport-security: max-age=15552000
cf-ray: 64d4d6375ad7bec4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f8e436940000bec4d3bfe000000001

POST
H2 200 events Show response
be.synxis.com/gw/v1/log/ 61 B
781 B 272ms
271ms Fetch
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/gw/v1/log/events

Requested by

Host: be.synxis.com
URL: https://be.synxis.com/public/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

83590481b12c52878257e2e9774856b9a1216f781fc5bc55b3ab3964a1a290d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __utma=77553030.1235819468.1620667209.1620667210.1620667210.1; __utmb=77553030.1.10.1620667210; __utmc=77553030; __utmz=77553030.1620667210.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=77553030.|4=device=pc=1; visid_incap_1215874=x10u8XdbQq+EdYizVRWmD0trmWAAAAAAQUIPAAAAAADRQYFnhzJTXQlCa/LMRtaY; nlbi_1215874=oJChNAK4Txh/K7VenAADWwAAAABNOSuM+DQx0fH8xE74P9a9; incap_ses_260_1215874=yOWlb57uEWiuZBI45bSbA0trmWAAAAAAttnwpMI0lIspCxZ8qoeLAA==
content-length: 994
:path: /gw/v1/log/events
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

origin: https://be.synxis.com
content-encoding: gzip
vary: Origin
x-cdn: Imperva
accept-language: en-US
x-iinfo: 9-54248120-54247487 PNNN RT(1620667211655 0) q(0 0 0 -1) r(3 3) U6
sec-fetch-dest: empty
strict-transport-security: max-age=31536000
pragma: no-cache
x-forwarded-host: be.synxis.com
x-amzn-trace-id: Root=1-60996b4c-023bc54959682cfb19b6634f
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://be.synxis.com
cache-control: no-cache
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
incap-proxy-260: OK
sec-fetch-mode: cors
date: Mon, 10 May 2021 17:20:12 GMT
message-id: rw9zb1ssu
x-content-type-options: nosniff
x-forwarded-for: 185.212.171.67, 149.126.78.4, 10.123.76.176
x-forwarded-proto: https
content-length: 53
true-client-ip: 185.212.171.67
server: Apache-Coyote/1.1
access-control-max-age: 3600
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: 1livb569v
x-forwarded-port: 443

OPTIONS
H2 200 fusion-config
fusion-api.navisperformance.com/ Frame 0
0 183ms
183ms Preflight 54.149.237.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-api.navisperformance.com/fusion-config?account=15989&url=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
Protocol: H2
Server: 54.149.237.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-237-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: secret
Origin: https://be.synxis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 10 May 2021 17:20:12 GMT
content-length: 0
requestguid: 928da793-9f7b-419b-8e3e-29a8236cb030
access-control-allow-credentials: true
access-control-allow-origin: https://be.synxis.com
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: origin, content-type, accept, x-requested-with, secret
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

GET
H2 200 fusion-config Show response
fusion-api.navisperformance.com/ 33 B
330 B 209ms
208ms Fetch
application/json 54.149.237.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-api.navisperformance.com/fusion-config?account=15989&url=https%3A%2F%2Fbe.synxis.com%2F%3Fadult%3D2%26arrive%3D2021-06-17%26chain%3D25041%26child%3D0%26currency%3DUSD%26depart%3D2021-06-20%26hotel%3D7841%26level%3Dhotel%26locale%3Den-US%26promo%3DGETAWAY%26rooms%3D1
Requested by: Host: assets.navisperformance.com
URL: https://assets.navisperformance.com/abandoned-cart-client/abandoned-cart-config.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.237.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-237-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 09205cd7fbd7212073f63606f659e7d8a03ab0c3cdd5bd39f601f705228a1296

Request headers

secret: j1718lyvzwgdl0kycc6o
Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://be.synxis.com
date: Mon, 10 May 2021 17:20:12 GMT
access-control-allow-credentials: true
requestguid: b48bbeb1-d1d0-4d65-80ee-08addbdc852a
access-control-allow-headers: origin, content-type, accept, x-requested-with, secret
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json;charset=UTF-8

GET
H2 200 storageIframe.html Show response
static.triptease.io/message-porter/dist/ Frame E559 5 KB
3 KB 49ms
16ms Document
text/html 151.101.193.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.triptease.io/message-porter/dist/storageIframe.html

