gkinns.dbm.guestline.net Open in urlscan Pro
168.63.5.231 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gkinns.dbm.guestline.net/confirmation?confirmationKey=JTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmV...
Submission: On November 03 via manual (November 3rd 2023, 10:29:51 am UTC) from GB — Scanned from NL

Summary HTTP 73 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 19 domains to perform 73 HTTP transactions. The main IP is 168.63.5.231, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is gkinns.dbm.guestline.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 13th 2023. Valid for: a year.

This is the only time gkinns.dbm.guestline.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	168.63.5.231 168.63.5.231	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
20	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
2	20.4.145.66 20.4.145.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	18.173.154.70 18.173.154.70	16509 (AMAZON-02) (AMAZON-02)
4	13.69.106.215 13.69.106.215	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	51.105.222.242 51.105.222.242	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.173.154.13 18.173.154.13	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:f70... 2a02:26f0:f700:9::58dd:5c0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:26d... 2600:9000:26db:d600:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.192.58 18.66.192.58	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	130.0.76.153 130.0.76.153	42442 (ADACOR-AS) (ADACOR-AS)
1	2a02:26f0:f70... 2a02:26f0:f700:3a4::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	46.167.166.60 46.167.166.60	42442 (ADACOR-AS) (ADACOR-AS)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
73	23

6 168.63.5.231 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

gkinns.dbm.guestline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

gxp-storage-prod-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gxp-configs-prod-cdn-ep.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
getschwifty.guestline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.4.145.66 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

gxp-editor.eu.guestline.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-70.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.69.106.215 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.105.222.242 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

uk3-roomlynx.eu.guestline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-13.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:9::58dd:5c0a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:d600:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-58.muc50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.0.76.153 (Germany)

ASN42442 (ADACOR-AS, DE)
PTR: 130-0-76-153.static.ip.adacor.net

api.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:3a4::f09 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.167.166.60 (Germany)

ASN42442 (ADACOR-AS, DE)
PTR: 46-167-166-60.static.ip.adacor.net

identification-api.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sovendus-connect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	azureedge.net gxp-storage-prod-cdn.azureedge.net — Cisco Umbrella Rank: 547140 gxp-configs-prod-cdn-ep.azureedge.net — Cisco Umbrella Rank: 297597	368 KB
10	guestline.net gkinns.dbm.guestline.net getschwifty.guestline.net — Cisco Umbrella Rank: 449638 uk3-roomlynx.eu.guestline.net	311 KB
8	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 ade.googlesyndication.com — Cisco Umbrella Rank: 301	2 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	485 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	278 B
4	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
4	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 793	445 B
3	zenaps.com www.zenaps.com — Cisco Umbrella Rank: 47378	800 B
3	sovendus.com api.sovendus.com — Cisco Umbrella Rank: 284670 identification-api.sovendus.com — Cisco Umbrella Rank: 277333	31 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	359 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4470 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5121	33 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	60 KB
2	guestline.app gxp-editor.eu.guestline.app — Cisco Umbrella Rank: 464265	113 B
1	sovendus-connect.com www.sovendus-connect.com — Cisco Umbrella Rank: 325110
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2687	259 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18131	456 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4480	11 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2638	7 KB
73	19

	Domain	Requested by
15	gxp-storage-prod-cdn.azureedge.net	gkinns.dbm.guestline.net gxp-storage-prod-cdn.azureedge.net
6	www.googletagmanager.com	gkinns.dbm.guestline.net www.googletagmanager.com
6	gkinns.dbm.guestline.net	gxp-storage-prod-cdn.azureedge.net
4	www.facebook.com
4	ade.googlesyndication.com	2 redirects
4	bat.bing.com	www.googletagmanager.com bat.bing.com
4	pagead2.googlesyndication.com	www.googletagmanager.com
4	dc.services.visualstudio.com	gxp-storage-prod-cdn.azureedge.net
3	www.zenaps.com	www.dwin1.com
3	region1.google-analytics.com	www.googletagmanager.com
3	getschwifty.guestline.net
2	api.sovendus.com	www.dwin1.com api.sovendus.com
2	connect.facebook.net	gkinns.dbm.guestline.net connect.facebook.net
2	gxp-editor.eu.guestline.app	gxp-storage-prod-cdn.azureedge.net
2	gxp-configs-prod-cdn-ep.azureedge.net	gxp-storage-prod-cdn.azureedge.net
1	www.sovendus-connect.com	api.sovendus.com
1	identification-api.sovendus.com	gxp-storage-prod-cdn.azureedge.net
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	vc.hotjar.io	gxp-storage-prod-cdn.azureedge.net
1	www.awin1.com
1	www.dwin1.com	www.googletagmanager.com
1	consent.cookiebot.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	uk3-roomlynx.eu.guestline.net
1	static.hotjar.com	gkinns.dbm.guestline.net
1	cdn.polyfill.io	gkinns.dbm.guestline.net
73	26

This site contains links to these domains. Also see Links.

Domain
www.greenekinginns.co.uk

Subject Issuer	Validity	Valid
*.dbm.guestline.net Go Daddy Secure Certificate Authority - G2	`2023-07-13` - `2024-08-13`	a year	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 03	`2023-10-08` - `2024-10-02`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2023-10-23` - `2023-11-22`	a month	crt.sh
prod2we.guestline.app R3	`2023-10-08` - `2024-01-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
getschwifty.guestline.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-27` - `2024-04-27`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2023-09-02` - `2024-08-27`	a year	crt.sh
uk3-roomlynx.eu.guestline.net R3	`2023-10-14` - `2024-01-12`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.sovendus.com R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-04-17`	a year	crt.sh
*.sovendus-connect.com R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://gkinns.dbm.guestline.net/confirmation?confirmationKey=JTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA==&enableCustomFrameAncestor=true
Frame ID: 30F17BED7DEB88F19FBD39E72A10582F
Requests: 68 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 2180BE0502342078D4B14E7702AC1B07
Requests: 1 HTTP requests in this frame

Frame: https://www.zenaps.com/alt.php?mid=6804&gv=2&l=https%3A//www.zenaps.com/sread.php%3Fa%3D6804%26b%3D92%26cr%3DGBP%26c%3DDBM21916848512891%26d%3DDEFAULT%3A92%26vc%3Dundefined%26t%3D0%26ch%3Daw%26l%3Dhttps%253A%252F%252Fgkinns.dbm.guestline.net%252Fconfirmation%253FconfirmationKey%253DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%253D%253D%2526enableCustomFrameAncestor%253Dtrue%26tv%3D2%26tt%3Det
Frame ID: 36B50CD1DF75DEB7CD0B1C6C652801FE
Requests: 1 HTTP requests in this frame

Frame: https://www.sovendus-connect.com/banner/api/banner?trafficMediumNumber=3&trafficSourceNumber=6368&sovToken=7CPPEVtqkWJsvGPuZWyhvz2N3Mb9NYbJEySHjlZvV1Hsyc8GNShC4Sytt_Xie0u3rEaX72CNUrieUCnMVr3BxO_iUqT4B5OYdy3aecQ&sessionUuid=5409a3e9-2018-4ef2-961e-4923e38edcf6&format=ssr&identifier=ident_7502444528984282&orderId=DBM21916848512891&orderValue=92&orderCurrency=GBP&processInstanceUuid=33006d77-7fad-5707-8fad-a24182e592ad
Frame ID: EB99943B4E15DE397EBF25A77E183A9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Greene King Inns

Detected technologies

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

73
Requests

97 %
HTTPS

50 %
IPv6

19
Domains

26
Subdomains

23
IPs

5
Countries

1416 kB
Transfer

4100 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.greenekinginns.co.uk/hotels/

