reservations.nobuhotels.com Open in urlscan Pro
45.223.18.235 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gtly.to/um34oCJ1K
Effective URL:
https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hote...
Submission: On December 20 via manual (December 20th 2022, 4:01:28 pm UTC) from CA — Scanned from CA

Summary HTTP 145 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 38 IPs in 1 countries across 34 domains to perform 145 HTTP transactions. The main IP is 45.223.18.235, located in United States and belongs to INCAPSULA, US. The main domain is reservations.nobuhotels.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q4 on November 21st 2022. Valid for: 6 months.

This is the only time reservations.nobuhotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:1901:0:5... 2600:1901:0:56f6::	15169 (GOOGLE) (GOOGLE)
26	45.223.18.235 45.223.18.235	19551 (INCAPSULA) (INCAPSULA)
3	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	50.63.7.201 50.63.7.201	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
4	2606:4700:20:... 2606:4700:20::681a:1e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.60.151.144 45.60.151.144	19551 (INCAPSULA) (INCAPSULA)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	13.249.190.110 13.249.190.110	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3033::6815:5303	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:20e... 2600:9000:20ee:1800:1:279d:1d40:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4004:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
3	44.195.110.233 44.195.110.233	14618 (AMAZON-AES) (AMAZON-AES)
12	45.60.241.22 45.60.241.22	19551 (INCAPSULA) (INCAPSULA)
1	64.185.227.156 64.185.227.156	18450 (WEBNX) (WEBNX)
1	3.224.104.191 3.224.104.191	14618 (AMAZON-AES) (AMAZON-AES)
2	52.43.15.42 52.43.15.42	16509 (AMAZON-02) (AMAZON-02)
4	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1 4	52.72.241.80 52.72.241.80	14618 (AMAZON-AES) (AMAZON-AES)
4 4	142.251.41.6 142.251.41.6	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
4 5	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
2 2	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
11	45.60.196.96 45.60.196.96	19551 (INCAPSULA) (INCAPSULA)
1 5	35.190.52.204 35.190.52.204	15169 (GOOGLE) (GOOGLE)
8	23.34.59.62 23.34.59.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.34.59.24 23.34.59.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	35.190.67.248 35.190.67.248	15169 (GOOGLE) (GOOGLE)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
1 2	3.227.104.119 3.227.104.119	14618 (AMAZON-AES) (AMAZON-AES)
1	54.85.136.197 54.85.136.197	14618 (AMAZON-AES) (AMAZON-AES)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
145	38

1 2600:1901:0:56f6:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

gtly.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 45.223.18.235 (United States)

ASN19551 (INCAPSULA, US)

reservations.nobuhotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.63.7.201 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 201.7.63.50.host.secureserver.net

www.allinclusivecollection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:1e2 (United States)

ASN13335 (CLOUDFLARENET, US)

loscabos.nobuhotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.151.144 (United States)

ASN19551 (INCAPSULA, US)

be-cms-api.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.190.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-190-110.bos50.r.cloudfront.net

cdn.trackhs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5303 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

widgets.gtsgig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:20ee:1800:1:279d:1d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

forge.gtsgapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.195.110.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-110-233.compute-1.amazonaws.com

cr4dl.gtsgapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 45.60.241.22 (United States)

ASN19551 (INCAPSULA, US)

services-p1.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.156 (United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.104.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-104-191.compute-1.amazonaws.com

mes4.gtsgapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.43.15.42 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-15-42.us-west-2.compute.amazonaws.com

capture.duettoresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.72.241.80 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-241-80.compute-1.amazonaws.com

gatag.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gatag.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capture.gatag.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.41.6 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.72.98 (Glen Cove, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200e (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.155 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 45.60.196.96 (United States)

ASN19551 (INCAPSULA, US)

www.thehotelsnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.52.204 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.34.59.62 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-62.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.34.59.24 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-24.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.67.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.67.190.35.bc.googleusercontent.com

tag.adaraanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.227.104.119 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-104-119.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.136.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-136-197.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.87.114 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	nobuhotels.com reservations.nobuhotels.com loscabos.nobuhotels.com	2 MB
14	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 google-analytics.com — Cisco Umbrella Rank: 17 ssl.google-analytics.com — Cisco Umbrella Rank: 289	59 KB
13	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5618 api.livechatinc.com — Cisco Umbrella Rank: 5068 secure.livechatinc.com — Cisco Umbrella Rank: 6383 accounts.livechatinc.com — Cisco Umbrella Rank: 7490	369 KB
13	synxis.com be-cms-api.synxis.com — Cisco Umbrella Rank: 127695 services-p1.synxis.com — Cisco Umbrella Rank: 100727	25 KB
12	doubleclick.net 8 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 ad.doubleclick.net — Cisco Umbrella Rank: 161 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	3 KB
11	thehotelsnetwork.com www.thehotelsnetwork.com — Cisco Umbrella Rank: 37866	212 KB
9	gtsgapps.com forge.gtsgapps.com — Cisco Umbrella Rank: 135403 cr4dl.gtsgapps.com — Cisco Umbrella Rank: 137482 mes4.gtsgapps.com — Cisco Umbrella Rank: 186035	286 KB
5	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4308	2 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72 fcmatch.google.com — Cisco Umbrella Rank: 2468	2 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	248 B
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	3 KB
4	gatag.it 1 redirects gatag.it — Cisco Umbrella Rank: 64713 www.gatag.it — Cisco Umbrella Rank: 100635 capture.gatag.it — Cisco Umbrella Rank: 75584	17 KB
4	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 5003 pixel.sojern.com — Cisco Umbrella Rank: 8175	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 315	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	195 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 371	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	256 KB
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 833 ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 204	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
2	duettoresearch.com capture.duettoresearch.com — Cisco Umbrella Rank: 100957	5 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 9048	564 B
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 5587	1 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 559	338 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1130	415 B
1	adaraanalytics.com tag.adaraanalytics.com — Cisco Umbrella Rank: 20779	413 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 331	449 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 2480	244 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2895	114 B
1	gtsgig.com 1 redirects widgets.gtsgig.com — Cisco Umbrella Rank: 154030	499 B
1	trackhs.com cdn.trackhs.com — Cisco Umbrella Rank: 281530	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 923	45 KB
1	allinclusivecollection.com www.allinclusivecollection.com — Cisco Umbrella Rank: 726445	1 KB
1	gtly.to 1 redirects gtly.to — Cisco Umbrella Rank: 366149	356 B
145	34

	Domain	Requested by
26	reservations.nobuhotels.com	reservations.nobuhotels.com capture.duettoresearch.com
12	services-p1.synxis.com	reservations.nobuhotels.com
12	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
11	www.thehotelsnetwork.com	www.googletagmanager.com www.thehotelsnetwork.com
8	cdn.livechatinc.com	reservations.nobuhotels.com secure.livechatinc.com
5	tag.yieldoptimizer.com	1 redirects
5	cm.g.doubleclick.net	4 redirects
5	www.facebook.com	reservations.nobuhotels.com
5	forge.gtsgapps.com	reservations.nobuhotels.com widgets.gtsgig.com forge.gtsgapps.com
5	fonts.googleapis.com	reservations.nobuhotels.com client
4	ad.doubleclick.net	4 redirects
4	loscabos.nobuhotels.com	reservations.nobuhotels.com
3	api.livechatinc.com	cdn.livechatinc.com
3	match.adsrvr.org	3 redirects
3	pixel.sojern.com
3	cr4dl.gtsgapps.com	forge.gtsgapps.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	connect.facebook.net	reservations.nobuhotels.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com reservations.nobuhotels.com
3	www.googletagmanager.com	reservations.nobuhotels.com www.googletagmanager.com
2	dpm.demdex.net	1 redirects
2	capture.gatag.it	1 redirects
2	ib.adnxs.com	2 redirects
2	adservice.google.com
2	capture.duettoresearch.com	reservations.nobuhotels.com capture.duettoresearch.com
2	www.google.ca	reservations.nobuhotels.com
2	www.google.com	reservations.nobuhotels.com
1	js.sentry-cdn.com	www.thehotelsnetwork.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	beacon.krxd.net
1	d.turn.com	1 redirects
1	tag.adaraanalytics.com
1	idsync.rlcdn.com
1	www.gatag.it	gatag.it
1	ssl.google-analytics.com
1	google-analytics.com	gatag.it
1	fcmatch.youtube.com
1	fcmatch.google.com	1 redirects
1	gatag.it	reservations.nobuhotels.com
1	beacon.sojern.com	reservations.nobuhotels.com
1	mes4.gtsgapps.com	forge.gtsgapps.com
1	api.ipify.org	forge.gtsgapps.com
1	widgets.gtsgig.com	1 redirects
1	cdn.trackhs.com	reservations.nobuhotels.com
1	www.googleoptimize.com	www.googletagmanager.com
1	be-cms-api.synxis.com	reservations.nobuhotels.com
1	www.allinclusivecollection.com	reservations.nobuhotels.com
1	gtly.to	1 redirects
145	51

This site contains links to these domains. Also see Links.