Requested by

Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c4b439fb3c2452849a29bde095f3c30ca564d5229bd88aaf733f6f19def1696b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

:method: GET
:authority: static.triptease.io
:scheme: https
:path: /message-porter/dist/storageIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://be.synxis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://be.synxis.com/

Response headers

x-guploader-uploadid: ABg5-UwKx-M15lL8lfWmYsEE-GO8c5JF0_0wfXUdR3qrz8UrO2HkvIrtgFyQK6XdxQ-Spz2qVoSvzkNEeCtYg1WoRcuX5VfmGQ
cache-control: public, Surrogate-Control=86400, max-age=600
expires: Fri, 07 May 2021 10:46:40 GMT
last-modified: Wed, 28 Apr 2021 09:03:00 GMT
etag: "96eaeddf930231fd4f274580bcd4745c"
x-goog-generation: 1619600580737462
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4976
x-goog-meta-goog-reserved-file-mtime: 1619600192
content-type: text/html
x-goog-hash: crc32c=OerM8A== md5=lurt35MCMf1PJ0WAvNR0XA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
content-encoding: gzip
accept-ranges: bytes
date: Mon, 10 May 2021 17:20:13 GMT
via: 1.1 varnish
age: 10
x-served-by: cache-ams21039-AMS
x-cache: HIT
x-cache-hits: 1
x-timer: S1620667213.132529,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
backend-url: /message-porter/dist/storageIframe.html
pseudo-device-id: 7a4a52b9c4250f3409e11bfdb9592038b55fabffbe25af29cba5d88e5156873d
pseudo-session-id: a946fcf3b08aa24d63e83a6b769a0ad63d0e257da33c2e1df017c81c51df6166
surrogate-key-debug: message-porter message-porter-storageIframe message-porter-html
timing-allow-origin: *
content-length: 1775

POST
H2 200 reports
be.synxis.com/ 1 KB
708 B 275ms
275ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cf3a00047597827caae4235069d4504482b9b62b93ab4d9da86f014d4e2b5960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: no-cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
cookie: __utma=77553030.1235819468.1620667209.1620667210.1620667210.1; __utmb=77553030.1.10.1620667210; __utmc=77553030; __utmz=77553030.1620667210.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=77553030.|4=device=pc=1; visid_incap_1215874=x10u8XdbQq+EdYizVRWmD0trmWAAAAAAQUIPAAAAAADRQYFnhzJTXQlCa/LMRtaY; nlbi_1215874=oJChNAK4Txh/K7VenAADWwAAAABNOSuM+DQx0fH8xE74P9a9; incap_ses_260_1215874=yOWlb57uEWiuZBI45bSbA0trmWAAAAAAttnwpMI0lIspCxZ8qoeLAA==
content-length: 1125
:path: /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 May 2021 17:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
etag: W/"4b7-oMPw8ji+kwqyNUlZs3OkjH0+FMk"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 9-54248229-54247487 PNYN RT(1620667212778 0) q(0 0 0 -1) r(3 3) U6
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 reports
be.synxis.com/ 1 KB
856 B 199ms
199ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF

Requested by

Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2ba4ee5f7e8ab6b12297d6dbeee004832e7293d355f68f8708b02cceb8a3e71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: no-cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
cookie: __utma=77553030.1235819468.1620667209.1620667210.1620667210.1; __utmb=77553030.1.10.1620667210; __utmc=77553030; __utmz=77553030.1620667210.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=77553030.|4=device=pc=1; visid_incap_1215874=x10u8XdbQq+EdYizVRWmD0trmWAAAAAAQUIPAAAAAADRQYFnhzJTXQlCa/LMRtaY; nlbi_1215874=oJChNAK4Txh/K7VenAADWwAAAABNOSuM+DQx0fH8xE74P9a9; incap_ses_260_1215874=yOWlb57uEWiuZBI45bSbA0trmWAAAAAAttnwpMI0lIspCxZ8qoeLAA==
content-length: 1343
:path: /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 May 2021 17:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
etag: W/"591-ld+YGvtAsbvgll6bI/G71QNOAco"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 9-54248238-54247566 PNYy RT(1620667212836 0) q(0 0 0 -1) r(2 2) U6
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 messages Show response
messages.guest-experience.triptease.io/c3a87fd50f93ba52555886306388c2cb16912ee8/ 253 B
688 B 218ms
161ms Fetch
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://messages.guest-experience.triptease.io/c3a87fd50f93ba52555886306388c2cb16912ee8/messages?language=en-US
Requested by: Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 81c991395dae7022d8bbb7342479618e6342711541c4964a444648d58371ba04