Search URL Search Domain Scan URL

URL: https://www.greenekinginns.co.uk/contact-us/
Title: Contact us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://ade.googlesyndication.com/ddm/activity/src=1048307;type=conve0;cat=cb-bo0;qty=1;cost=92;ord=DBM21916848512891;auiddc=143946242.1699007386;gtm=45He3b11v897600354;gcs=G100;gcd=11p1p1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=1048307;dc_pre=CMjX1d3Pp4IDFbDJOwIdKosM0w;type=conve0;cat=cb-bo0;qty=1;cost=92;ord=DBM21916848512891;auiddc=143946242.1699007386;gtm=45He3b11v897600354;gcs=G100;gcd=11p1p1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue

Request Chain 46

https://ade.googlesyndication.com/ddm/activity/src=10483071;type=gener0;cat=gkinn00-;ord=6276634975263;auiddc=143946242.1699007386;u2=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue;u11=undefined;u12=GK6483;u17=undefined;u21=undefined;gtm=45He3b11v897600354;gcs=G100;gcd=11p1p1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10483071;dc_pre=CKTZ1d3Pp4IDFYKWmwodQokLkQ;type=gener0;cat=gkinn00-;ord=6276634975263;auiddc=143946242.1699007386;u2=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue;u11=undefined;u12=GK6483;u17=undefined;u21=undefined;gtm=45He3b11v897600354;gcs=G100;gcd=11p1p1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request confirmation Show response
gkinns.dbm.guestline.net/ 17 KB
8 KB 215ms
59ms Document
text/html 168.63.5.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gkinns.dbm.guestline.net/confirmation?confirmationKey=JTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA==&enableCustomFrameAncestor=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.63.5.231 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4618c33afc6af4cb2d0d809d5510bd47e83bb9fbaee81047656be713689b04e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' www.greenekinginns.co.uk greenekinginns.co.uk
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from www.greenekinginns.co.uk greenekinginns.co.uk

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE
Access-Control-Allow-Origin
Content-Encoding: gzip
Content-Length: 6664
Content-Security-Policy: frame-ancestors 'self' www.greenekinginns.co.uk greenekinginns.co.uk
Content-Type: text/html
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Fri, 03 Nov 2023 10:29:43 GMT
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Origin,Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: allow-from www.greenekinginns.co.uk greenekinginns.co.uk
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: ASP.NET
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a

GET
H2 200 index.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 1 MB
305 KB 155ms
33ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Requested by: Host: gkinns.dbm.guestline.net
URL: https://gkinns.dbm.guestline.net/confirmation?confirmationKey=JTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA==&enableCustomFrameAncestor=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 727411dba11e038cdaf444429a8af3bc81abe9a2924030740e0c477bfd1757df

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:43 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:15 GMT
x-azure-ref-originshield: 02LJEZQAAAADFn563fLA+RIcmXlFb9dAOQU1TMDRFREdFMTkwNwBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: CdwvdX3vC10ok92k5SSg5g==
etag: 0x8DBDBB4D71C8F85
x-azure-ref: 0mMtEZQAAAAACwOnaTJXuSL9gKKc3ht0oQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a821d61f-001e-002f-6431-0ee0ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 index-ef6c09e6.css
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 3 KB
2 KB 148ms
26ms Stylesheet
text/css 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index-ef6c09e6.css
Requested by: Host: gkinns.dbm.guestline.net
URL: https://gkinns.dbm.guestline.net/confirmation?confirmationKey=JTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA==&enableCustomFrameAncestor=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ef6c09e6857d3a026dcd0fe638f756e4e63a2be8235608bc9e47ea4c60aa8710

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:16 GMT
vary: Accept-Encoding
x-azure-ref: 20231103T102944Z-cysqd2s0bt70v93ymvq1cvhr7800000002m0000000007hpf
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 20e5bdd8-201e-0075-259f-0d860a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 19 KB
7 KB 498ms
154ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?flags=always,gated&features=IntersectionObserver,IntersectionObserverEntry

Requested by

Host: gkinns.dbm.guestline.net
URL: https://gkinns.dbm.guestline.net/confirmation?confirmationKey=JTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA==&enableCustomFrameAncestor=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

08cb314e7b75eacf2c2ce2758655afd92e6fb914b28b2765d9d51cc92b4f0457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 10:29:45 GMT
age: 157226
detected-user-agent: Chrome/119.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7028
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/119.0.0
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 countries-026f631e.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 8 KB
4 KB 32ms
31ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/countries-026f631e.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8a93bed27bc06405f010d736ab543d69cf4f4fb23a6aebd755b4925c5d047bcc

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:15 GMT
x-azure-ref-originshield: 0wqZEZQAAAAAdoM/VeggmQqBpualLyay9QU1TMDRFREdFMTgxNQBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: +WYHd4XmRlQ/PiiUOS341w==
etag: 0x8DBDBB4D7434E29
x-azure-ref: 0mctEZQAAAAACiTGy8w72TaAzq7v18frdQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e7f8baa1-001e-0010-7c17-0e284e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 main-c675f97c.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 35 KB
12 KB 31ms
31ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/main-c675f97c.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b5aba0c07eeab1327dc60fe7a065fe395086d3fe64d2d20839904dea9763f40f

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:15 GMT
x-azure-ref-originshield: 06sREZQAAAAC5Lb7bkMqDRae8jE4LyPrBQU1TMDRFREdFMTkwNgBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: ClAttmHFD2aiRqlgrAcaeQ==
etag: 0x8DBDBB4D70AB6AA
x-azure-ref: 0mctEZQAAAABfmMMQzSuhQopUE8HA26glQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b56f18de-201e-0028-5637-0e8c8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 states-27cab1b7.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 1 KB
1 KB 30ms
30ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/states-27cab1b7.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 85529b7e7a24baf55d32934b9cf28e69c54555235e6931b7e1ac8b52474ddd5b

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:15 GMT
x-azure-ref-originshield: 0MKJEZQAAAACpRc/M36XxTI2xwDyTobxtQU1TMDRFREdFMTkwOQBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: Z6JtXNEmE6ek+Fw3Xc5xOg==
etag: 0x8DBDBB4D73322DA
x-azure-ref: 0mctEZQAAAADLMkHFP2alTY7IZxZb5RrzQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a6b3d450-301e-0024-2119-0e1b86000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

OPTIONS
H2 200 configs
gxp-configs-prod-cdn-ep.azureedge.net/api/collections/GKINNS/ Frame 0
0 116ms
79ms Preflight
text/html 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-configs-prod-cdn-ep.azureedge.net/api/collections/GKINNS/configs?sections[]=analytics&sections[]=branding&sections[]=dbm&sections[]=collection&sections[]=integration
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-ai-data
Access-Control-Request-Method: GET
Origin: https://gkinns.dbm.guestline.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, client-ai-data
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: *
allow: GET,HEAD
content-length: 8
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 10:29:44 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
request-context: appId=cid-v1:
vary: Accept-Encoding
x-azure-ref: 0mctEZQAAAADZT0la+pS0T4i6Kh7vTlHZQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: CONFIG_NOCACHE
x-envoy-upstream-service-time: 1
x-powered-by: Express

GET
H2 200 configs Show response
gxp-configs-prod-cdn-ep.azureedge.net/api/collections/GKINNS/ 7 KB
2 KB 83ms
83ms Fetch
application/json 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-configs-prod-cdn-ep.azureedge.net/api/collections/GKINNS/configs?sections[]=analytics&sections[]=branding&sections[]=dbm&sections[]=collection&sections[]=integration
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 9957433f55b6c5d83e97ceb9f298519577559e38ee1916fc83888aa4df433adc

Request headers

Referer
Client-Ai-Data: {"userId":"C+D5Ize7CIcTlOVyDPFCVy","sessionId":"05kjzmzEp9/qHltf/yqt9f"}
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: gzip
x-azure-ref-originshield: 0mctEZQAAAADjOgI8+Ih1RKS5iZtt5YcSQU1TMDRFREdFMTkxMQBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-powered-by: Express
x-cache: TCP_MISS
x-envoy-upstream-service-time: 16
request-context: appId=cid-v1:
etag: W/"1b8d-cPhus3p66fttBcR0YWYkfhKbnEI"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-azure-ref: 0mctEZQAAAADI2X23PsVuSpRcIXWkGDscQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, client-ai-data