Domain
loscabos.nobuhotels.com
nobuhotels.com
noburestaurants.com
www.nobuhotels.com
www.lhw.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-21` - `2023-05-20`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.allinclusivecollection.com Go Daddy Secure Certificate Authority - G2	`2022-07-28` - `2023-07-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-28` - `2023-02-28`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-28` - `2022-12-27`	3 months	crt.sh
*.trackhs.com Amazon	`2022-11-11` - `2023-12-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
forge.gtsgapps.com Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
cr4dl.gtsgapps.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
mes4.gtsgapps.com Amazon	`2022-07-02` - `2023-07-31`	a year	crt.sh
*.duettoresearch.com Go Daddy Secure Certificate Authority - G2	`2022-07-07` - `2023-08-08`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-16` - `2023-01-16`	a year	crt.sh
gatag.it Amazon	`2022-02-22` - `2023-03-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gatag.it Amazon	`2022-02-22` - `2023-03-23`	a year	crt.sh
*.thehotelsnetwork.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-11-24`	a year	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-10` - `2023-10-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adaraanalytics.com Go Daddy Secure Certificate Authority - G2	`2022-06-25` - `2023-07-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Frame ID: 5DF5A2184FBB83945C0F4EE1BEF8103C
Requests: 124 HTTP requests in this frame

Frame: https://forge.gtsgapps.com/superfastiframe.html
Frame ID: 1FBB0C6BEC161E24B15D98E724CA733C
Requests: 3 HTTP requests in this frame

Frame: https://www.thehotelsnetwork.com/widget/core/latest/hub/
Frame ID: D246491C1959951CCF5F0CB7D282BE04
Requests: 3 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=6669831&group=35&embedded=1&widget_version=3&unique_groups=0
Frame ID: 80D03D3BF12596A33400A074C1DF0400
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nobu Hotel Los Cabos - Reservations - Room Availability

Page URL History Show full URLs

https://gtly.to/um34oCJ1K HTTP 301
https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&h... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

145
Requests

89 %
HTTPS

44 %
IPv6

34
Domains

51
Subdomains

38
IPs

1
Countries

3304 kB
Transfer

11838 kB
Size

66
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://loscabos.nobuhotels.com/

Search URL Search Domain Scan URL

URL: https://loscabos.nobuhotels.com/best-rate-guarantee/
Title: BEST RATE GUARANTEE

Search URL Search Domain Scan URL

URL: https://loscabos.nobuhotels.com/hurricane-policy/
Title: Hurricane Storm Policy

Search URL Search Domain Scan URL

URL: https://loscabos.nobuhotels.com/covid-19-measures-nobu-hotel-los-cabos/
Title: Hotel Updates

Search URL Search Domain Scan URL

URL: https://nobuhotels.com/hotel-collection/
Title: Our Hotels

Search URL Search Domain Scan URL

URL: https://nobuhotels.com/our-story/
Title: About Nobu Hospitality

Search URL Search Domain Scan URL

URL: https://loscabos.nobuhotels.com/meetings-events/
Title: Meetings & Events

Search URL Search Domain Scan URL

URL: https://loscabos.nobuhotels.com/weddings/
Title: Weddings

Search URL Search Domain Scan URL

URL: https://loscabos.nobuhotels.com/rfp/
Title: Request For Proposal

Search URL Search Domain Scan URL

URL: https://noburestaurants.com/
Title: Nobu Restaurants

Search URL Search Domain Scan URL

URL: https://www.nobuhotels.com/subscribe/
Title: Nobu Inner Circle

Search URL Search Domain Scan URL

URL: https://loscabos.nobuhotels.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://loscabos.nobuhotels.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://loscabos.nobuhotels.com/terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.lhw.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gtly.to/um34oCJ1K HTTP 301
https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://widgets.gtsgig.com/boot.js?hotel=rcd-nobu-los-cabo HTTP 301
https://forge.gtsgapps.com/boot.js?hotel=rcd-nobu-los-cabo

Request Chain 83

https://ad.doubleclick.net/ddm/activity/src=11544281;type=searc0;cat=nobul0;qty=1;cost=0;u1=;u2=;u3=USD;u4=2022%252F12%252F20;u5=2022%252F12%252F21;u8=;u9=1;u10=;u11=;u12=1;u13=;u16=;u17=Nobu%2BHotel%2BLos%2BCabos;u19=7999;u20=Nobu%2BLos%2BCabos;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11544281;dc_pre=CPTgtOHIiPwCFcVXwQod70AIUw;type=searc0;cat=nobul0;qty=1;cost=0;u1=;u2=;u3=USD;u4=2022%252F12%252F20;u5=2022%252F12%252F21;u8=;u9=1;u10=;u11=;u12=1;u13=;u16=;u17=Nobu%2BHotel%2BLos%2BCabos;u19=7999;u20=Nobu%2BLos%2BCabos;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=11544281;dc_pre=CPTgtOHIiPwCFcVXwQod70AIUw;type=searc0;cat=nobul0;qty=1;cost=0;u1=;u2=;u3=USD;u4=2022%252F12%252F20;u5=2022%252F12%252F21;u8=;u9=1;u10=;u11=;u12=1;u13=;u16=;u17=Nobu%2BHotel%2BLos%2BCabos;u19=7999;u20=Nobu%2BLos%2BCabos;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=APNhuZ-dknPBTg2KVEFO1Q&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj&sjrn_ula=774401732 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=APNhuZ-dknPBTg2KVEFO1Q&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj&sjrn_ula=774401732&google_tc= HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj&sjrn_ula=774401732&google_gid=CAESEAg7AKdtSOAIV5IKkaGIUYU&google_cver=1

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_hm=APNhuZ-dknPBTg2KVEFO1Q&google_nid=sojern_adh HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=APNhuZ-dknPBTg2KVEFO1Q&google_nid=sojern_adh&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDorAE91bGwcVyah4c6-BQoFff_4N9sAzC9cUyGtFprcRv3Kmg13kGalxT5oQFhFjmxBbHJBchbo0VDncDCnAaXfIISgU3GbNrxGmc7C_72HV-bBtWKg HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorAE91bGwcVyah4c6-BQoFff_4N9sAzC9cUyGtFprcRv3Kmg13kGalxT5oQFhFjmxBbHJBchbo0VDncDCnAaXfIISgU3GbNrxGmc7C_72HV-bBtWKg

Request Chain 86

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj HTTP 302
https://pixel.sojern.com/idsync/apn?id=6424406804217236213&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj

Request Chain 87

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=bd48c3f7-d0f2-41dd-969d-571f38872de1&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj

Request Chain 95

https://capture.gatag.it/?act=0&cid=0&apikey=%3FYXZkew%253D%253D&type=look&name=Nobu%20Hotel%20Los%20Cabos&promo=&iata=&group=&arrival=2022%2F12%2F20&depart=2022%2F12%2F21&template=NGBE&chain=20034&hotel=7999&language=en-US&session=1113919994&date=2022-12-20%2016%3A01%3A23&campaign=direct&keyword=&medium=none&source=direct&visits=1&ref=&ref2=&cookies=1&extra1=&extra4=0&extra5=1013&window=&device=not%20set&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36 HTTP 302
https://capture.gatag.it/smile.gif

Request Chain 100

https://tag.yieldoptimizer.com/ps/ps?t=s&p=5093&pg=st&hcd=7999& HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=637144909&t=s&p=5093&pg=st&hcd=7999&

Request Chain 106

https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=bd48c3f7-d0f2-41dd-969d-571f38872de1

Request Chain 109

https://ad.doubleclick.net/ddm/activity/src=9368825;type=invmedia;cat=aic-50;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9368825;dc_pre=CLbfsuLIiPwCFemDywEdCKsEtQ;type=invmedia;cat=aic-50;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9368825;dc_pre=CLbfsuLIiPwCFemDywEdCKsEtQ;type=invmedia;cat=aic-50;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Request Chain 110

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=8072699385364612712

Request Chain 111

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2028451123155 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=2028451123155

Request Chain 113

https://cms.analytics.yahoo.com/cms?partner_id=ADARA HTTP 302
https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-6_eDcPVE2pHGjq4UafGECi7czuOT4kuXJ4M-~A

145 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
reservations.nobuhotels.com/
Redirect Chain

https://gtly.to/um34oCJ1K
https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT

409 KB
88 KB

866ms
801ms

Document
text/html

45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0e671dd0a96a7b3a5c5ded4160402d2d9807ef0f258d8d92871d17814061dc70

Security Headers

Name	Value
Content-Security-Policy	img-src data: ; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: ; media-src ; script-src 'strict-dynamic' 'nonce-KORsWRpVEmrHa4NKR9JTSg==' 'unsafe-inline' 'unsafe-eval' 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com pdx-col.eum-appdynamics.com https://.gtsgapps.com https://.livechatinc.com https://api.livechatinc.com https://cdn.livechatinc.com https://secure.livechatinc.com https://ib.adnxs.com https://pro.ip-api.com https://vars.hotjar.com https://in.hotjar.com .gtsgig.com .laasie.ai https://zbf3t54l4l.execute-api.us-west-2.amazonaws.com https://.asksuite.com .asksuite.com https://.virtualturbopano.com .virtualturbopano.com https://www.virtualturbopano.com https://my.matterport.com .my.matterport.com https://virtual-turbo-360.captur3d.io .virtual-turbo-360.captur3d.io .support.matterport.com .reservations.nobuhotels.com https://.support.matterport.com https://.capture.duettoresearch.com; default-src 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com pdx-col.eum-appdynamics.com https://.gtsgapps.com https://.livechatinc.com https://api.livechatinc.com https://cdn.livechatinc.com https://secure.livechatinc.com https://ib.adnxs.com https://pro.ip-api.com https://vars.hotjar.com https://in.hotjar.com .gtsgig.com .laasie.ai https://zbf3t54l4l.execute-api.us-west-2.amazonaws.com https://.asksuite.com .asksuite.com https://.virtualturbopano.com .virtualturbopano.com https://www.virtualturbopano.com https://my.matterport.com .my.matterport.com https://virtual-turbo-360.captur3d.io .virtual-turbo-360.captur3d.io .support.matterport.com .reservations.nobuhotels.com https://.support.matterport.com https://*.capture.duettoresearch.com; report-uri /reports?hid=7999&cid=20034&sid=YFNp-QIwcRyWeaQxNM6lZfjA
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Dec 2022 16:01:19 GMT
Transfer-Encoding: chunked
X-CDN: Imperva
X-Iinfo: 7-370286934-370286944 NNNN CT(85 155 0) RT(1671552078301 23) q(0 0 2 0) r(8 8) U12
content-encoding: gzip
content-security-policy: img-src data: *; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: *; media-src *; script-src 'strict-dynamic' 'nonce-KORsWRpVEmrHa4NKR9JTSg==' 'unsafe-inline' 'unsafe-eval' 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.gatag.it gatag.it *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io *.sabre-gcp.com *.sabre-gcp.com:3000 *.sabre-gcp.com:3001 *.sabre-gcp.com:3002 *.sabrecirrus.com pdx-col.eum-appdynamics.com https://*.gtsgapps.com https://*.livechatinc.com https://api.livechatinc.com https://cdn.livechatinc.com https://secure.livechatinc.com https://ib.adnxs.com https://pro.ip-api.com https://vars.hotjar.com https://in.hotjar.com *.gtsgig.com *.laasie.ai https://zbf3t54l4l.execute-api.us-west-2.amazonaws.com https://*.asksuite.com *.asksuite.com https://*.virtualturbopano.com *.virtualturbopano.com https://www.virtualturbopano.com https://my.matterport.com *.my.matterport.com https://virtual-turbo-360.captur3d.io *.virtual-turbo-360.captur3d.io *.support.matterport.com *.reservations.nobuhotels.com https://*.support.matterport.com https://*.capture.duettoresearch.com; default-src 'self' *.synxis.com *.googletagmanager.com *.google-analytics.com google-analytics.com *.google.com *.googleapis.com *.gatag.it gatag.it *.doubleclick.net icm.aexp-static.com *.sabrehospitality.com *.asc.sabre.com *.thehotelsnetwork.com thehotelsnetwork.com *.trivago.com trivago.com *.tripadvisor.com tripadvisor.com *.sojern.com sojern.com *.triptease.io triptease.io *.sabre-gcp.com *.sabre-gcp.com:3000 *.sabre-gcp.com:3001 *.sabre-gcp.com:3002 *.sabrecirrus.com pdx-col.eum-appdynamics.com https://*.gtsgapps.com https://*.livechatinc.com https://api.livechatinc.com https://cdn.livechatinc.com https://secure.livechatinc.com https://ib.adnxs.com https://pro.ip-api.com https://vars.hotjar.com https://in.hotjar.com *.gtsgig.com *.laasie.ai https://zbf3t54l4l.execute-api.us-west-2.amazonaws.com https://*.asksuite.com *.asksuite.com https://*.virtualturbopano.com *.virtualturbopano.com https://www.virtualturbopano.com https://my.matterport.com *.my.matterport.com https://virtual-turbo-360.captur3d.io *.virtual-turbo-360.captur3d.io *.support.matterport.com *.reservations.nobuhotels.com https://*.support.matterport.com https://*.capture.duettoresearch.com; report-uri /reports?hid=7999&cid=20034&sid=YFNp-QIwcRyWeaQxNM6lZfjA
link: </public/js/font-spark-icon-fill.woff2>; rel=preload; as=font; type=font/woff2; crossOrigin=anonymous, </public/js/font-spark-icon-line.woff2>; rel=preload; as=font; type=font/woff2; crossOrigin=anonymous, </public/js/client.js>; rel=preload; as=script, </public/js/modules-main.js>; rel=preload; as=script,
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-cache, no-store, must-revalidate
content-length: 472
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 16:01:18 GMT
location: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
referer
server: Google Frontend
vary: Accept
via: 1.1 google
x-cloud-trace-context: 973b97d8caa251ad5ecc33090056171c
x-powered-by: Express