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:13 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-cache-hits: 0
x-city: anna paulowna
content-length: 253
x-served-by: cache-ams21036-AMS
access-control-allow-origin: https://be.synxis.com
server: Google Frontend
vary: Origin
tt_keys: campaigns-c3a87fd50f93ba52555886306388c2cb16912ee8
x-region-code: NH
x-cloud-trace-context: 8dc8a26418ca5e94a92f8a221bc52b0a
cache-control: max-age=600
access-control-allow-credentials: true
tt_host: messages.guest-experience.triptease.io
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-country-code: NL
access-control-expose-headers: X-Country-Code, X-Region-Code, X-City

POST
H2 200 reports
be.synxis.com/ 1 KB
836 B 204ms
203ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF

Requested by

Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d069ee447de6796652debaf82dacd3c3427a80037343e3da5653f39eea47e973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: no-cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
cookie: __utma=77553030.1235819468.1620667209.1620667210.1620667210.1; __utmb=77553030.1.10.1620667210; __utmc=77553030; __utmz=77553030.1620667210.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=77553030.|4=device=pc=1; visid_incap_1215874=x10u8XdbQq+EdYizVRWmD0trmWAAAAAAQUIPAAAAAADRQYFnhzJTXQlCa/LMRtaY; nlbi_1215874=oJChNAK4Txh/K7VenAADWwAAAABNOSuM+DQx0fH8xE74P9a9; incap_ses_260_1215874=yOWlb57uEWiuZBI45bSbA0trmWAAAAAAttnwpMI0lIspCxZ8qoeLAA==
content-length: 1325
:path: /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 May 2021 17:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
etag: W/"57f-kllDFrxr0Z4wPajw9QJZDvCNL2U"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 9-54248258-54247487 PNYN RT(1620667213060 0) q(0 0 0 -1) r(2 2) U6
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 event
api.triptease.io/zappy/ 0
124 B 111ms
111ms Ping
text/plain 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/zappy/event?eventName=propensityToConvert&eventAppName=messageEngine
Requested by: Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.11.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 10 May 2021 17:20:13 GMT
via: 1.1 google
server: nginx/1.11.3
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://be.synxis.com
alt-svc: clear
content-length: 0

GET
H2 200 notifications.html Show response
static.triptease.io/message-porter/dist/ Frame 0ECF 249 KB
94 KB 16ms
16ms Document
text/html 151.101.193.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.triptease.io/message-porter/dist/notifications.html

Requested by

Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f5516baeeb92f24961abe6d5f77b3314d8fd3b017783db2c804fced931b2cc64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

:method: GET
:authority: static.triptease.io
:scheme: https
:path: /message-porter/dist/notifications.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://be.synxis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://be.synxis.com/

Response headers

x-guploader-uploadid: ABg5-Uwm2XR0V2H6mQlfflgXE1ynLA4WqC6hdq8GwBlfCzk6CPWqQt3iaCDDN48iC2WpHNgmu99yYszTSuIDJ-ckDPb8DYmHCQ
cache-control: public, Surrogate-Control=86400, max-age=600
expires: Mon, 10 May 2021 15:23:04 GMT
last-modified: Wed, 28 Apr 2021 09:03:00 GMT
etag: "0a577233dd9d1cf8741f3716fd635e4b"
x-goog-generation: 1619600580578681
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 254993
x-goog-meta-goog-reserved-file-mtime: 1619600562
content-type: text/html
x-goog-hash: crc32c=wAtlnA== md5=CldyM92dHPh0HzcW/WNeSw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
content-encoding: gzip
accept-ranges: bytes
date: Mon, 10 May 2021 17:20:13 GMT
via: 1.1 varnish
age: 160
x-served-by: cache-ams21039-AMS
x-cache: HIT
x-cache-hits: 1
x-timer: S1620667213.384673,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
backend-url: /message-porter/dist/notifications.html
pseudo-device-id: 7a4a52b9c4250f3409e11bfdb9592038b55fabffbe25af29cba5d88e5156873d
pseudo-session-id: a946fcf3b08aa24d63e83a6b769a0ad63d0e257da33c2e1df017c81c51df6166
surrogate-key-debug: message-porter message-porter-notifications message-porter-html
timing-allow-origin: *
content-length: 95193