GET
H/1.1 200
OK hotels Show response
gkinns.dbm.guestline.net/api/ 133 KB
34 KB 128ms
128ms Fetch
application/json 168.63.5.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gkinns.dbm.guestline.net/api/hotels?collection-id=GKINNS&language=en

Requested by

Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.63.5.231 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ceb3823f4b6136e6afc81790981467bc1aca7dddf5ed56d6f129eadb1d5a804c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
client-ai-data: {"userId":"C+D5Ize7CIcTlOVyDPFCVy","sessionId":"05kjzmzEp9/qHltf/yqt9f"}
traceparent: 00-38bad0ea6f814eed92f33d56a8f97afd-bad21a3751c24a1c-01
request-id: |38bad0ea6f814eed92f33d56a8f97afd.bad21a3751c24a1c
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 10:29:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: ASP.NET
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Content-Length: 33619
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
Referrer-Policy: no-referrer
Server: Microsoft-IIS/10.0
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control

GET
H/1.1 200
OK GKINNS Show response
gkinns.dbm.guestline.net/api/session/ 107 B
1 KB 32ms
31ms Fetch
application/json 168.63.5.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gkinns.dbm.guestline.net/api/session/GKINNS

Requested by

Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.63.5.231 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4c1e5197651cad5ae8fdedbb54465e34d5888dde6531d3d4e1f6c18f71d3a78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
client-ai-data: {"userId":"C+D5Ize7CIcTlOVyDPFCVy","sessionId":"05kjzmzEp9/qHltf/yqt9f"}
traceparent: 00-38bad0ea6f814eed92f33d56a8f97afd-0f63747aa7d1402d-01
request-id: |38bad0ea6f814eed92f33d56a8f97afd.0f63747aa7d1402d
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 10:29:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: ASP.NET
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Content-Length: 218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
Referrer-Policy: no-referrer
Server: Microsoft-IIS/10.0
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=300
Access-Control-Allow-Credentials: true
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control

GET
H/1.1 200
OK GKINNS Show response
gkinns.dbm.guestline.net/api/features/ 393 B
1 KB 62ms
31ms Fetch
application/json 168.63.5.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gkinns.dbm.guestline.net/api/features/GKINNS?

Requested by

Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.63.5.231 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fec761250e54bd65555203e21256f974d20763292ca76c87abe3be8ed1d9d2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
client-ai-data: {"userId":"C+D5Ize7CIcTlOVyDPFCVy","sessionId":"05kjzmzEp9/qHltf/yqt9f"}
traceparent: 00-38bad0ea6f814eed92f33d56a8f97afd-685f60bbd29c418c-01
request-id: |38bad0ea6f814eed92f33d56a8f97afd.685f60bbd29c418c
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 10:29:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: ASP.NET
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Content-Length: 341
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
Referrer-Policy: no-referrer
Server: Microsoft-IIS/10.0
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin
Origin-Agent-Cluster: ?1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control

OPTIONS
H2 200 /
gxp-editor.eu.guestline.app/api/dbm/GKINNS/maintenance/ Frame 0
0 96ms
29ms Preflight
text/html 20.4.145.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-editor.eu.guestline.app/api/dbm/GKINNS/maintenance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.4.145.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-ai-data
Access-Control-Request-Method: GET
Origin: https://gkinns.dbm.guestline.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, client-ai-data
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: *
allow: GET,HEAD
content-length: 8
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 10:29:45 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
request-context: appId=cid-v1:
server: istio-envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 1
x-powered-by: Express

GET
H2 200 / Show response
gxp-editor.eu.guestline.app/api/dbm/GKINNS/maintenance/ 5 B
113 B 34ms
34ms Fetch
application/json 20.4.145.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-editor.eu.guestline.app/api/dbm/GKINNS/maintenance/
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.4.145.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Referer
Client-Ai-Data: {"userId":"C+D5Ize7CIcTlOVyDPFCVy","sessionId":"05kjzmzEp9/qHltf/yqt9f"}
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
server: istio-envoy
x-powered-by: Express
etag: W/"5-fLbvuYullyqbUJDcLlF/4U0SywQ"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, client-ai-data
content-length: 5
request-context: appId=cid-v1:

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 470 KB
125 KB 159ms
85ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PXJ887T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fed6e8d565ff84a6cf8d328fefdd764c9b35a5ca3469fb5eaafbfcc627f87d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128058
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Nov 2023 10:29:45 GMT

GET
H2 200 hotjar-1856906.js Show response
static.hotjar.com/c/ 9 KB
4 KB 135ms
40ms Script
application/javascript 18.173.154.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1856906.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-70.muc50.r.cloudfront.net

Software

Resource Hash

4636af4cd5ae31da0bfb25c17061b4e18d6600eef80d0cbe107735082999e5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 10:29:39 GMT
via: 1.1 08cfbbb6f1b1bf4bc1e8ab1a071b4154.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 56
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/6bda755bf94f6c3a74abac8bcf2d53ec
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: N-iRmWcDlxPyrfWRX9MWmDZtrbDZLAo_8bKg98LEyLuRtrAYc1Eykg==

GET
H2 200 index-a0ddd436.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 15 KB
5 KB 38ms
36ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index-a0ddd436.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1008f5c6917fd308b84d4b169547cc33de5b0fd427536d24842ee70de92e188e

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:16 GMT
x-azure-ref-originshield: 0AMlEZQAAAADIqLjmayNBS71Hmo238ORWQU1TMDRFREdFMTkyMQBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: BpKmM3ScFOdFM1JhZJMWzg==
etag: 0x8DBDBB4D797CFB8
x-azure-ref: 0mctEZQAAAAAAahdy4BlPRptetkB9qe/FQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3d10c992-b01e-0058-133a-0e3579000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 index-423c6054.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 2 KB
1 KB 32ms
30ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index-423c6054.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 321b56a5a2b07c76ed067236d78b3ec7abecaf8eef007dd3bea7777a382ce898

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:16 GMT
x-azure-ref-originshield: 0MaJEZQAAAACpvl1FuJWBQo0JVbz1iF/qQU1TMDRFREdFMTgwOABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: NPkTxJB+OpLwtszPClJ6QQ==
etag: 0x8DBDBB4D7CB5E8C
x-azure-ref: 0mctEZQAAAABHgb3DivlYQo/dCR4vL1crQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a7ae0d9b-401e-004c-7617-0e7d16000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 index-57268a27.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 207 B
509 B 34ms
32ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index-57268a27.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dcc8bc0d6810d9706969f21d52b406b57472aa2a826c0dd5d9ef1ada3a818e5a

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
last-modified: Thu, 02 Nov 2023 15:03:16 GMT
x-azure-ref-originshield: 0w6ZEZQAAAABWxQL69lomS4Rs7qyE6pA1QU1TMDRFREdFMTgxNwBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: +eear5RxDG6b1C/Wk9kX4g==
etag: 0x8DBDBB4D7CEE0D7
x-azure-ref: 0mctEZQAAAAD0iWF4TCsoQKDGlNmf15ChQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5702ae60-d01e-0013-1c17-0ec92a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
content-length: 207

GET
H2 200 index-6e316485.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 3 KB
1 KB 32ms
30ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index-6e316485.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2833bf79e29a2df8b99449297a7461f76dde0c28b9e7e587c04cf9d4b6836a2d

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:15 GMT
x-azure-ref-originshield: 0CbxEZQAAAAD/JQbiUVcpSa7U9uZZMFjHQU1TMDRFREdFMTkxMQBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: xP2z5iVVDJ4u8+en3/vmTg==
etag: 0x8DBDBB4D7231EA6
x-azure-ref: 0mctEZQAAAABPbjMfbZZUQYi6cIzJNdi6QlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8da583ba-201e-0017-1b1f-0e442d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 index-60533f9e.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 2 KB
1 KB 33ms
31ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index-60533f9e.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b494bb182f4df7173098f057eea0ffe23f446f9af272ff09e210558c005acd10