GET
H/1.1 200
OK font-spark-icon-fill.woff2
reservations.nobuhotels.com/public/js/ 30 KB
31 KB 299ms
264ms Font
font/woff2 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/font-spark-icon-fill.woff2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Origin: https://reservations.nobuhotels.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Last-Modified: Mon, 05 Dec 2022 12:52:12 GMT
X-CDN: Imperva
ETag: W/"792c-184e2580c60"
x-frame-options: SAMEORIGIN
Content-Type: font/woff2
X-Iinfo: 12-668813389-668813399 NNNN CT(82 73 0) RT(1671552079148 29) q(0 0 2 -1) r(3 3) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31020

GET
H/1.1 200
OK font-spark-icon-line.woff2
reservations.nobuhotels.com/public/js/ 39 KB
39 KB 320ms
285ms Font
font/woff2 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/font-spark-icon-line.woff2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Origin: https://reservations.nobuhotels.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Last-Modified: Mon, 05 Dec 2022 12:52:12 GMT
X-CDN: Imperva
ETag: W/"9a0c-184e2580c60"
x-frame-options: SAMEORIGIN
Content-Type: font/woff2
X-Iinfo: 7-370287084-370287086 NNNN CT(84 100 0) RT(1671552079149 19) q(0 0 2 -1) r(3 3) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39436

GET
H/1.1 200
OK client.js Show response
reservations.nobuhotels.com/public/js/ 3 MB
545 KB 367ms
331ms Script
application/javascript 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/client.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

91694e77238f305d0254caca72ad44d0fe9d674992ec37101828982c0f75d582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 12:52:12 GMT
X-CDN: Imperva
ETag: W/"882c1-184e2580c60"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 12-668813392-668811480 2NNN RT(1671552079150 31) q(0 0 0 -1) r(3 3) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 557761

GET
H/1.1 200
OK modules-main.js Show response
reservations.nobuhotels.com/public/js/ 3 MB
758 KB 295ms
259ms Script
application/javascript 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/modules-main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ffd8d06d30b07b6eb857aca13a6679a95f9e0ad1ed8043329cc424c41f71c291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 12:52:12 GMT
X-CDN: Imperva
ETag: W/"bd656-184e2580c60"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 8-385093191-385091705 2NNN RT(1671552079150 23) q(0 0 0 -1) r(3 3) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 775766

GET
H/1.1 200
OK GothamPro-Italic.woff
reservations.nobuhotels.com/shs-bedesigner-services/assets/chain/20034/hotel/7999/fileStorage/font/ 24 KB
24 KB 776ms
741ms Font
application/octet-stream 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://reservations.nobuhotels.com/shs-bedesigner-services/assets/chain/20034/hotel/7999/fileStorage/font/GothamPro-Italic.woff
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.18.235 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ce5198a44416a4cecee6e5975d758ef39921039ee4d6e8b4ee933b11e01c342

Request headers

Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Origin: https://reservations.nobuhotels.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:19 GMT
via: 1.1 google
Server: nginx
X-CDN: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://reservations.nobuhotels.com
X-Iinfo: 10-555896769-555895103 3NNN RT(1671552079216 24) q(0 0 0 -1) r(7 7) U12
vary: Origin
access-control-allow-credentials: true
content-disposition: inline
Connection: keep-alive
Content-Length: 24136

GET
H/1.1 200
OK GothamPro-Bold.woff2
reservations.nobuhotels.com/shs-bedesigner-services/assets/chain/20034/hotel/7999/fileStorage/font/ 12 KB
13 KB 422ms
239ms Font
application/octet-stream 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://reservations.nobuhotels.com/shs-bedesigner-services/assets/chain/20034/hotel/7999/fileStorage/font/GothamPro-Bold.woff2
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.18.235 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c696303a636e00d7bc9e7767e6a075726c1b244ae6a86bbcdb689ce12e92ef2

Request headers

Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Origin: https://reservations.nobuhotels.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:19 GMT
via: 1.1 google
Server: nginx
X-CDN: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://reservations.nobuhotels.com
X-Iinfo: 7-370286934-370286944 SNNN RT(1671552078301 1091) q(0 0 0 -1) r(3 3) U12
vary: Origin
access-control-allow-credentials: true
content-disposition: inline
Connection: keep-alive
Content-Length: 12556

GET
H/1.1 200
OK GothamPro.woff2
reservations.nobuhotels.com/shs-bedesigner-services/assets/chain/20034/hotel/7999/fileStorage/font/ 15 KB
15 KB 567ms
240ms Font
application/octet-stream 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://reservations.nobuhotels.com/shs-bedesigner-services/assets/chain/20034/hotel/7999/fileStorage/font/GothamPro.woff2
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.18.235 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e1aacd78dd4af57a3f9543b18322d720e48ed276622eae2eee1daec8bf90112

Request headers

Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Origin: https://reservations.nobuhotels.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:19 GMT
via: 1.1 google
Server: nginx
X-CDN: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://reservations.nobuhotels.com
X-Iinfo: 12-668813389-668813399 SNNN RT(1671552079148 396) q(0 0 0 -1) r(2 2) U12
vary: Origin
access-control-allow-credentials: true
content-disposition: inline
Connection: keep-alive
Content-Length: 14908

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 282 KB
79 KB 90ms
40ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf7be7d4baa03f1b58be7626dad5c0094f814bb02751892de3836fe34584c9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80735
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Dec 2022 16:01:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 84ms
35ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8825dc4d61a2cadba97be1943b3915899749a233d2e719ea734e2ff043a0f421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 16:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 15:59:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 16:01:19 GMT

GET
H2 200 icon_check_brg.png
www.allinclusivecollection.com/ecommerce/sbe_phones/ 1 KB
1 KB 289ms
86ms Image
image/png 50.63.7.201
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allinclusivecollection.com/ecommerce/sbe_phones/icon_check_brg.png
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.7.201 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 201.7.63.50.host.secureserver.net
Software: Apache /
Resource Hash: e7b65f6d3ef0a4e62f16bedcb1880c571454a8d2cabca0dc64e5a3697aae8747

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:19 GMT
last-modified: Fri, 19 Nov 2021 20:01:25 GMT
server: Apache
accept-ranges: bytes
etag: "45e3577-523-5d129bd660f40"
content-length: 1315
content-type: image/png

POST
H/1.1 200
OK getProductAvailability Show response
reservations.nobuhotels.com/gw/product/v1/ 60 KB
10 KB 1274ms
949ms XHR
application/json 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/gw/product/v1/getProductAvailability

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

7fc5ff80b1ce06351406075b2c53eb64b163b0a5fc37864fcd7a542a3dae8f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