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 0ECF 131 KB
43 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCGaVK70WCbecHuBVPBUJPLs_a2andaIqo&v=3&libraries=places

Requested by

Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/notifications.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

3a0a71661771c52bd980bdec46e6117804769d3bd0b82390e95cdb4dbc1767cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static.triptease.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:20:13 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=13
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43699
x-xss-protection: 0
expires: Mon, 10 May 2021 17:50:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0ECF 1 KB
491 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/notifications.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c97df91d4e861efbed2d98832352fe363fbfa7eaff08f431c0983b08c477e06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static.triptease.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 May 2021 16:20:47 GMT
server: ESF
date: Mon, 10 May 2021 17:20:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 May 2021 17:20:13 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 0ECF 23 KB
23 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://static.triptease.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:44:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 351366
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 06 May 2022 15:44:07 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 0ECF 22 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://static.triptease.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:32:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 575290
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Wed, 04 May 2022 01:32:03 GMT

POST
H2 200 reports
be.synxis.com/ 1 KB
806 B 204ms
203ms Other
application/json 45.60.46.204
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://be.synxis.com/reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF

Requested by

Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.204 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f5e4ab0ed122ffc0420ea63ee36e26ce7eb88513833f5754ef3c877f2470d66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: no-cors
origin: https://be.synxis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
cookie: __utma=77553030.1235819468.1620667209.1620667210.1620667210.1; __utmb=77553030.1.10.1620667210; __utmc=77553030; __utmz=77553030.1620667210.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=77553030.|4=device=pc=1; visid_incap_1215874=x10u8XdbQq+EdYizVRWmD0trmWAAAAAAQUIPAAAAAADRQYFnhzJTXQlCa/LMRtaY; nlbi_1215874=oJChNAK4Txh/K7VenAADWwAAAABNOSuM+DQx0fH8xE74P9a9; incap_ses_260_1215874=yOWlb57uEWiuZBI45bSbA0trmWAAAAAAttnwpMI0lIspCxZ8qoeLAA==
content-length: 1310
:path: /reports?hid=7841&cid=25041&sid=NKRrznjDzSj304viky5jKqzF
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: be.synxis.com
referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 May 2021 17:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
etag: W/"570-W+nReySlS25JVzSiTHUzgVLP60U"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 9-54248720-54247487 PNYN RT(1620667216196 0) q(0 0 0 -1) r(2 2) U6
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 event
api.triptease.io/zappy/ 0
43 B 122ms
121ms Ping
text/plain 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/zappy/event?eventName=open&eventAppName=notifications
Requested by: Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.11.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://be.synxis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 10 May 2021 17:20:16 GMT
via: 1.1 google
server: nginx/1.11.3
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://be.synxis.com
alt-svc: clear
content-length: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/43/8b/ Frame 0ECF 75 KB
28 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/43/8b/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCGaVK70WCbecHuBVPBUJPLs_a2andaIqo&v=3&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2410c054eebf410d7a9b10f695ea6c1fbd25812ff7bbdc23cf47b25d4b74d2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.triptease.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 23:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 20:22:44 GMT
server: sffe
age: 582304
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28232
x-xss-protection: 0
expires: Tue, 03 May 2022 23:35:14 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/43/8b/ Frame 0ECF 145 KB
54 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/43/8b/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCGaVK70WCbecHuBVPBUJPLs_a2andaIqo&v=3&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

beb3001ee57a4f4729d1ec1925fe4db157c0a88e995f99c335a4709da04cd264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.triptease.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 22:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 20:22:44 GMT
server: sffe
age: 326366
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55019
x-xss-protection: 0
expires: Fri, 06 May 2022 22:40:52 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 0ECF 62 B
83 B 70ms
55ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fstatic.triptease.io%2Fmessage-porter%2Fdist%2Fnotifications.html&4sAIzaSyCGaVK70WCbecHuBVPBUJPLs_a2andaIqo&callback=_xdc_._8yr7gw&key=AIzaSyCGaVK70WCbecHuBVPBUJPLs_a2andaIqo&token=123729