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:15 GMT
x-azure-ref-originshield: 0v6REZQAAAABBmhj8V0sFT4JIPA7x58mCQU1TMDRFREdFMTgxOQBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: pJYvujENimHwAvPG8Nz/LA==
etag: 0x8DBDBB4D772708D
x-azure-ref: 0mctEZQAAAAAnTtbW/yXWT6tePPUs9mCdQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: caeac39d-401e-0011-5229-0e7792000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 Skeleton-ac9a80a2.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 3 KB
2 KB 35ms
33ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/Skeleton-ac9a80a2.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ef860c8db741fafe38325e027ffa449a5ac1fe42ab5cfbe24e06fa79236fafb5

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:15 GMT
x-azure-ref-originshield: 0Y7BEZQAAAABxCLbPaaLqQbBvPdSsqCiiQU1TMDRFREdFMTgxMgBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: LPmphb1Yz7kynsjynC4M+Q==
etag: 0x8DBDBB4D7615AF6
x-azure-ref: 0mctEZQAAAABenFvyxgV1S6eq7IXROpv3QlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ccaf8512-001e-003f-4a30-0e2585000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 index-503e23e2.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 1 KB
988 B 34ms
33ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index-503e23e2.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8fd8787c3b19d7960b92248accb18f2a71a47934f3c465d7ea03d5a458132b6d

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:16 GMT
x-azure-ref-originshield: 0H8JEZQAAAADldjtNNTeaQKRPeHJbdeQOQU1TMDRFREdFMTgxNQBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: aAVlIO6uw5o7MuR657G0hQ==
etag: 0x8DBDBB4D7BBCF73
x-azure-ref: 0mctEZQAAAAC5d9lD4cjwT59q3lc/vojzQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cb0c2b0d-401e-0011-1334-0e7792000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 Gallery-0fdd6ede.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 85 KB
25 KB 35ms
34ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/Gallery-0fdd6ede.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3da9ef33f9995ace76d2b431d2ba78aec782fa9fe1bba6e2322b793aa23019aa

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:16 GMT
x-azure-ref-originshield: 0ZLBEZQAAAABh75mB9Qt6R7uafYmDVRoiQU1TMDRFREdFMTkwOQBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: QdKvxj2kv1W8psEjzk+ESg==
etag: 0x8DBDBB4D7C5448A
x-azure-ref: 0mctEZQAAAAB/j8hG5SY9Rbn9+wcvTy/SQlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: aabf3bd8-901e-005f-1630-0e591a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 Gallery-64606263.css
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 13 KB
5 KB 28ms
27ms Stylesheet
text/css 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/Gallery-64606263.css
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6460626388dff798d280790b4ca9dc337169bb047f3f823c4f678c40913b4cb0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:45 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2023 15:03:15 GMT
vary: Accept-Encoding
x-azure-ref: 20231103T102945Z-cysqd2s0bt70v93ymvq1cvhr7800000002m0000000007hqf
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b1b6112b-001e-0000-669f-0ded26000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2 200 index-05514b82.js Show response
gxp-storage-prod-cdn.azureedge.net/statics/468034/static/ 1009 B
2 KB 36ms
35ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index-05514b82.js
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da83ac2ab79c28f54dcfc0a47b84f95412254f4b4b5692d1f49b9e36d1a96c05

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 03 Nov 2023 10:29:44 GMT
last-modified: Thu, 02 Nov 2023 15:03:15 GMT
x-azure-ref-originshield: 0G6JEZQAAAACS2SfjO6tETJDltqhw75TjQU1TMDRFREdFMTgxMwBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
content-md5: pbf1WJ/qvJ7JMXDubPpuwA==
etag: 0x8DBDBB4D72652B1
x-azure-ref: 0mctEZQAAAAA8nVAAlrGuTplBn1Gehiw1QlJVMzBFREdFMTExMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d7f23a98-401e-0087-5f24-0e7e43000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
content-length: 1009

GET
H2 200 GK-1689240943345.png
getschwifty.guestline.net/media/GK/images/ 7 KB
7 KB 140ms
30ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net/media/GK/images/GK-1689240943345.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f451127527ea71736955eb5cee22894d3904d1dd4e81b3869b71fc2d41624592

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
x-azure-ref: 0mctEZQAAAABRg7jlOcjuRa0VIwph2QqxQU1TMDRFREdFMTkyMgBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_HIT
content-type: image/png
access-control-allow-origin: *
x-envoy-upstream-service-time: 7
content-length: 6704
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 208ms
29ms Preflight 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://gkinns.dbm.guestline.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Fri, 03 Nov 2023 10:29:45 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
282 B 54ms
53ms XHR
application/json 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

433c329cde7ce6c434be24567683fad7fbbd333812460e55ad99a124334397db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 73FAF4FE-BD6F-48F9-A7B4-EB439872D893
strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 10:29:45 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
H2 200 GK-1689241355870.otf
getschwifty.guestline.net/media/GK/fonts/ 146 KB
147 KB 144ms
74ms Font
font/otf 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://getschwifty.guestline.net/media/GK/fonts/GK-1689241355870.otf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 170339f47a12a2513f911a974da18522eab38e0c469bd96163b0fd7d0d54204e

Request headers

Referer: https://gkinns.dbm.guestline.net/
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
x-azure-ref-originshield: 0mctEZQAAAAA5Nsaf3hiKRL0Ns4y4IFshQU1TMDRFREdFMTkxMABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-azure-ref: 0mctEZQAAAAAkOdHIG+d3RJR4ehLz/5adQlJVMzBFREdFMDQxNwBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_REMOTE_HIT
content-type: font/otf
access-control-allow-origin: *
x-envoy-upstream-service-time: 9
content-length: 149908
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 GK-1689241216684.ttf
getschwifty.guestline.net/media/GK/fonts/ 8 KB
9 KB 134ms
64ms Font
application/font-sfnt 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://getschwifty.guestline.net/media/GK/fonts/GK-1689241216684.ttf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f3dd539e07c6100c030b157643025baa2808ad9a6b14f2cc50c9639ea8befbe5

Request headers

Referer: https://gkinns.dbm.guestline.net/
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
x-azure-ref-originshield: 0mctEZQAAAACPrEyzc3C4RJzzgBBMDPwJQU1TMDRFREdFMTgxNABjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-azure-ref: 0mctEZQAAAACfHz0FOVY1Q4QdnTEG3i7aQlJVMzBFREdFMDQxNwBjNzA1YTA5ZC00MDljLTRlOTMtOTkyNC04NzU2N2JjNmM5NGE=
x-cache: TCP_REMOTE_HIT
content-type: application/font-sfnt
access-control-allow-origin: *
x-envoy-upstream-service-time: 9
content-length: 8416
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://gkinns.dbm.guestline.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK DBM21916848512891 Show response
gkinns.dbm.guestline.net/api/reservations/GKINNS/GK6483/ 1 KB
2 KB 76ms
76ms Fetch
application/json 168.63.5.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gkinns.dbm.guestline.net/api/reservations/GKINNS/GK6483/DBM21916848512891?lastName=Haywood&language=en

Requested by

Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.63.5.231 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7edba1e1d89bd3c2421af3a3dcdaaf681cda2001e3552292c33db37719ed8cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
client-ai-data: {"userId":"C+D5Ize7CIcTlOVyDPFCVy","sessionId":"05kjzmzEp9/qHltf/yqt9f"}
traceparent: 00-38bad0ea6f814eed92f33d56a8f97afd-1758a70c1588492d-01
request-id: |38bad0ea6f814eed92f33d56a8f97afd.1758a70c1588492d
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 10:29:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: ASP.NET
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Content-Length: 840
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
Referrer-Policy: no-referrer
Server: Microsoft-IIS/10.0
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin
Origin-Agent-Cluster: ?1
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control