ActivityID: YFNp-QIwcRyWeaQxNM6lZfjA
x-business-context: BE
Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
context: BE
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

content-encoding: gzip
X-CDN: Imperva
accept-language: en-CA,en;q=0.9
x-api-session: MDAxMjF-MmV6NmNvZ2ZGMzRHTXFxUnE1dlVkTTRCT2tEVDNrZExkRCtzTStuazd5MURvTGJ2QlpNY0dtYmhsNEo1ZUVuSnFwNWo1WWVqU2xjMFlIRmNVcDhjOXNFTjgySTdvRGZHQ2UySlJDT2hMaWhKVkxoajRqZkx1WnFxSXgyOC9lWkZMWjZOM3JjWFVjbVFJY0VpZjhNeGJ0QzJydVgrQ2g2azU0TWpObm9nSzlIQmVJUDd3UkNHcDlmSVFadEI2RlhobURMWUpjQlc0NFlHS2hqMzJDODNzeTkvM0pJc3dxWXh6V01TM2MzS2JBY2l2anFPaFA3V3JVMHNaVzhNRGl3WWp5ZUkyMjZnSUMxODAwZTN1UDZYbFBlbkdCMDFoeU5vUkVtMW8wbU1GSy8wUHFVcW1MZU9WeTk0dkNsUTFFTWQ
X-Iinfo: 7-370287084-370287086 SNNN RT(1671552079149 415) q(0 0 0 -1) r(9 9) U6
cdn-loop: IncapCDN; id="358_2559050"
sec-fetch-dest: empty
Connection: keep-alive
pragma: no-cache
x-forwarded-host: reservations.nobuhotels.com
x-amzn-trace-id: Root=1-63a1dc4f-6e32a56403ebf8390e6fa390
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json;charset=UTF-8
access-control-allow-origin: https://reservations.nobuhotels.com
activityid: YFNp-QIwcRyWeaQxNM6lZfjA
cache-control: no-cache
referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
context: BE
incap-client-ip: 149.56.153.183
sec-fetch-mode: cors
Date: Tue, 20 Dec 2022 16:01:20 GMT
message-id: ozemqzyfl
origin: https://reservations.nobuhotels.com
x-content-type-options: nosniff
via: 1.1 google, 1.1 google, 1.1 google
x-real-ip: 10.123.77.179
x-forwarded-for: 149.56.153.183, 198.143.38.1, 10.123.77.179,10.30.0.105,10.30.0.241
x-forwarded-proto: https
Content-Length: 7542
x-business-context: BE
Server: nginx
incap-proxy-358: OK
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: 20pd9nt4e
x-forwarded-port: 443
app-env: p1

GET
H2 200 LHW_logo-300x82.png
loscabos.nobuhotels.com/wp-content/uploads/2019/05/ 3 KB
3 KB 105ms
46ms Image
image/webp 2606:4700:20::681a:1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loscabos.nobuhotels.com/wp-content/uploads/2019/05/LHW_logo-300x82.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

760382ab59a9ead5627783083496debc5fe829db2ae238e92a62c60ba06c8ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59235
cf-polished: origFmt=png, origSize=4462
content-disposition: inline; filename="LHW_logo-300x82.webp"
content-length: 2824
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 29 Mar 2021 15:32:28 GMT
server: cloudflare
etag: "116e-5beae96e1bd9a"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54Vf4wXhC2%2FZvXAs%2FhYoHpadISWUFI3vQvRntmwbzb0glvefwWQIM1nEqti%2FLuKtqD%2ByffmTxG8IbsyIpI6SY%2FFyqcMi5wMNZ1Sd%2BzYXDZ2CHExSEONZaLHFvRAsoW%2FX7ahfJ9PXcnaPaBMkuN%2B%2BPE5%2Fc5do"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 77c998905aaca1fc-YYZ
expires: Thu, 19 Jan 2023 23:34:04 GMT

GET
H2 200 virtuoso-nobu-hotel-los-cabos.png
loscabos.nobuhotels.com/wp-content/uploads/2022/06/ 3 KB
3 KB 138ms
79ms Image
image/webp 2606:4700:20::681a:1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loscabos.nobuhotels.com/wp-content/uploads/2022/06/virtuoso-nobu-hotel-los-cabos.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b63a310a292d809d3a65a417bb06a17cde7cd77213da4f91ff58f2803d99a6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 96327
cf-polished: origFmt=png, origSize=11199
content-disposition: inline; filename="virtuoso-nobu-hotel-los-cabos.webp"
content-length: 2604
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Jun 2022 17:09:59 GMT
server: cloudflare
etag: "2bbf-5e08e31393a47"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txaxYtf99By%2B4%2BAoUHiFc8KPQQ1hRq%2BKUFjYEnzPG%2BxtReIZ2pHsxYrt9i6Rb55xrLdkZiFm6MLwWHTNQn3USB54I%2FQwTw%2FfZyRkO41JkoYjkCSdlE8HJTJiLW%2BjNV79MEUj5%2FZRGJ0Ahhmw0Mirkx3pgDMW"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 77c998905ab6a1fc-YYZ
expires: Thu, 19 Jan 2023 13:15:52 GMT

GET
H2 200 The-Hotel-Collection.png
loscabos.nobuhotels.com/wp-content/uploads/2021/05/ 4 KB
5 KB 112ms
54ms Image
image/webp 2606:4700:20::681a:1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loscabos.nobuhotels.com/wp-content/uploads/2021/05/The-Hotel-Collection.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae782b6c7faaac04d419cd605e67eb52da12b98609e884bd88e1558dbd36d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 96327
cf-polished: origFmt=png, origSize=5496
content-disposition: inline; filename="The-Hotel-Collection.webp"
content-length: 4236
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 May 2021 19:07:24 GMT
server: cloudflare
etag: "1578-5c199e7a606f2"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyKu6Um7wOB27Ynu%2FRLVirP6ON2FdKu4xkYi71PJmTzIizpuKTVw%2FObV%2FkqCdoOQlH2JmOop5VtL7UVxyWVlCHiwYHdQ50smKZyUimqfYbMtlDNH7v5sm2gvhXAaxXuh2H%2FZrSoLSnSkpMXtJKE37CBkQpqF"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 77c998905abba1fc-YYZ
expires: Thu, 19 Jan 2023 13:15:52 GMT

GET
H2 200 nobu-best-rate-guranteed.png
loscabos.nobuhotels.com/wp-content/uploads/2021/09/ 1 KB
2 KB 96ms
38ms Image
image/webp 2606:4700:20::681a:1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loscabos.nobuhotels.com/wp-content/uploads/2021/09/nobu-best-rate-guranteed.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7cdd6d89b4fa55ee546505971c0acdc6b25648453e692222e908dd56215f462

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 96327
cf-polished: origFmt=png, origSize=3071
content-disposition: inline; filename="nobu-best-rate-guranteed.webp"
content-length: 1210
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Sep 2021 22:57:50 GMT
server: cloudflare
etag: "bff-5cb97ed9cd832"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftrTzkB9trJlZ%2B7KEiHmwDESMr4h%2FFXo8em8la9a3lUQeSAvfysBdskWjhMBA2azij9jCikv1jpfNiHEDGfgaU99tb4REV2Z9H2AKWtl636td7r%2ByVNOb%2BVZcK4mcmRDRSn91PMoxIRyQmv8G1nr1YHdwbuv"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 77c998905ac4a1fc-YYZ
expires: Thu, 19 Jan 2023 13:15:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 339 KB
102 KB 127ms
79ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-585SFGN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a65e3f0253585b60aa363b67b7276e927355187075807370d4a208eb8f1457d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104686
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Dec 2022 16:01:19 GMT

GET
H2 200 logo_nb_lc.svg
be-cms-api.synxis.com/assets/chain/20034/hotel/7999/fileStorage/image/ 12 KB
5 KB 191ms
96ms Image
image/svg+xml 45.60.151.144
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://be-cms-api.synxis.com/assets/chain/20034/hotel/7999/fileStorage/image/logo_nb_lc.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.151.144 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e0945c2667eb5c954d7e17f623dbe96fe12c88fe4fc5c4d930a564f9a93e9649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:18 GMT
via: 1.1 google
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 3-166751634-166751639 NNYY CT(4 10 0) RT(1671552078854 33) q(0 0 0 5) r(1 1) U5
access-control-allow-credentials: true
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200
OK reports
reservations.nobuhotels.com/ 3 KB
1 KB 141ms
139ms Other
application/json 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/reports?hid=7999&cid=20034&sid=YFNp-QIwcRyWeaQxNM6lZfjA

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

74a1b487adcfbb5c464a4a66e138d6f887bda5b529bc1a7a05eeb5ecd4af61cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Tue, 20 Dec 2022 16:01:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Encoding: gzip
X-CDN: Imperva
ETag: W/"c9b-6rP4GQt/4zyexx0qIWHEEgL4p5E"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
X-Iinfo: 7-370286934-370286944 SNYN RT(1671552078301 1340) q(0 0 0 -1) r(1 1) U6
Connection: keep-alive

GET _Incapsula_Resource
reservations.nobuhotels.com/ 0
0

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 117 KB
45 KB 104ms
41ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-M7KFL97

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-585SFGN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a577a80fa62d8da4aa500b07c3449b5932e87bdcfbc81dfda8e374527b878497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45834
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 16:01:19 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 101ms
39ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-585SFGN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 20 Dec 2022 16:01:19 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA1A95D4199142968D3F020B2D5CFBBE Ref B: YTO01EDGE0720 Ref C: 2022-12-20T16:01:19Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 72ms
21ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 20 Dec 2022 16:01:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7XMnjWt98Is0G1SdQ1gIuxlo8MHzMfe1HFYYtWVhiQCw78or67KCOQjpVAc8tL6tmWKBzuE1P4Cdmbppi6SIKw==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracking.js Show response
cdn.trackhs.com/tracking/ 5 KB
2 KB 275ms
81ms Script
application/javascript 13.249.190.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trackhs.com/tracking/tracking.js
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.190.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-190-110.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0088a48d02c4b7b030481627b922901d2ee9232895d8f3bc02b9453b3e190dd9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 12:09:38 GMT
content-encoding: gzip
via: 1.1 da6ac7fe2ce4440b4aa52fe43d9dbf52.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jul 2019 22:19:05 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C2
age: 13902
etag: W/"bd9b219e905dfa01b31361f3c24b2c5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Y2alhZOfXa_mkT5JG_VPmDMe0q-aQ8fpCnyYom2GSbfbJNZZvnmfPg==

GET
H2

200

boot.js Show response
forge.gtsgapps.com/
Redirect Chain

https://widgets.gtsgig.com/boot.js?hotel=rcd-nobu-los-cabo
https://forge.gtsgapps.com/boot.js?hotel=rcd-nobu-los-cabo

26 KB
9 KB

299ms
84ms

Script
application/javascript

2600:9000:20ee:1800:1:279d:1d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://forge.gtsgapps.com/boot.js?hotel=rcd-nobu-los-cabo
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Protocol: H2
Server: 2600:9000:20ee:1800:1:279d:1d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41f63ca5ca8f25840002856c5614eebf539853ad5651b571998a8466a0bb0824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:36:12 GMT
content-encoding: gzip
via: 1.1 78ece21c53165b68619b053629326ac8.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 16:27:12 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C2
age: 19507
etag: W/"032206b50c0815a4e1c3d2a09ba37560"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=21600
x-amz-cf-id: Nrt0KcUIrH0zhd2sUAexKj9kCU2gD8DSw6ytmX43DqVZ_gh-puFRcg==