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/43/8b/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7cb1333cc498562f7a51ff36fd4dd78fc74f466ed66839682640bbb164621ccc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static.triptease.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:20:18 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=42
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.synxis.com/	1969-12-31 23:59:59	Name: incap_ses_260_1215874 Value: cyqCfUIqFz8YYhI45bSbA0drmWAAAAAA6Bz30xRQN7JErEn3mJCBEg==
.synxis.com/	1969-12-31 23:59:59	Name: nlbi_1215874 Value: FGH/dRwkhXI9r1ZwnAADWwAAAADEv9CZcH12hJQz8F1aUa7n
.synxis.com/	1970-01-19 20:20:43	Name: _fbp Value: fb.1.1620667207066.1757373277
.synxis.com/	1970-01-20 02:56:10	Name: visid_incap_1814716 Value: oMDh2ZiZQaOsqrCtTGq3XEZrmWAAAAAAQUIPAAAAAACzv3cR7NRWIUyRm69fzqZR
.synxis.com/	1969-12-31 23:59:59	Name: incap_ses_247_1814716 Value: bhGxO0Csv2+I1IQrgIVtA0ZrmWAAAAAAtF/95vYApnAvPjxfXOi7VA==
.synxis.com/	1969-12-31 23:59:59	Name: nlbi_1814716 Value: nG+8RH0ekyME2qhjT2lvQgAAAACF7wjWesgJE5b51KXXaqVO
.synxis.com/	1970-01-20 02:56:19	Name: visid_incap_1215874 Value: CJuJB6ofQfCVeOGQMvQmp0ZrmWAAAAAAQUIPAAAAAAAq/5SpMl3Ptj0UiLlSIusC
.synxis.com/	1969-12-31 23:59:59	Name: incap_ses_282_1814716 Value: RlctJv0R+FQ4q7YE4d3pA0ZrmWAAAAAA1Ki9xPEtBFOYPqOMR0livQ==

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js(Line 1) Message: Fusion is loading for account: 15989 url: https://be.synxis.com/?adult=2&arrive=2021-06-17&chain=25041&child=0&currency=USD&depart=2021-06-20&hotel=7841&level=hotel&locale=en-US&promo=GETAWAY&rooms=1
console-api	log	URL: https://assets.navisperformance.com/NWRC/Fusion/navis-fusion-loader.js(Line 1) Message: Loading application: Abandoned Cart Client
console-api	log	URL: https://assets.navisperformance.com/abandoned-cart-client/abandoned-cart-config.bundle.js(Line 34) Message: no urlType set
console-api	log	URL: https://be.synxis.com/public/js/dataStream.js(Line 129) Message: Stream Event (app) [object Object]
console-api	log	URL: https://be.synxis.com/public/js/dataStream.js(Line 129) Message: Stream Event (rooms) [object Object]
console-api	log	URL: https://be.synxis.com/public/js/dxgtm.js(Line 80) Message: dxgtm: No dataLayer, loading GTM
console-api	log	URL: https://be.synxis.com/public/js/dxgtm.js(Line 80) Message: dxgtm: No dataLayer, loading GTM
console-api	log	URL: https://gatag.it/v2/(Line 1) Message: 2. gaid was not obtained
console-api	log	URL: https://gatag.it/v2/(Line 1) Message: 3. Device: _setCustomVar,4,device,pc,1
console-api	log	URL: https://gatag.it/v2/(Line 1) Message: 4. RI Sent: ri-pixel-0 [object Object]
console-api	log	URL: https://gatag.it/v2/(Line 1) Message: 5. 1==1 && function k(){n.shops[0]?w(n.shops[0]):n.onready()}
console-api	log	URL: https://assets.navisperformance.com/abandoned-cart-client/abandoned-cart-config.bundle.js(Line 34) Message: no urlType set