GET
H2 200 exterior.jpg
uk3-roomlynx.eu.guestline.net/picturemanager/images/GK6483/ 102 KB
103 KB 125ms
57ms Image
image/jpeg 51.105.222.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uk3-roomlynx.eu.guestline.net/picturemanager/images/GK6483/exterior.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.105.222.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9877f727004663e9b085e276d2cded17719ed4499e46ad69403bc0871792294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
cache-control: max-age=259200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 104932
content-type: image/jpeg

GET
H2 200 modules.78edf75612024184a26e.js Show response
script.hotjar.com/ 225 KB
56 KB 130ms
43ms Script
application/javascript 18.173.154.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.78edf75612024184a26e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1856906.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-13.muc50.r.cloudfront.net

Software

Resource Hash

3786dcaf52db37bec2c4ec5f3f993d70157f6b13aeaab7806da84fae95676f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fe6d656eba9969a63bb94889f81e9bf8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 339
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57015
last-modified: Fri, 03 Nov 2023 10:23:46 GMT
etag: "93ce79142c5ccf0bbe7a6d141749bccc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: qMrBBq9XWR6BpLYEa6QZfjp9OkbJ8FDVykz8jwvzbRtcmuMIESDKrg==

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 106ms
28ms Preflight 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://gkinns.dbm.guestline.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Fri, 03 Nov 2023 10:29:45 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
163 B 71ms
70ms XHR
application/json 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

051115569edf4f4978511afe5913963612e18d19bf97d6b8441d452c6471b1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 4C0A767B-CEF2-4F49-BC64-8969926CC0FE
strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 10:29:45 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 107 KB
33 KB 169ms
50ms Script
application/javascript 2a02:26f0:f700:9::58dd:5c0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=undefined&consentmode-dataredaction=dynamic
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJ887T&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:9::58dd:5c0a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Fri, 03 Nov 2023 10:29:45 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2023 07:15:18 GMT
etag: "4a4b65e12f1d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=150
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33511
expires: Fri, 03 Nov 2023 10:32:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 103ms
38ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Nov 2023 10:29:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: lyNF0rpEFzrH5osz/NO9H2ftMbj+Nys9rSw+iUO7zytDkk/TZ53xSxWfPt1hLABLNAczLxwhf/sEbxQhKckQfw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
pagead2.googlesyndication.com/pagead/conversion/711591002/ 0
0 121ms
46ms Script
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/conversion/711591002/?random=1699007385775&cv=11&fst=1699007385775&bg=ffffff&guid=ON&async=1&gtm=45He3b11v897600354&gcs=G100&gcd=11p1p1l1l5&u_w=1600&u_h=1200&url=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&label=cVPjCKywxKwBENqIqNMC&hn=www.googleadservices.com&frm=0&tiba=Greene%20King%20Inns&oid=DBM21916848512891&value=92&currency_code=GBP&did=dMWZhNz&edid=dMWZhNz&bttype=purchase&uamb=0&uaw=0&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJ887T&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 134ms
56ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJ887T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 03 Nov 2023 10:29:45 GMT
last-modified: Fri, 20 Oct 2023 01:13:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 42C346F423384965AFC6E5E1A673545E Ref B: BRU30EDGE0922 Ref C: 2023-11-03T10:29:45Z
etag: "0125f9ff22da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13079

GET
H2 200 6804.js Show response
www.dwin1.com/ 40 KB
11 KB 159ms
53ms Script
application/javascript 2600:9000:26db:d600:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/6804.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJ887T&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:d600:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f100db8db2834b0edc58f643b3306253d3610e6830e68c70cd37f3b8801fa82

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: m9Nu5RDle90VpPwQ2wy3XdOYI5SiETqE
content-encoding: gzip
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
date: Fri, 03 Nov 2023 10:29:45 GMT
x-amz-cf-pop: MUC50-P3
age: 494
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 27 Oct 2023 06:27:21 GMT
server: AmazonS3
etag: W/"dfbddce4f5da6e9a1e9c7f1cebb8248a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: MVO7IDe5PKoCO1ts7P7EwdJ_Mudz0y1tmnihavt_F0myi9sp5qEziQ==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 238 KB
81 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-XEXDDDVE85&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJ887T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32a9f22ade2fe331fd4d8d09bcd954fc176001a79fc6365003cadb92657055bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82959
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Nov 2023 10:29:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-711591002&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJ887T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d92082a00d204f9a3274eb6c867fb5af6738126791eaa6b83b8951ac4e039423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72184
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Nov 2023 10:29:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10842120773&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJ887T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

811846ad6f4f5d6fb39e734ded949d33fa3d6affde25ec86717b941cb8f2e445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72259
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Nov 2023 10:29:45 GMT

GET
H2

200

src=1048307;dc_pre=CMjX1d3Pp4IDFbDJOwIdKosM0w;type=conve0;cat=cb-bo0;qty=1;cost=92;ord=DBM21916848512891;auiddc=143946242.1699007386;gtm=45He3b11v897600354;gcs=G100;gcd=11p1p1l1l5;uaa=;uab=;uafvl=;...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=1048307;type=conve0;cat=cb-bo0;qty=1;cost=92;ord=DBM21916848512891;auiddc=143946242.1699007386;gtm=45He3b11v897600354;gcs=G100;gcd=11p1p1l1l5;uaa=...
https://ade.googlesyndication.com/ddm/activity/src=1048307;dc_pre=CMjX1d3Pp4IDFbDJOwIdKosM0w;type=conve0;cat=cb-bo0;qty=1;cost=92;ord=DBM21916848512891;auiddc=143946242.1699007386;gtm=45He3b11v8976...

42 B
118 B

71ms
70ms

Image
image/gif

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=1048307;dc_pre=CMjX1d3Pp4IDFbDJOwIdKosM0w;type=conve0;cat=cb-bo0;qty=1;cost=92;ord=DBM21916848512891;auiddc=143946242.1699007386;gtm=45He3b11v897600354;gcs=G100;gcd=11p1p1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue?

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 10:29:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 10:29:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=1048307;dc_pre=CMjX1d3Pp4IDFbDJOwIdKosM0w;type=conve0;cat=cb-bo0;qty=1;cost=92;ord=DBM21916848512891;auiddc=143946242.1699007386;gtm=45He3b11v897600354;gcs=G100;gcd=11p1p1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found affiliate
gkinns.dbm.guestline.net/api/v1/awin/ 2 B
884 B 32ms
31ms Image
application/json 168.63.5.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gkinns.dbm.guestline.net/api/v1/awin/affiliate?merchantId=6804&roomPrice=92&reference=DBM21916848512891&voucherCode=undefined&gtmcb=396970973

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.63.5.231 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 10:29:44 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: ASP.NET
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Content-Length: 2
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
Referrer-Policy: no-referrer
Server: Microsoft-IIS/10.0
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Vary: Origin
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin
Origin-Agent-Cluster: ?1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control

GET
H2

200

src=10483071;dc_pre=CKTZ1d3Pp4IDFYKWmwodQokLkQ;type=gener0;cat=gkinn00-;ord=6276634975263;auiddc=143946242.1699007386;u2=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJT...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10483071;type=gener0;cat=gkinn00-;ord=6276634975263;auiddc=143946242.1699007386;u2=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3Fconfirm...
https://ade.googlesyndication.com/ddm/activity/src=10483071;dc_pre=CKTZ1d3Pp4IDFYKWmwodQokLkQ;type=gener0;cat=gkinn00-;ord=6276634975263;auiddc=143946242.1699007386;u2=https%3A%2F%2Fgkinns.dbm.gues...

42 B
107 B

74ms
73ms

Image
image/gif

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10483071;dc_pre=CKTZ1d3Pp4IDFYKWmwodQokLkQ;type=gener0;cat=gkinn00-;ord=6276634975263;auiddc=143946242.1699007386;u2=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue;u11=undefined;u12=GK6483;u17=undefined;u21=undefined;gtm=45He3b11v897600354;gcs=G100;gcd=11p1p1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue?