Redirect headers

date: Tue, 20 Dec 2022 16:01:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHEBnYba6Ai6YT5vYPhaDurGdPrPV7ytmFh0mdyVWoxzu%2FcBXzdIRYf80tGOlG9RExlLP%2F2GHs61yIyJsgg1nQ2wCqlApgczg5rZtnkgeUopO%2F6DRSD%2F0pXma8cypcKYe0gs%2B6pZ2M%2B9xG7Dg1wy0HM%3D"}],"group":"cf-nel","max_age":604800}
location: https://forge.gtsgapps.com/boot.js?hotel=rcd-nobu-los-cabo
cache-control: max-age=3600
cf-ray: 77c99891baf7c409-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 17:01:19 GMT

GET
H2 200 358743651238232 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 73ms
72ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/358743651238232?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e60d08f427fc54fa9e825df39f48eb5111cfd7344b8ab36638e85823c4b8add1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 20 Dec 2022 16:01:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: M72E/OlhxwVC1Q/bVGmSNi8kxfII6VH19JUsE1keEdoyW4FMbO5rEw+FDLF1xVYzN32twhOPERRq/Kw3G+HpeA==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 25033040.js Show response
bat.bing.com/p/action/ 0
119 B 103ms
102ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25033040.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 20 Dec 2022 16:01:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 86533380AD8549A28BFCC516239F783E Ref B: YTO01EDGE0720 Ref C: 2022-12-20T16:01:19Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 40ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25033040&tm=gtm002&Ver=2&mid=9134c5d8-5a7d-4c64-9578-daf9495d630c&sid=8ad3dec0807f11edae1a21eadbfad4aa&vid=8ad3f2b0807f11eda95eed6c28230945&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26chain%3D20034%26child%3D0%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-05-12%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26themecode%3DDFT&r=&evt=pageLoad&sv=1&rn=428144

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 20 Dec 2022 16:01:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D9C20D340C274AE38DEDE871547D2181 Ref B: YTO01EDGE0720 Ref C: 2022-12-20T16:01:19Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
21ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-585SFGN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 14:44:11 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4628
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 20 Dec 2022 16:44:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
20ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=358743651238232&ev=PageView&dl=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26chain%3D20034%26child%3D0%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-05-12%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26themecode%3DDFT&rl=&if=false&ts=1671552079774&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671552079773.2038125639&it=1671552079653&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 20 Dec 2022 16:01:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 81ms
34ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1731351748&t=pageview&_s=1&dl=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26chain%3D20034%26child%3D0%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-05-12%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26themecode%3DDFT&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABRAAAACAAI~&jid=2132468643&gjid=432308996&cid=1113919994.1671552080&tid=UA-107225694-2&_gid=1192877900.1671552080&_r=1&gtm=2wgbu0585SFGN&z=604897869

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 84ms
32ms XHR
text/plain 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-107225694-2&cid=1113919994.1671552080&jid=2132468643&gjid=432308996&_gid=1192877900.1671552080&_u=YGBACEAARAAAACAAI~&z=1345351277

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Dec 2022 16:01:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 88ms
40ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107225694-2&cid=1113919994.1671552080&jid=2132468643&_u=YGBACEAARAAAACAAI~&z=121905565

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 97ms
47ms Image
image/gif 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107225694-2&cid=1113919994.1671552080&jid=2132468643&_u=YGBACEAARAAAACAAI~&z=121905565

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vendors-en.js Show response
reservations.nobuhotels.com/public/js/ 32 KB
5 KB 520ms
519ms Script
application/javascript 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/vendors-en.js

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/client.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8074a161d80ffca068c5a4969bccfa4b5a4189d3b0da84702d13d2f0b2b29606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Encoding: br
Last-Modified: Mon, 05 Dec 2022 12:52:12 GMT
X-CDN: Imperva
ETag: W/"fdf-184e2580c60"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 10-555896769-555897092 NNNN CT(76 158 0) RT(1671552079216 1177) q(0 0 3 -1) r(5 5) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4063

GET
H2 200 swApp.js Show response
forge.gtsgapps.com/ 925 KB
259 KB 85ms
84ms Script
application/javascript 2600:9000:20ee:1800:1:279d:1d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://forge.gtsgapps.com/swApp.js?hotel=rcd-nobu-los-cabo
Requested by: Host: widgets.gtsgig.com
URL: https://widgets.gtsgig.com/boot.js?hotel=rcd-nobu-los-cabo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ee:1800:1:279d:1d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f866d7d929ad2ed6f384a3cbc71301d532a852f000d8001105b99c7503409f1f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:36:13 GMT
content-encoding: gzip
via: 1.1 78ece21c53165b68619b053629326ac8.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 16:27:12 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C2
age: 19508
etag: W/"fca2e39c62099b756ce9c0d1c7a416d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=21600
x-amz-cf-id: g-kkqMMUexYzii7qp0u6V6iPe6RpPwxk3-LqCv-DZdXWYzyitkhxRA==

GET
H2 200 staywanderful.33.f497f182b4f92a06c36c.js Show response
forge.gtsgapps.com/ 7 KB
3 KB 91ms
91ms Script
application/javascript 2600:9000:20ee:1800:1:279d:1d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://forge.gtsgapps.com/staywanderful.33.f497f182b4f92a06c36c.js
Requested by: Host: forge.gtsgapps.com
URL: https://forge.gtsgapps.com/swApp.js?hotel=rcd-nobu-los-cabo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ee:1800:1:279d:1d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37d3ad5a052e74aea1ac7c2458d0c901264f67e4f0c2dcf5fe0084d72fe6f165

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:36:13 GMT
content-encoding: gzip
via: 1.1 78ece21c53165b68619b053629326ac8.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 16:27:12 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C2
age: 19508
etag: W/"8bcf7d64f44596224c6b0161e0d44de4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=21600
x-amz-cf-id: OO57sxH3VQcErKWiXb8VfR9VmRZaxlxycF1SZ_IBp-FKmyRAsCRmng==

GET
H2 200 / Show response
cr4dl.gtsgapps.com/api/v1/hotels/hotel/ 714 B
936 B 145ms
51ms XHR
application/json 44.195.110.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cr4dl.gtsgapps.com/api/v1/hotels/hotel/?api_name=rcd-nobu-los-cabo

Requested by

Host: forge.gtsgapps.com
URL: https://forge.gtsgapps.com/swApp.js?hotel=rcd-nobu-los-cabo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.110.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-110-233.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

005b33e1dca40abae28f41bc812941fc1f68021905811225231569a55db83993

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:20 GMT
server: gunicorn/19.9.0
allow: GET, HEAD, OPTIONS
x-frame-options: SAMEORIGIN
content-type: application/json
vary: Origin
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 714
expires: Tue, 20 Dec 2022 17:01:20 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
528 B 86ms
42ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 16:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 14:07:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 16:01:20 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
539 B 82ms
39ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 16:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 14:50:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 16:01:20 GMT

GET
H3 200 css
fonts.googleapis.com/ 749 B
385 B 85ms
41ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ed148127f00ac44fac749efd614c529d91d96c0d290a395e0010a2f34178d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 16:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 14:03:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 16:01:20 GMT

GET
H3 200 css
fonts.googleapis.com/ 1 KB
383 B 84ms
40ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,500,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4d6d4261ff8934fae656f8b18ac4b856479f47c9cec48e7abaf4ba1b50e4f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 16:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 15:18:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 16:01:20 GMT

POST
H/1.1 200
OK GetUrgencyTriggers Show response
reservations.nobuhotels.com/gw/product/v1/ 2 KB
2 KB 399ms
398ms Fetch
application/json 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/gw/product/v1/GetUrgencyTriggers

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/client.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

2fb5f131d4dde6d4cc233489fb2a7ab41024b9be0a1dd9fa563219bcaa2d6837

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

ActivityID: YFNp-QIwcRyWeaQxNM6lZfjA
Accept: application/json,application/x-javascript
Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Context: BE
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: gzip
X-CDN: Imperva
accept-language: en-CA,en;q=0.9
X-Iinfo: 10-555896769-555897092 SNNN RT(1671552079216 1946) q(0 0 0 -1) r(4 4) U6
cdn-loop: IncapCDN; id="358_2559050"
sec-fetch-dest: empty
Connection: keep-alive
pragma: no-cache
x-forwarded-host: reservations.nobuhotels.com
x-amzn-trace-id: Root=1-63a1dc51-52fe2ffb6ff8e1d463095739
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json;charset=UTF-8
access-control-allow-origin: https://reservations.nobuhotels.com
activityid: YFNp-QIwcRyWeaQxNM6lZfjA
cache-control: no-cache
referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
context: BE
incap-client-ip: 149.56.153.183
sec-fetch-mode: cors
Date: Tue, 20 Dec 2022 16:01:21 GMT
message-id: ryi35p3gs
origin: https://reservations.nobuhotels.com
x-content-type-options: nosniff
via: 1.1 google, 1.1 google, 1.1 google
x-real-ip: 10.123.76.216
x-forwarded-for: 149.56.153.183, 198.143.38.1, 10.123.76.216,10.30.2.237,10.30.0.241
x-forwarded-proto: https
Content-Length: 402
Server: nginx
incap-proxy-358: OK
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: 10mm5cw2y
x-forwarded-port: 443
app-env: p1

GET
H/1.1 200
OK 1.js Show response
reservations.nobuhotels.com/public/js/ 11 KB
3 KB 151ms
150ms Script
application/javascript 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/1.js

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/client.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a8820829bf43f181bf50e9086f3970ea831f69c26d3a80ebb4b0caf40739afe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Encoding: br
Last-Modified: Mon, 05 Dec 2022 12:52:12 GMT
X-CDN: Imperva
ETag: W/"aaf-184e2580c60"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 7-370287084-370287086 SNNN RT(1671552079149 2048) q(0 0 0 -1) r(1 1) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2735