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8986102.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
api.triptease.io
assets.navisperformance.com
be-cms-api.synxis.com
be.synxis.com
beacon.sojern.com
capture.gatag.it
cm.g.doubleclick.net
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
dev.visualwebsiteoptimizer.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
fusion-api.navisperformance.com
gatag.it
gc.synxis.com
google-analytics.com
googleads.g.doubleclick.net
ib.adnxs.com
icm.aexp-static.com
linkcenterus.derbysoftca.com
maps.googleapis.com
match.adsrvr.org
messages.guest-experience.triptease.io
onboard.triptease.io
pixel.sojern.com
ssl.google-analytics.com
static.triptease.io
stats.g.doubleclick.net
use.fontawesome.com
www.facebook.com
www.gatag.it
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
107.154.192.208
107.178.244.119
13.224.89.66
13.248.242.197
142.250.185.162
142.250.186.130
151.101.193.182
151.101.194.133
172.217.16.134
184.30.235.132
185.33.221.52
23.111.9.35
2600:9000:214f:c800:16:3eaa:9140:93a1
2606:4700:10::ac43:2653
2a00:1450:4001:802::2004
2a00:1450:4001:803::200e
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2008
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.237.9.237
34.96.102.137
35.186.195.233
45.60.155.144
45.60.46.204
52.54.154.195
54.149.237.2
54.68.139.192
047fafd3b2178a65a2f5a0b202dcf9cd3e53195b22cb7d8bd853178a02ff061a
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09205cd7fbd7212073f63606f659e7d8a03ab0c3cdd5bd39f601f705228a1296
0a53fadbdc7781ac6b9df702aea54803293a71e8c8791e8d544b0129dd27175b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c464277028382dc98f12cd756ae82463f923f975fc1f7b68d84f562097ed814
0ecf8ae6fef9a09979c1d2d3480c6dbc9579ade16059ebcf020c2fa1d6c02153
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12193b6d23a95d6b7828829f18829a4b3643f7ec29446031967b9e69a02b0332
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12de0e51dcc9c2dcb92219c925cb462c23dc6babf482ea7f2bc77dd3078593ad
13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03
13f18aef32583a35f254e172c3091e6644610777b1e4718cadfed48d19582017
16b47d4a800018ed8ee5dd69231621116d9dc72d9b57d54959b0ce0e4255d0ee
1a25986f58f552d86885ccd3ee53d049abd487b96565918476c5e31f3db09f07
20bfa21014f452774eca1dffa8ec595bacb01bbc1a4ff613adacd6b5a0b423a3
2410c054eebf410d7a9b10f695ea6c1fbd25812ff7bbdc23cf47b25d4b74d2f6
2ba4ee5f7e8ab6b12297d6dbeee004832e7293d355f68f8708b02cceb8a3e71f
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d21409da1f0a40fd3d6f3348204f6b85f79879148521b9427cce802ea64907c
2e06eed86d2bb78f57ef80ee8e720e3e499929eceb6a58c08917bf960b5dbee0
2ed362bdcbf13f4904a84a3fd3281f5e5a11dcf0f31a57170b45d6acd6c6f2a3
30ab49c56aecac7421bd1eb6cc21daf59a2fd4e55a3b55f9844f8e7bbc2067e7
340e629c32e1e49f23b7fab70129273617b51ad31ec33e2a14fa8de7655847aa
35257f9bfd6d7dd2b30ce6f289b83d57a45aad69b7d61bcc1a1ee6aa536e118d
37a7918f1596d21356e4fba56ae52f2099325c3fc04d6b195358f9cc666f681e
3a0a71661771c52bd980bdec46e6117804769d3bd0b82390e95cdb4dbc1767cb
4001935996894a1faf8563ab6ce68297665b2dd6bbfae41140be1ec8eb41a137
40591be85e53aa287d7d721d6d75d12d3d8eebc56b5e9271388b564e7f21f1d0
49fbccedd48fcd934d15855314cf85fcccbc7eb6c93c1e7b992c5a6de6aef530
50f10898342061c80fea923b4a5ec511ce9e9fe32457dc69ecb5524bd3a8b44e
52a5c994c46b06c1a0f38d78bda93efc8fbdf79bdefc0f84b7ae064a691cbb3b
535f445ead838725a329d12ba4d04071c0cd6bfb3f98f97c9a7d9360a69242e5
541402f05aeb7c8cde883a037fb5ac809b3a6f57a687867fcbe9ae547f9096e7
5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e
610ab00f8de8912637a2f94ba8a2976e1eef3c240276657b55851f6f6d8163cb