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 10:29:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 10:29:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10483071;dc_pre=CKTZ1d3Pp4IDFYKWmwodQokLkQ;type=gener0;cat=gkinn00-;ord=6276634975263;auiddc=143946242.1699007386;u2=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue;u11=undefined;u12=GK6483;u17=undefined;u21=undefined;gtm=45He3b11v897600354;gcs=G100;gcd=11p1p1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sread.img
www.awin1.com/ 43 B
456 B 260ms
128ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/sread.img?tt=ns&tv=2&merchant=6804&amount=92&ch=aw&parts=DEFAULT:92&ref=DBM21916848512891&vc=undefined&cr=GBP&testmode=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 10:29:46 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
81 KB 89ms
89ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XEXDDDVE85&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJ887T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d07d47202438ae2e01ce2c556e1ac9e738cd8e6327b62297aefac0201a16a1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Nov 2023 10:29:45 GMT

GET
H2 204 1856906 Show response
vc.hotjar.io/sessions/ 0
259 B 177ms
74ms XHR
text/plain 18.66.192.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1856906?s=0.25&r=0.07490809089670458
Requested by: Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-58.muc50.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:46 GMT
via: 1.1 dcfe318aa268be733627ea7884246be4.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 54EUxhSbkINGrNGs23MplzvU_ZFTMYA32u18nqivdbckxNONKNHUgQ==

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
191 B 76ms
75ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=11p1p1l1l5&rnd=806363566.1699007386&url=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation&gtm=45be3b11&did=dMWZhNz&gdid=dMWZhNz

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10842120773&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 10:29:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
pagead2.googlesyndication.com/pagead/conversion/10842120773/ 0
0 49ms
49ms Script
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/conversion/10842120773/?random=1699007385911&cv=11&fst=1699007385911&bg=ffffff&guid=ON&async=1&gtm=45be3b11&gcs=G100&gcd=11p1p1l1l5&u_w=1600&u_h=1200&url=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&label=81yvCImPgaYDEMXE9rEo&hn=www.googleadservices.com&frm=0&tiba=Greene%20King%20Inns&oid=DBM21916848512891&value=92&currency_code=GBP&did=dMWZhNz&gdid=dMWZhNz&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10842120773&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 148 KB
56 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10986616386&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-XEXDDDVE85&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5216893d90a532dd4f971901a20341706a76744241dd6dab7fd3d0d9f3095638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57592
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Nov 2023 10:29:45 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 94ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XEXDDDVE85&gtm=45je3b11v869363081z8897600354&_p=1699007385485&gcs=G100&gcd=11p1p1l1l5&gdid=dMWZhNz&cid=1878958066.1699007386&ul=en-us&_eu=IA&_geo=1&_rdi=1&_s=1&cu=GBP&sid=1699007385&sct=1&seg=0&dl=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&dt=Greene%20King%20Inns&en=purchase&_fv=1&_nsi=1&_ss=1&_c=1&pr1=lp0~nmDouble%20Room~idDBL~vaFlex%20Rate%20Bed%20%26%20Breakfast~afGK6483~pr92~qt1~caRoom~k0checkInDate~v02023-11-08~k1checkOutDate~v12023-11-09~k2noOfNights~v21&ep.transaction_id=DBM21916848512891&epn.value=92&tfd=1619
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-XEXDDDVE85&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 10:29:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gkinns.dbm.guestline.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 93ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XEXDDDVE85&gtm=45je3b11v869363081z8897600354&_p=1699007385485&gcs=G100&gcd=11p1p1l1l5&gdid=dMWZhNz&cid=1878958066.1699007386&ul=en-us&_eu=IA&_geo=1&_rdi=1&_s=2&cu=GBP&sid=1699007385&sct=1&seg=0&dl=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&dt=Greene%20King%20Inns&en=purchase&_c=1&pr1=lp0~nmDouble%20Room~idDBL~vaFlex%20Rate%20Bed%20%26%20Breakfast~afGK6483~pr92~qt1~caRoom~k0checkInDate~v02023-11-08~k1checkOutDate~v12023-11-09~k2noOfNights~v21&ep.transaction_id=DBM21916848512891&epn.value=92&ep.item_name=Double%20Room&ep.item_id=DBL&ep.affiliation=GK6483&epn.number_of_nights=1&ep.check_in_date=2023-11-08&ep.check_out_date=2023-11-09&ep.booking_type=hotel&ep.intent=purchase&ep.item_variant=Flex%20Rate%20Bed%20%26%20Breakfast&ep.House_name=Millers%20Hotel&ep.House_ID=6483&ep.brand=GreeneKingInns&_et=2&tfd=1622
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-XEXDDDVE85&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 10:29:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gkinns.dbm.guestline.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 202011217548605 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 203ms
202ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/202011217548605?v=2.9.138&r=stable&domain=gkinns.dbm.guestline.net

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9067f94e98f758f415fba95bb528f8f24858997e79fafab764ee8073a53fcc6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Nov 2023 10:29:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: sSy3y+3M9hdPwNjOQColkwl1AXa6PnhGGpIqumlVRUqPIOYr+V020eqBR9KoWU50cXrdN0OWlYaMUa60vc98SQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 flexibleIframe.js Show response
api.sovendus.com/sovabo/common/js/ 3 KB
2 KB 122ms
36ms Script
application/javascript 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sovendus.com/sovabo/common/js/flexibleIframe.js

Requested by

Host: www.dwin1.com
URL: https://www.dwin1.com/6804.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

3fc09ced4b9b429514689d854becfa00a56a71db25a74a867e1cddc40ca5bc9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 30 Oct 2023 12:54:28 GMT
server: nginx
etag: W/"653fa784-b31"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 204 26089070.js Show response
bat.bing.com/p/action/ 0
118 B 51ms
51ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26089070.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 03 Nov 2023 10:29:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8FE7A9AAC19F4CB99D1E4CFF37F97B3B Ref B: BRU30EDGE0922 Ref C: 2023-11-03T10:29:46Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 77ms
76ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26089070&tm=gtm002&Ver=2&mid=6280163d-78ac-4ce2-a26f-2d3169b619c5&sid=e8a4eeb07a3311ee98c2612fe7c87f5b&vid=e8a4fb107a3311ee8e8aad62d6ee47e9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Greene%20King%20Inns&p=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&r=&lt=839&evt=pageLoad&sv=1&rn=256805

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Nov 2023 10:29:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 13A2FE69DA6A4C67899228CEFED43238 Ref B: BRU30EDGE0922 Ref C: 2023-11-03T10:29:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 2180 0
0 157ms
48ms Document
text/html 2a02:26f0:f700:3a4::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=undefined&consentmode-dataredaction=dynamic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:3a4::f09 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=30938014
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 10:29:46 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sat, 26 Oct 2024 12:23:20 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1699007386114_34744744_108583619_22_905_42_46_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 204 0
bat.bing.com/action/ 0
231 B 60ms
59ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26089070&tm=gtm002&Ver=2&mid=6280163d-78ac-4ce2-a26f-2d3169b619c5&sid=e8a4eeb07a3311ee98c2612fe7c87f5b&vid=e8a4fb107a3311ee8e8aad62d6ee47e9&vids=0&msclkid=N&ec=bing&el=amount&gc=GBP&tpp=1&en=Y&p=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation&sw=1600&sh=1200&sc=24&evt=custom&rn=855039

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Nov 2023 10:29:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D267E39B13A54D1F8049DBBED1DC5593 Ref B: BRU30EDGE0922 Ref C: 2023-11-03T10:29:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
pagead2.googlesyndication.com/pagead/conversion/10986616386/ 0
0 45ms
45ms Script
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/conversion/10986616386/?random=1699007386042&cv=11&fst=1699007386042&bg=ffffff&guid=ON&async=1&gtm=45be3b11v893585000&gcs=G100&gcd=11p1p1l1l5&u_w=1600&u_h=1200&url=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&label=yRz6CNCE8eADEMLs6fYo&hn=www.googleadservices.com&frm=0&tiba=Greene%20King%20Inns&oid=DBM21916848512891&value=92&currency_code=GBP&did=dMWZhNz&gdid=dMWZhNz&gtm_ee=1&us_privacy=1YNY&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10986616386&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H/1.1 200
OK sread.js Show response
www.zenaps.com/ 0
344 B 219ms
96ms Script
application/javascript 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zenaps.com/sread.js?a=6804&b=92&cr=GBP&c=DBM21916848512891&d=DEFAULT:92&vc=undefined&t=0&ch=aw&cks=&l=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&tv=2&tt=js