GET
H/1.1 200
OK 7.js Show response
reservations.nobuhotels.com/public/js/ 109 KB
21 KB 350ms
348ms Script
application/javascript 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/7.js

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/client.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

29a95814a3c7ce3e354c131a33de0f2d7836fff6a7f4a2ba64a313b6c1b0f209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 12:52:12 GMT
X-CDN: Imperva
ETag: W/"5118-184e2580c60"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 8-385093191-385093635 2NNN RT(1671552079150 2032) q(0 0 0 -1) r(0 4) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20760

GET
H/1.1 200
OK 0.js Show response
reservations.nobuhotels.com/public/js/ 19 KB
4 KB 282ms
280ms Script
application/javascript 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/0.js

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/client.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ca536ba9fc5725b2d3e02229dd74b71a2b372ace2e5d342626794d1f4983cbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Encoding: br
Last-Modified: Mon, 05 Dec 2022 12:52:12 GMT
X-CDN: Imperva
ETag: W/"f5c-184e2580c60"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 12-668813392-668813817 NNNN CT(81 75 0) RT(1671552079150 2023) q(0 0 2 -1) r(3 3) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3932

GET
H/1.1 200
OK 3.js Show response
reservations.nobuhotels.com/public/js/ 41 KB
8 KB 106ms
105ms Script
application/javascript 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/3.js

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/client.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a35d5a545df0832187feb25441ae32dd63d3f4ff0a71767cb7df96482ac67bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Encoding: br
Last-Modified: Mon, 05 Dec 2022 12:52:12 GMT
X-CDN: Imperva
ETag: W/"1e89-184e2580c60"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 12-668813389-668813399 SNNN RT(1671552079148 2027) q(0 0 0 -1) r(1 1) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7817

GET
H/1.1 200
OK 6.js Show response
reservations.nobuhotels.com/public/js/ 318 KB
48 KB 148ms
147ms Script
application/javascript 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/6.js

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/client.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

aeccc46e8f6885a4432e63e8455747ed2914bc1544d2c8550c88ff99f488c742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Encoding: br
Last-Modified: Mon, 05 Dec 2022 12:52:12 GMT
X-CDN: Imperva
ETag: W/"bf6f-184e2580c60"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 7-370286934-370286944 SNNN RT(1671552078301 2898) q(0 1 1 -1) r(1 1) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49007

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 41ms
19ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=358743651238232&ev=PageView&dl=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&rl=&if=false&ts=1671552081206&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671552079773.2038125639&it=1671552079653&coo=false&rqm=GET

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 20 Dec 2022 16:01:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK nobu_hotel_los_cabos_junior_suite_golf_or_dunes_view.jpg
reservations.nobuhotels.com/shs-ngbe-image-resizer/images/hotel/7999/images/medium/room/ 23 KB
23 KB 37ms
34ms Image
image/jpeg 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reservations.nobuhotels.com/shs-ngbe-image-resizer/images/hotel/7999/images/medium/room/nobu_hotel_los_cabos_junior_suite_golf_or_dunes_view.jpg
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.18.235 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d9e0256a032c19e147ae088add8eb800dbf2df9bee98b35146ca75d38b620ada

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:21 GMT
Last-Modified: Mon, 25 Jul 2022 04:03:08 GMT
X-CDN: Imperva
Etag: "06e478f3c121190573386ac1ef2abb01"
Content-Type: image/jpeg
X-Iinfo: 8-385093191-385093360 2CNN RT(1671552079150 2678) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=27767, public
Content-Length: 23572
Expires: Tue, 20 Dec 2022 23:44:08 GMT

GET
H/1.1 200
OK deluxe_room_swim-up_king_bed.jpg
reservations.nobuhotels.com/shs-ngbe-image-resizer/images/hotel/7999/images/medium/room/ 66 KB
66 KB 29ms
27ms Image
image/jpeg 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reservations.nobuhotels.com/shs-ngbe-image-resizer/images/hotel/7999/images/medium/room/deluxe_room_swim-up_king_bed.jpg
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.18.235 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c60678b892a67260c46697906e6901731f147d0bebcf3a5bc6eec7d0b98a7b68

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:21 GMT
Last-Modified: Mon, 25 Jul 2022 04:03:09 GMT
X-CDN: Imperva
Etag: "ddb3087d5a9558d2545d4069b12f5839"
Content-Type: image/jpeg
X-Iinfo: 10-555896769-555897238 2CNN RT(1671552079216 2606) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=27767, public
Content-Length: 67100
Expires: Tue, 20 Dec 2022 23:44:08 GMT

GET
H/1.1 200
OK nobu_hotel_los_cabos_deluxe_double_swim-up.jpg
reservations.nobuhotels.com/shs-ngbe-image-resizer/images/hotel/7999/images/medium/room/ 26 KB
26 KB 37ms
35ms Image
image/jpeg 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reservations.nobuhotels.com/shs-ngbe-image-resizer/images/hotel/7999/images/medium/room/nobu_hotel_los_cabos_deluxe_double_swim-up.jpg
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.18.235 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 5df8acef829d96072125f2c24ac311dc35b0f0ec31cf5e2439a53c4d1dfa1ad1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:21 GMT
Last-Modified: Mon, 25 Jul 2022 04:03:09 GMT
X-CDN: Imperva
Etag: "85e5dd30c1dd7d4302699ce45f82a951"
Content-Type: image/jpeg
X-Iinfo: 12-668813392-668809611 2CNN RT(1671552079150 2682) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=27767, public
Content-Length: 26141
Expires: Tue, 20 Dec 2022 23:44:08 GMT

GET
H/1.1 200
OK nobu_hotel_los_cabos_deluxe_private_pool.jpg
reservations.nobuhotels.com/shs-ngbe-image-resizer/images/hotel/7999/images/medium/room/ 23 KB
24 KB 27ms
25ms Image
image/jpeg 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reservations.nobuhotels.com/shs-ngbe-image-resizer/images/hotel/7999/images/medium/room/nobu_hotel_los_cabos_deluxe_private_pool.jpg
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.18.235 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ab6b1c7ac4e24f69a76d0ae3a03a16319e9340d2709d53e8de6c2feed4e4c224

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:21 GMT
Last-Modified: Mon, 25 Jul 2022 04:03:09 GMT
X-CDN: Imperva
Etag: "432131c81d6e2dc006b79d77b84edc55"
Content-Type: image/jpeg
X-Iinfo: 7-370286934-370287236 2CNN RT(1671552078301 3519) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=27767, public
Content-Length: 24037
Expires: Tue, 20 Dec 2022 23:44:08 GMT

GET
H/1.1 200
OK nobu_hotel_los_cabos_junior_suite_ocean_view_syn.jpg
reservations.nobuhotels.com/shs-ngbe-image-resizer/images/hotel/7999/images/medium/room/ 23 KB
23 KB 29ms
27ms Image
image/jpeg 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reservations.nobuhotels.com/shs-ngbe-image-resizer/images/hotel/7999/images/medium/room/nobu_hotel_los_cabos_junior_suite_ocean_view_syn.jpg
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.18.235 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 55fb568780e89e3e25cadf6128d45fb9ac298b38fd7f5329b5631bf1689bed27

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:21 GMT
X-CDN: Imperva
Etag: "aac15fba32dfc4859df235e196586f4e"
Content-Type: image/jpeg
X-Iinfo: 7-370287084-370286413 2CNN RT(1671552079149 2673) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=20260, public
Content-Length: 23370
Expires: Tue, 20 Dec 2022 21:39:01 GMT

POST
H/1.1 200 getLeadAvailability Show response
services-p1.synxis.com/gw/product/v1/ 217 KB
10 KB 6177ms
5876ms XHR
application/json 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/gw/product/v1/getLeadAvailability

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/modules-main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.241.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

13b1ceb4ad72af9a951bd67f78dd5aa523c52088f83d59e107d3e032ba69ddb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
Authorization: ApiKey MDAxMTZ+UkVvRjBNMkVmVTBQMjkwWVV1YzR3VTRZQ3c0NTJFdmdPSUVadmIwQmxIOEwycXo4Y3oxT3ptOEFvVkpCWUwxWnQ1MVROQkNUWEF1bkZVWjdyNms3N2c9PQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
activityid: JP4W76ySl7

Response headers

content-encoding: gzip
X-CDN: Imperva
accept-language: en-CA,en;q=0.9
x-api-session: MDAxMjF-Kzh6cWt0M1RkbW4yZExiR1h4Y1VDakN1ZnZqSGEwdDM1QStUK05qMytQQUFxaENCVHVWUTVlWExic3l6SVdqUmpZQVNRUi8veGtDTnVzNXM4NUZ3czRiNGlQdm1pVVE2R2tGS1BRamFzcUNVVG1DR29KdXRjRnlLYWltMnpVdVViTTgxakpmL3RJdng3VkEyaWt3ZHNBUWQvUXdRaEZoTnFtZzlsellCYUpEblZXUlJqMll1bFczSlJZZERpVmlHcmtvSERQTHEwZUtFN29XeXlaYngxOXoxdzc3d1hodVlYTUNaalB2OW5Daz0
Transfer-Encoding: chunked
X-Iinfo: 9-400290677-400290735 SNNN RT(1671552081772 612) q(0 0 0 9) r(59 59) U5
cdn-loop: IncapCDN; id="1362_2695530"
sec-fetch-dest: empty
pragma: no-cache
X-Forwarded-Host: services-p1.synxis.com
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
activityid: JP4W76ySl7
access-control-allow-origin: https://reservations.nobuhotels.com
x-cloud-trace-context: 25d4fe3f35d7075c4e4341316dfc5714/3069436072558979790
cache-control: no-cache
referer: https://reservations.nobuhotels.com/
Content-Type: application/json;charset=UTF-8
incap-client-ip: 149.56.153.183
sec-fetch-mode: cors
Date: Tue, 20 Dec 2022 16:01:28 GMT
Message-ID: 2ai1m90z7
origin: https://reservations.nobuhotels.com
x-content-type-options: nosniff
Via: 1.1 google, 1.1 google, 1.1 google
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
x-forwarded-proto: https
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-max-age: 3600
incap-proxy-1362: OK
access-control-allow-credentials: true
sec-fetch-site: cross-site
Conversation-ID: 85821ggkc