625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1
659ad827b061b240084975aa3a18b4872bd40b714bad1bc71f144881f627811f
6b3ec9a4dae6b5ed0110cb37604356035b674e50a6d01f7b404974453d9488e9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f1982257aab2aca51870958d71715e3a5051c09e72d32ecea2d8308ee982235
7487882a39b5a43954c21c701fbde23054e280320f275a6da2c66c4ad636b8e7
7c03b5e88be65f5822781b3a8c1d061a52b0eea84cfc54defb146d92609e0f58
7cb1333cc498562f7a51ff36fd4dd78fc74f466ed66839682640bbb164621ccc
7d96e4be23aa330ce6525d315c0d8d9452814b017528e8119c1230fb1e701c13
81c991395dae7022d8bbb7342479618e6342711541c4964a444648d58371ba04
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83590481b12c52878257e2e9774856b9a1216f781fc5bc55b3ab3964a1a290d0
84a8b03a22184e7d5d88d70956bbc08b7ab195c613c2f5fef47054fb866a2f30
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c9b31ae1b3b5970d056c454618e310239e9a23bd187a8e8ffc4cfe8dfd5fdd5
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f05e6cd9abe24d15e3929bea86f560c67d66c8bfaae5c81ed209658f9c330e0
91e3d1195c0b803623c680edc0ac9108332300ee607c0ad98778bef6985edfd2
92767da0c932790435f815124bafab8e0a030d0a5b29cab22bc6653abdbfea7c
9702279d3a747c49a6be9863327de219eca065da20a2d35fb7ed9e7b1db99619
9adecad8ae89426a58abde57220ee66b83294c1f60543bb576420dc04b981652
9d2071d21c7728e75e882a3240e59f7e175809de3296ca06cdd14273e84d6684
a36b52d9785995f5f1ede91f448350248b4ac74e7d2f1fe75b8abccbdc3bd28c
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
abbcb43a4cf5b5c586d440527b87830cc4d6d069e2eabaeb7e0c433ca0edf8d5
ad23034ae52031da548a5d33ef865dde597449f0fa2204fd33b36f2635673af9
aeabb31a048925fbbbaca0302188fea71511e06cad7eb4582aeb4e945d029345
b0aa686dc09ecce69917f52d2e22f35224cdba18ec286e604d2cbfcfdcdc61e3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b770015d173544a024e63c3219a433ad8b9d70acbc1da238ce430018c006e699
b8113d4207bccaa0bf6bc54664b56a513427e696b17c3db6302c47212b3c296c
bc51f8dd0d7127599286da555403fe95d18c0ce434529112874ee588276c6f1f
beb3001ee57a4f4729d1ec1925fe4db157c0a88e995f99c335a4709da04cd264
c041a4620d6ee19ae87d3171afcef1dc2f5e9ffb02162353937f11ffbeaa19a8
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4b439fb3c2452849a29bde095f3c30ca564d5229bd88aaf733f6f19def1696b
c8bff04bdc1d36e4395163f5ac102d73d762f2f8317d3d471e23a7918e6fcbc5
c97df91d4e861efbed2d98832352fe363fbfa7eaff08f431c0983b08c477e06e
cf3a00047597827caae4235069d4504482b9b62b93ab4d9da86f014d4e2b5960
d069ee447de6796652debaf82dacd3c3427a80037343e3da5653f39eea47e973
d2c1f4f390169aed7baa34ee82e57b4eee54760f262a5833f3c44f5f98e0a1d6
d892a63f41cf7f1440457e514796b1a680f65500252d52cdc14718c9d808fbac
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df85bb939ef28b13cb02a35c0a475969baac64efa5f5ad6e79e4ead2d1420e0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f3669758048ed79ab6b00dae279c35c21752d0e2f822e9eaf7689dcbd73db7
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5516baeeb92f24961abe6d5f77b3314d8fd3b017783db2c804fced931b2cc64
f5e4ab0ed122ffc0420ea63ee36e26ce7eb88513833f5754ef3c877f2470d66a

be.synxis.com Open in urlscan Pro 45.60.46.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

115 Requests

100 %HTTPS

47 %IPv6

23 Domains

42 Subdomains

34 IPs

4 Countries

3124 kBTransfer

8837 kBSize

8 Cookies

13 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

be.synxis.com Open in urlscan Pro
45.60.46.204 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

100 %
HTTPS

47 %
IPv6

23
Domains

42
Subdomains

34
IPs

4
Countries

3124 kB
Transfer

8837 kB
Size

8
Cookies

115 HTTP transactions
0 data transactions