Requested by

Host: www.dwin1.com
URL: https://www.dwin1.com/6804.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 10:29:46 GMT
Strict-Transport-Security: max-age=86400
Allow: GET
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Type: application/javascript
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK alt.php
www.zenaps.com/ Frame 36B5 0
0 220ms
99ms Document
text/html 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zenaps.com/alt.php?mid=6804&gv=2&l=https%3A//www.zenaps.com/sread.php%3Fa%3D6804%26b%3D92%26cr%3DGBP%26c%3DDBM21916848512891%26d%3DDEFAULT%3A92%26vc%3Dundefined%26t%3D0%26ch%3Daw%26l%3Dhttps%253A%252F%252Fgkinns.dbm.guestline.net%252Fconfirmation%253FconfirmationKey%253DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%253D%253D%2526enableCustomFrameAncestor%253Dtrue%26tv%3D2%26tt%3Det

Requested by

Host: www.dwin1.com
URL: https://www.dwin1.com/6804.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 139
Content-Type: text/html
Date: Fri, 03 Nov 2023 10:29:46 GMT
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400
Vary: Accept-Encoding

GET
H/1.1 200
OK sread.php
www.zenaps.com/ 43 B
456 B 226ms
105ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zenaps.com/sread.php?a=6804&b=92&cr=GBP&c=DBM21916848512891&d=DEFAULT:92&vc=undefined&t=0&ch=aw&cks=&l=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&tv=2&tt=ia

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 10:29:46 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 sovendus.js Show response
api.sovendus.com/js/ 90 KB
29 KB 72ms
72ms Script
application/javascript 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sovendus.com/js/sovendus.js?v=56296aec-e932-43f4-81d8-75ea43fde099

Requested by

Host: api.sovendus.com
URL: https://api.sovendus.com/sovabo/common/js/flexibleIframe.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

c4e76bcc273dbd3110a58adccdb208f75e601dc3f2db64b9917d0e2d50d2a7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 30 Oct 2023 12:54:18 GMT
server: nginx
etag: W/"653fa77a-16636"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 token Show response
identification-api.sovendus.com/ 1 KB
1 KB 463ms
99ms XHR
application/json 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://identification-api.sovendus.com/token

Requested by

Host: gxp-storage-prod-cdn.azureedge.net
URL: https://gxp-storage-prod-cdn.azureedge.net/statics/468034/static/index.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

2ccbf4d6a7ca5c2ffae80916f5a890f0376c8cba579a58a7c6ad60bd06d3da17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 03 Nov 2023 10:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://gkinns.dbm.guestline.net
cache-control: no-cache, private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 370ms
33ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202011217548605&ev=PageView&dl=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&rl=&if=false&ts=1699007386234&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699007386230.1695339805&ler=empty&it=1699007385999&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Nov 2023 10:29:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 368ms
32ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202011217548605&ev=SubmitApplication&dl=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&rl=&if=false&ts=1699007386238&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1699007386230.1695339805&ler=empty&it=1699007385999&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Nov 2023 10:29:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 369ms
33ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202011217548605&ev=Purchase&dl=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&rl=&if=false&ts=1699007386238&cd[currency]=GBP&cd[value]=92&cd[content_name]=Double%20Room&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1699007386230.1695339805&ler=empty&it=1699007385999&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Nov 2023 10:29:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 369ms
33ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202011217548605&ev=SubmitApplication&dl=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&rl=&if=false&ts=1699007386239&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1699007386230.1695339805&ler=empty&it=1699007385999&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Nov 2023 10:29:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 banner
www.sovendus-connect.com/banner/api/ Frame EB99 0
0 164ms
69ms Document
text/html 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sovendus-connect.com/banner/api/banner?trafficMediumNumber=3&trafficSourceNumber=6368&sovToken=7CPPEVtqkWJsvGPuZWyhvz2N3Mb9NYbJEySHjlZvV1Hsyc8GNShC4Sytt_Xie0u3rEaX72CNUrieUCnMVr3BxO_iUqT4B5OYdy3aecQ&sessionUuid=5409a3e9-2018-4ef2-961e-4923e38edcf6&format=ssr&identifier=ident_7502444528984282&orderId=DBM21916848512891&orderValue=92&orderCurrency=GBP&processInstanceUuid=33006d77-7fad-5707-8fad-a24182e592ad

Requested by

Host: api.sovendus.com
URL: https://api.sovendus.com/js/sovendus.js?v=56296aec-e932-43f4-81d8-75ea43fde099

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' https://.sovendus.com; base-uri 'self'; form-action 'none'; font-src 'self' https://.sovendus.com; img-src 'self' data: https://.sovendus.com; object-src 'none'; script-src 'self' 'unsafe-inline' https://.sovendus.com; style-src 'self' 'unsafe-inline' https://*.sovendus.com; report-uri https://csp.sovendus.com/report
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src https: 'self' https://*.sovendus.com; base-uri 'self'; form-action 'none'; font-src 'self' https://*.sovendus.com; img-src 'self' data: https://*.sovendus.com; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.sovendus.com; style-src 'self' 'unsafe-inline' https://*.sovendus.com; report-uri https://csp.sovendus.com/report
content-type: text/html
date: Fri, 03 Nov 2023 10:29:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 539 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef06f2b4aa8b026283efcf404dc376a8ddfd4e9c7822297669648b9d5daa3e5b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 32ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XEXDDDVE85&gtm=45je3b11v869363081z8897600354&_p=1699007385485&gcs=G100&gcd=11p1p1l1l5&gdid=dMWZhNz&cid=1878958066.1699007386&ul=en-us&_geo=1&_rdi=1&sid=1699007385&sct=1&seg=0&dl=https%3A%2F%2Fgkinns.dbm.guestline.net%2Fconfirmation%3FconfirmationKey%3DJTdCJTIyaG90ZWxJZCUyMiUzQSUyMkdLNjQ4MyUyMiUyQyUyMmJvb2tpbmdSZWZlcmVuY2UlMjIlM0ElMjJEQk0yMTkxNjg0ODUxMjg5MSUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIySGF5d29vZCUyMiU3RA%3D%3D%26enableCustomFrameAncestor%3Dtrue&dt=Greene%20King%20Inns&_s=3&tfd=6625
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-XEXDDDVE85&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 10:29:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gkinns.dbm.guestline.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gkinns.dbm.guestline.net/	1970-01-20 15:56:49	Name: gl_dbm_frameAncestors Value: www.greenekinginns.co.uk%20greenekinginns.co.uk.uZvb94lWKVspFsRxduUk3hrZbpnlECk4i4jGesh6gis
gkinns.dbm.guestline.net/	1970-01-21 00:42:23	Name: ai_user Value: C+D5Ize7CIcTlOVyDPFCVy\|2023-11-03T10:29:45.165Z
gkinns.dbm.guestline.net/	1970-01-20 15:56:49	Name: ai_session Value: 05kjzmzEp9/qHltf/yqt9f\|1699007385167\|1699007385167
gkinns.dbm.guestline.net/	1969-12-31 23:59:59	Name: i18next Value: en-GB
gkinns.dbm.guestline.net/	1970-01-20 15:56:50	Name: gl_dbm_session Value: {%22sessionId%22:%22e84fd1d0-7a33-11ee-b328-1dbaa3892edc%22%2C%22country%22:%22NL%22%2C%22expiryDate%22:%222023-11-03T11:29:45.485Z%22}
.guestline.net/	1970-01-20 18:06:23	Name: _gcl_au Value: 1.1.143946242.1699007386
.guestline.net/	1970-01-21 00:42:23	Name: _hjSessionUser_1856906 Value: eyJpZCI6ImE3YTc0ZDEzLTkwMTQtNTIxZC04ZmZmLWU3ZDZkZDM1YjYxNCIsImNyZWF0ZWQiOjE2OTkwMDczODU4NTIsImV4aXN0aW5nIjpmYWxzZX0=
.guestline.net/	1970-01-20 15:56:49	Name: _hjFirstSeen Value: 1
.guestline.net/	1970-01-20 15:56:49	Name: _hjIncludedInSessionSample_1856906 Value: 0
.guestline.net/	1970-01-20 15:56:49	Name: _hjSession_1856906 Value: eyJpZCI6Ijg2ODZmMjFhLTA0NzUtNDExOS04NzJlLTA4NTFhNjVkZDFkMyIsImNyZWF0ZWQiOjE2OTkwMDczODU4NTMsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.guestline.net/	1970-01-20 15:56:49	Name: _hjAbsoluteSessionInProgress Value: 1
.guestline.net/	1970-01-20 15:58:13	Name: _uetsid Value: e8a4eeb07a3311ee98c2612fe7c87f5b
.guestline.net/	1970-01-21 01:18:23	Name: _uetvid Value: e8a4fb107a3311ee8e8aad62d6ee47e9
.bing.com/	1970-01-21 01:18:23	Name: MUID Value: 2BCD29586E3C669428DD3AE66F7467DF
.guestline.net/	1970-01-20 18:06:23	Name: _fbp Value: fb.1.1699007386230.1695339805