POST
H/1.1 200 getLeadAvailability Show response
services-p1.synxis.com/gw/product/v1/ 4 KB
3 KB 1256ms
953ms XHR
application/json 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/gw/product/v1/getLeadAvailability

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/modules-main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.241.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3deee5c87e84b8f75fb3eec6e18ba6338eb25321fc25dbd8ac58954a628f61fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
Authorization: ApiKey MDAxMTZ+UkVvRjBNMkVmVTBQMjkwWVV1YzR3VTRZQ3c0NTJFdmdPSUVadmIwQmxIOEwycXo4Y3oxT3ptOEFvVkpCWUwxWnQ1MVROQkNUWEF1bkZVWjdyNms3N2c9PQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
activityid: JP4W76ySl7

Response headers

content-encoding: gzip
X-CDN: Imperva
accept-language: en-CA,en;q=0.9
x-api-session: MDAxMjF-RkJwWDV0UW9vNkZTTnBYZWtSNHNybnowMkN4L2Y4MUhSTGlqRmoyRkFDbEhIMFpSQldZMlZZSzQzeldId2VoQTNEYWt4cTBNRlJoNmY4L1c0OHgyMndwTDhDeVVFSTJUY0cyYWs5Q09CNlVpL0tXMGIyY05EREVMdTFiWlRFZ2oxdStkaFZLWUs1VHdWLzJsU3M0d0c1TkQwclE2aFR3NUVZSGRiUERZR3oyQ0M5eS9tNERnQUFBVWVoRjF0UVZNd2F2WVpkMmpHUkw4M1YzZU5oZjQwTHZzVlFHTmpNYmorb0o1enhHZFZXOD0
Transfer-Encoding: chunked
X-Iinfo: 9-400290676-400290734 SNNN RT(1671552081772 611) q(0 0 0 0) r(10 10) U5
cdn-loop: IncapCDN; id="1362_2695530"
sec-fetch-dest: empty
pragma: no-cache
X-Forwarded-Host: services-p1.synxis.com
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
activityid: JP4W76ySl7
access-control-allow-origin: https://reservations.nobuhotels.com
x-cloud-trace-context: 60091b4d11cdb21605e2e29faefefdd2/883622627670536499
cache-control: no-cache
referer: https://reservations.nobuhotels.com/
Content-Type: application/json;charset=UTF-8
incap-client-ip: 149.56.153.183
sec-fetch-mode: cors
Date: Tue, 20 Dec 2022 16:01:22 GMT
Message-ID: 1n46g5pvv
origin: https://reservations.nobuhotels.com
x-content-type-options: nosniff
Via: 1.1 google, 1.1 google, 1.1 google
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
x-forwarded-proto: https
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-max-age: 3600
incap-proxy-1362: OK
access-control-allow-credentials: true
sec-fetch-site: cross-site
Conversation-ID: 36hmb01cp

GET
H2 200 / Show response
cr4dl.gtsgapps.com/api/v1/hotel-config/hotel-controller/ 1 KB
1 KB 68ms
68ms XHR
application/json 44.195.110.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cr4dl.gtsgapps.com/api/v1/hotel-config/hotel-controller/?hotel__api_name=rcd-nobu-los-cabo

Requested by

Host: forge.gtsgapps.com
URL: https://forge.gtsgapps.com/swApp.js?hotel=rcd-nobu-los-cabo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.110.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-110-233.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

1a726b060dc1caea851686f9440e7732dfdf9002943ff857c4c2b8475fb3de92

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:21 GMT
server: gunicorn/19.9.0
allow: GET, HEAD, OPTIONS
x-frame-options: SAMEORIGIN
content-type: application/json
vary: Origin
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 1075
expires: Tue, 20 Dec 2022 17:01:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=358743651238232&ev=Microdata&dl=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&rl=&if=false&ts=1671552081875&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Nobu%20Hotel%20Los%20Cabos%20-%20Reservations%20-%20Room%20Availability%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1671552079773.2038125639&it=1671552079653&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 20 Dec 2022 16:01:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H/1.1 200 getLeadAvailability
services-p1.synxis.com/gw/product/v1/ Frame 0
0 348ms
116ms Preflight 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/gw/product/v1/getLeadAvailability

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.241.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: activityid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://reservations.nobuhotels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Conversation-ID: 17tnebz8i
Date: Tue, 20 Dec 2022 16:01:22 GMT
Message-ID: 1jwayg1lm
Transfer-Encoding: chunked
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Forwarded-Host: services-p1.synxis.com
X-Iinfo: 9-400290676-400290734 NNNN CT(19 9 0) RT(1671552081772 209) q(0 0 1 11) r(1 1) U5
access-control-allow-credentials: true
access-control-allow-headers: activityid,authorization,content-type
access-control-allow-methods: POST
access-control-allow-origin: https://reservations.nobuhotels.com
access-control-max-age: 3600
access-control-request-headers: activityid,authorization,content-type
access-control-request-method: POST
cache-control: no-cache
cdn-loop: IncapCDN; id="1362_2695530"
content-encoding: gzip
incap-client-ip: 149.56.153.183
incap-proxy-1362: OK
origin: https://reservations.nobuhotels.com
pragma: no-cache
referer: https://reservations.nobuhotels.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
x-cloud-trace-context: 90359202f942a42cf8faab36c23d2019/8520000372888541054
x-content-type-options: nosniff
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
x-forwarded-proto: https

OPTIONS
H/1.1 200 getLeadAvailability
services-p1.synxis.com/gw/product/v1/ Frame 0
0 346ms
114ms Preflight 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/gw/product/v1/getLeadAvailability

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.241.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: activityid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://reservations.nobuhotels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Conversation-ID: 20j8qqzjc
Date: Tue, 20 Dec 2022 16:01:21 GMT
Message-ID: 19b87brgm
Transfer-Encoding: chunked
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Forwarded-Host: services-p1.synxis.com
X-Iinfo: 9-400290677-400290735 NNNN CT(16 8 0) RT(1671552081772 210) q(0 0 1 13) r(1 1) U5
access-control-allow-credentials: true
access-control-allow-headers: activityid,authorization,content-type
access-control-allow-methods: POST
access-control-allow-origin: https://reservations.nobuhotels.com
access-control-max-age: 3600
access-control-request-headers: activityid,authorization,content-type
access-control-request-method: POST
cache-control: no-cache
cdn-loop: IncapCDN; id="1362_2695530"
content-encoding: gzip
incap-client-ip: 149.56.153.183
incap-proxy-1362: OK
origin: https://reservations.nobuhotels.com
pragma: no-cache
referer: https://reservations.nobuhotels.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
x-cloud-trace-context: 90ae27426fb713773d109dfd4226bfc4/6831230439806376602
x-content-type-options: nosniff
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
x-forwarded-proto: https

GET
H2 200 superfastiframe.html Show response
forge.gtsgapps.com/ Frame 1FBB 163 B
519 B 84ms
83ms Document
text/html 2600:9000:20ee:1800:1:279d:1d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://forge.gtsgapps.com/superfastiframe.html
Requested by: Host: forge.gtsgapps.com
URL: https://forge.gtsgapps.com/swApp.js?hotel=rcd-nobu-los-cabo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ee:1800:1:279d:1d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3670c41cbeb304353600463d4de4c43b145c72138e40feca796d24e704d4813

Request headers

Referer: https://reservations.nobuhotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 19510
cache-control: max-age=21600
content-length: 163
content-type: text/html
date: Tue, 20 Dec 2022 10:36:13 GMT
etag: "48739c9a2507909df7c585aac45fd57c"
last-modified: Mon, 19 Dec 2022 16:27:12 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 78ece21c53165b68619b053629326ac8.cloudfront.net (CloudFront)
x-amz-cf-id: 4Bvx73ADRfphwjwYyAY6D3HsNcroXl_aeYgCFEC1f5AkXmgU9QCxKw==
x-amz-cf-pop: BOS50-C2
x-cache: Hit from cloudfront

GET
H2 200 iframe.js Show response
forge.gtsgapps.com/ Frame 1FBB 28 KB
9 KB 83ms
83ms Script
application/javascript 2600:9000:20ee:1800:1:279d:1d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://forge.gtsgapps.com/iframe.js
Requested by: Host: forge.gtsgapps.com
URL: https://forge.gtsgapps.com/superfastiframe.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ee:1800:1:279d:1d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17fc517bd467a15983a4394189b63d61d0e1b7b00678b27a8b54b7035f42acee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://forge.gtsgapps.com/superfastiframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:36:13 GMT
content-encoding: gzip
via: 1.1 78ece21c53165b68619b053629326ac8.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 16:27:12 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C2
age: 19510
etag: W/"14719bef932c86a2937c09736a551ba5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=21600
x-amz-cf-id: c1H4bHpsw-MchmnLr9vxxTc_W4eDxgkmV48_iT1XvuMoaDaXh1_CvQ==

GET
H2 200 / Show response
api.ipify.org/ Frame 1FBB 23 B
114 B 66ms
18ms XHR
application/json 64.185.227.156
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: forge.gtsgapps.com
URL: https://forge.gtsgapps.com/iframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.156 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-227-156.static.webnx.com
Software: /
Resource Hash: f18cd485b383d043ba2ad4c63e3eb75239e7296a81e0ea782a0899afe1477dd5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://forge.gtsgapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://forge.gtsgapps.com
date: Tue, 20 Dec 2022 16:01:22 GMT
content-length: 23
vary: Origin
content-type: application/json

GET
H/1.1 200
OK dataStream.js Show response
reservations.nobuhotels.com/public/js/ 10 KB
3 KB 327ms
327ms Script
application/javascript 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/dataStream.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

04025905c78ae9f9cc78a58e1387aa677c8548a8a5894eaa94447f082cf2c23f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Last-Modified: Mon, 05 Dec 2022 12:49:23 GMT
X-CDN: Imperva
Content-Encoding: gzip
ETag: W/"277a-184e2557838"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 10-555896769-555894922 2NYN RT(1671552079216 3298) q(0 0 0 -1) r(3 3) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 / Show response
cr4dl.gtsgapps.com/api/v1/hotels/hotel-algorithm/ 145 B
366 B 49ms
49ms XHR
application/json 44.195.110.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cr4dl.gtsgapps.com/api/v1/hotels/hotel-algorithm/?hotel=rcd-nobu-los-cabo&user_id=fffd3863-c5df-484a-bee0-dd031018ff02