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gkinns.dbm.guestline.net/api/v1/awin/affiliate?merchantId=6804&roomPrice=92&reference=DBM21916848512891&voucherCode=undefined&gtmcb=396970973 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' www.greenekinginns.co.uk greenekinginns.co.uk
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from www.greenekinginns.co.uk greenekinginns.co.uk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
api.sovendus.com
bat.bing.com
cdn.polyfill.io
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
dc.services.visualstudio.com
getschwifty.guestline.net
gkinns.dbm.guestline.net
gxp-configs-prod-cdn-ep.azureedge.net
gxp-editor.eu.guestline.app
gxp-storage-prod-cdn.azureedge.net
identification-api.sovendus.com
pagead2.googlesyndication.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
uk3-roomlynx.eu.guestline.net
vc.hotjar.io
www.awin1.com
www.dwin1.com
www.facebook.com
www.googletagmanager.com
www.sovendus-connect.com
www.zenaps.com
104.64.118.247
13.69.106.215
130.0.76.153
142.250.186.162
168.63.5.231
18.173.154.13
18.173.154.70
18.66.192.58
20.4.145.66
2001:4860:4802:32::36
2600:9000:26db:d600:f:8ce2:fb80:93a1
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2002
2a02:26f0:f700:3a4::f09
2a02:26f0:f700:9::58dd:5c0a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::282
46.167.166.60
51.105.222.242
02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67
051115569edf4f4978511afe5913963612e18d19bf97d6b8441d452c6471b1c4
08cb314e7b75eacf2c2ce2758655afd92e6fb914b28b2765d9d51cc92b4f0457
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
1008f5c6917fd308b84d4b169547cc33de5b0fd427536d24842ee70de92e188e
170339f47a12a2513f911a974da18522eab38e0c469bd96163b0fd7d0d54204e
2833bf79e29a2df8b99449297a7461f76dde0c28b9e7e587c04cf9d4b6836a2d
2ccbf4d6a7ca5c2ffae80916f5a890f0376c8cba579a58a7c6ad60bd06d3da17
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f100db8db2834b0edc58f643b3306253d3610e6830e68c70cd37f3b8801fa82
321b56a5a2b07c76ed067236d78b3ec7abecaf8eef007dd3bea7777a382ce898
32a9f22ade2fe331fd4d8d09bcd954fc176001a79fc6365003cadb92657055bd
3786dcaf52db37bec2c4ec5f3f993d70157f6b13aeaab7806da84fae95676f39
3da9ef33f9995ace76d2b431d2ba78aec782fa9fe1bba6e2322b793aa23019aa
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fc09ced4b9b429514689d854becfa00a56a71db25a74a867e1cddc40ca5bc9d
433c329cde7ce6c434be24567683fad7fbbd333812460e55ad99a124334397db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4618c33afc6af4cb2d0d809d5510bd47e83bb9fbaee81047656be713689b04e6
4636af4cd5ae31da0bfb25c17061b4e18d6600eef80d0cbe107735082999e5ac
4c1e5197651cad5ae8fdedbb54465e34d5888dde6531d3d4e1f6c18f71d3a78a
5216893d90a532dd4f971901a20341706a76744241dd6dab7fd3d0d9f3095638
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
6460626388dff798d280790b4ca9dc337169bb047f3f823c4f678c40913b4cb0
727411dba11e038cdaf444429a8af3bc81abe9a2924030740e0c477bfd1757df
7edba1e1d89bd3c2421af3a3dcdaaf681cda2001e3552292c33db37719ed8cee
811846ad6f4f5d6fb39e734ded949d33fa3d6affde25ec86717b941cb8f2e445
85529b7e7a24baf55d32934b9cf28e69c54555235e6931b7e1ac8b52474ddd5b
8a93bed27bc06405f010d736ab543d69cf4f4fb23a6aebd755b4925c5d047bcc
8fd8787c3b19d7960b92248accb18f2a71a47934f3c465d7ea03d5a458132b6d
9877f727004663e9b085e276d2cded17719ed4499e46ad69403bc0871792294b
9957433f55b6c5d83e97ceb9f298519577559e38ee1916fc83888aa4df433adc
b494bb182f4df7173098f057eea0ffe23f446f9af272ff09e210558c005acd10
b5aba0c07eeab1327dc60fe7a065fe395086d3fe64d2d20839904dea9763f40f
c4e76bcc273dbd3110a58adccdb208f75e601dc3f2db64b9917d0e2d50d2a7ac
c9067f94e98f758f415fba95bb528f8f24858997e79fafab764ee8073a53fcc6
ceb3823f4b6136e6afc81790981467bc1aca7dddf5ed56d6f129eadb1d5a804c
d07d47202438ae2e01ce2c556e1ac9e738cd8e6327b62297aefac0201a16a1a7
d92082a00d204f9a3274eb6c867fb5af6738126791eaa6b83b8951ac4e039423
da83ac2ab79c28f54dcfc0a47b84f95412254f4b4b5692d1f49b9e36d1a96c05
dcc8bc0d6810d9706969f21d52b406b57472aa2a826c0dd5d9ef1ada3a818e5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef06f2b4aa8b026283efcf404dc376a8ddfd4e9c7822297669648b9d5daa3e5b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6c09e6857d3a026dcd0fe638f756e4e63a2be8235608bc9e47ea4c60aa8710
ef860c8db741fafe38325e027ffa449a5ac1fe42ab5cfbe24e06fa79236fafb5
f3dd539e07c6100c030b157643025baa2808ad9a6b14f2cc50c9639ea8befbe5
f451127527ea71736955eb5cee22894d3904d1dd4e81b3869b71fc2d41624592
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fec761250e54bd65555203e21256f974d20763292ca76c87abe3be8ed1d9d2e5
fed6e8d565ff84a6cf8d328fefdd764c9b35a5ca3469fb5eaafbfcc627f87d22

gkinns.dbm.guestline.net Open in urlscan Pro 168.63.5.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

97 %HTTPS

50 %IPv6

19 Domains

26 Subdomains

23 IPs

5 Countries

1416 kBTransfer

4100 kBSize

15 Cookies

2 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gkinns.dbm.guestline.net Open in urlscan Pro
168.63.5.231 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

97 %
HTTPS

50 %
IPv6

19
Domains

26
Subdomains

23
IPs

5
Countries

1416 kB
Transfer

4100 kB
Size

15
Cookies

73 HTTP transactions
2 data transactions