Requested by

Host: forge.gtsgapps.com
URL: https://forge.gtsgapps.com/swApp.js?hotel=rcd-nobu-los-cabo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.110.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-110-233.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

bdae92e65d1e25119560524820a0067f91494bddbde48565ecfff782749e587f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:22 GMT
server: gunicorn/19.9.0
allow: GET, HEAD, OPTIONS
x-frame-options: SAMEORIGIN
content-type: application/json
vary: Origin
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 145
expires: Tue, 20 Dec 2022 17:01:22 GMT

GET
H2 200 / Show response
mes4.gtsgapps.com/api/v1/rewards/personalized-device-ternary-cost/ 4 KB
4 KB 779ms
689ms XHR
application/json 3.224.104.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mes4.gtsgapps.com/api/v1/rewards/personalized-device-ternary-cost/?user_id=fffd3863-c5df-484a-bee0-dd031018ff02&region_hash=6b1c8f11e164fa3d1ed80232b3db7d201face81f&algorithm_id=5611&hotel=14617&user_ip=149.56.153.183

Requested by

Host: forge.gtsgapps.com
URL: https://forge.gtsgapps.com/swApp.js?hotel=rcd-nobu-los-cabo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.104.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-104-191.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

f0128d0bcebcb313014e06e4416ae7c23ba042ed0c9565656082d171cab368cf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:23 GMT
server: gunicorn/19.9.0
allow: GET, HEAD, OPTIONS
x-frame-options: SAMEORIGIN
content-type: application/json
vary: Origin
access-control-allow-origin: *
cache-control: max-age=600
content-length: 3685
expires: Tue, 20 Dec 2022 16:11:23 GMT

GET
H/1.1 200
OK dxgtm.js Show response
reservations.nobuhotels.com/public/js/ 63 KB
9 KB 264ms
264ms Script
application/javascript 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/public/js/dxgtm.js

Requested by

Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/dataStream.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e03678fb1a6b476aaa19050ea0bc60147c6c5e1e78be5e912b16f9183e6d5c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Last-Modified: Mon, 05 Dec 2022 12:49:23 GMT
X-CDN: Imperva
Content-Encoding: gzip
ETag: W/"fb5c-184e2557838"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 10-555896769-555892919 2NYN RT(1671552079216 3656) q(0 0 0 -1) r(3 3) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 84ms
43ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DDTRQMB30T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-585SFGN

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

829234d608da2d2a116b304cef7ab8286e5d3eaccfa2c5066f21ae8b272e1bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76373
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 16:01:23 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 82ms
32ms XHR
text/plain 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-106819988-1&cid=1113919994.1671552080&jid=666899498&gjid=1842617413&_gid=1192877900.1671552080&_u=aGDAiEABRAAAAGAAI~&z=1874041674

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W866TTJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 14:44:11 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4632
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 20 Dec 2022 16:44:11 GMT

GET
H/1.1 200
OK duetto.js Show response
capture.duettoresearch.com/assets/js/duetto/ 10 KB
5 KB 353ms
82ms Script
application/javascript 52.43.15.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.duettoresearch.com/assets/js/duetto/duetto.js
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.15.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-15-42.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 29a22b4d54f9fb7191e9e6c63f11af14a6e34fb7b66720021f18bd533bac9018

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Dec 2022 10:00:03 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800,public,must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4353

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 59ms
33ms XHR
text/plain 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-107225694-2&cid=1113919994.1671552080&jid=668872317&gjid=2060837463&_gid=1192877900.1671552080&_u=aGHAiEABRAAAAGAAI~&z=251293608

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 162 Show response
beacon.sojern.com/pixel/cp/ 4 KB
1 KB 85ms
40ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/162?f_v=cp_v3_js&p_v=1&hd1=2022%2F12%2F20&hd2=2022%2F12%2F21&hc1=&hs1=&hn1=&hb=Nobu%20Hotel%20Los%20Cabos&hr=1&hc=&tch=0&tad=2&t=2&hd=1&hp=&hcu=USD&hconfno=&hdc=&hpr=Nobu%20Los%20Cabos&hpid=7999&pt=SEARCH&et=hs
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 7ef76a816ed776637195f9a3cecc5f9095e07e0260a4da7df12532a88b6af659

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:23 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 826

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 15:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 20 Dec 2022 16:55:18 GMT

GET
H2 200 / Show response
gatag.it/v2/ 15 KB
15 KB 111ms
47ms Script
application/javascript 52.72.241.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gatag.it/v2/
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/dxgtm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.241.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-241-80.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 64b58c75d96c74e9f836236ca9764b5c55ac3d58d91fe295bb76a6b1cf320c11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/javascript
date: Tue, 20 Dec 2022 16:01:23 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1731351748&t=pageview&_s=1&dl=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&dp=ngbe%2F7999%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Nobu%20Hotel%20Los%20Cabos%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABRAAAACAAI~&jid=666899498&gjid=1842617413&cid=1113919994.1671552080&tid=UA-106819988-1&_gid=1192877900.1671552080&gtm=2wgbu0W866TTJ&cd1=7999&cd2=20034&cd3=RCD%20Resorts&cd4=Nobu%20Hotel%20Los%20Cabos&cd29=DFT&cd30=DFT&cd31=Cabo%20San%20lucas&cd32=Baja%20California%20Sur&cd33=Mexico&cd34=23473&cd36=25&cd37=1&cd38=2022%2F12%2F20&cd39=2022%2F12%2F21&cd40=0&cd41=1&cd42=&cd43=&cd44=&cd45=&cd46=2&cd47=0&cd48=False&cd49=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&cd50=empty&z=1486070635

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 02:03:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50253
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1731351748&t=pageview&_s=1&dl=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&dp=sbe%2F7999%2Fbooking-engine%2Frooms&ul=en-us&de=UTF-8&dt=Nobu%20Hotel%20Los%20Cabos%20-%20Reservations%20-%20Room%20Availability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAiEABRAAAAGAAI~&jid=668872317&gjid=2060837463&cid=1113919994.1671552080&tid=UA-107225694-2&_gid=1192877900.1671552080&gtm=2wgbu0585SFGN&cd1=7999&cd2=20034&cd3=RCD%20Resorts&cd4=Nobu%20Hotel%20Los%20Cabos&z=1985480527

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 02:03:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50253
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200 events
services-p1.synxis.com/gw/v1/log/ Frame 0
0 787ms
486ms Preflight 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://reservations.nobuhotels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Conversation-ID: 13ph1nuw2
Date: Tue, 20 Dec 2022 16:01:23 GMT
Message-ID: 198vbu13g
Transfer-Encoding: chunked
Vary: Origin
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Forwarded-Host: services-p1.synxis.com
X-Iinfo: 9-400290676-400290734 SNNN RT(1671552081772 2029) q(0 0 0 2) r(4 4) U5
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://reservations.nobuhotels.com
access-control-max-age: 3600
access-control-request-headers: content-type
access-control-request-method: POST
cache-control: no-cache
cdn-loop: IncapCDN; id="1362_2695530"
content-encoding: gzip
incap-client-ip: 149.56.153.183
incap-proxy-1362: OK
origin: https://reservations.nobuhotels.com
pragma: no-cache
referer: https://reservations.nobuhotels.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
x-cloud-trace-context: e97856ac65f27562338c4c22fe17e7ae/7496165078481387713
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
x-forwarded-proto: https

POST
H/1.1 200 events Show response
services-p1.synxis.com/gw/v1/log/ 31 B
2 KB 674ms
373ms XHR
application/json 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/modules-main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7db025befd8366a72f3b11db5696cc6f90fb8921f0abc71113050bdc739e1119

Request headers

Accept: application/json, text/plain, */*
Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

sec-fetch-mode: cors
Date: Tue, 20 Dec 2022 16:01:24 GMT
Message-ID: uc3yh1gtk
origin: https://reservations.nobuhotels.com
content-encoding: gzip
X-CDN: Imperva
accept-language: en-CA,en;q=0.9
Via: 1.1 google, 1.1 google
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
Transfer-Encoding: chunked
X-Iinfo: 9-400290676-400290734 SNNN RT(1671552081772 3036) q(0 0 0 8) r(1 1) U5
cdn-loop: IncapCDN; id="1362_2695530"
sec-fetch-dest: empty
x-forwarded-proto: https
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
X-Forwarded-Host: services-p1.synxis.com
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json;charset=UTF-8
access-control-allow-origin: https://reservations.nobuhotels.com
incap-proxy-1362: OK
x-cloud-trace-context: facc50c05ae3969abcedb491a9c15361/15893965821376586291
cache-control: no-cache
access-control-allow-credentials: true
referer: https://reservations.nobuhotels.com/
Vary: Origin
sec-fetch-site: cross-site
Conversation-ID: 11lj4mygx
incap-client-ip: 149.56.153.183

POST
H/1.1 200 events Show response
services-p1.synxis.com/gw/v1/log/ 31 B
2 KB 378ms
78ms XHR
application/json 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/modules-main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7db025befd8366a72f3b11db5696cc6f90fb8921f0abc71113050bdc739e1119

Request headers

Accept: application/json, text/plain, */*
Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

sec-fetch-mode: cors
Date: Tue, 20 Dec 2022 16:01:23 GMT
Message-ID: 59vmco92u
origin: https://reservations.nobuhotels.com
content-encoding: gzip
X-CDN: Imperva
accept-language: en-CA,en;q=0.9
Via: 1.1 google, 1.1 google
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
Transfer-Encoding: chunked
X-Iinfo: 0-37557787-37557793 SNNN RT(1671552083807 391) q(0 1 1 1) r(1 1) U5
cdn-loop: IncapCDN; id="1362_2695530"
sec-fetch-dest: empty
x-forwarded-proto: https
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
X-Forwarded-Host: services-p1.synxis.com
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json;charset=UTF-8
access-control-allow-origin: https://reservations.nobuhotels.com
incap-proxy-1362: OK
x-cloud-trace-context: 33d43f5e7d6f8daa0af5817fd609db84/18422555274230114692
cache-control: no-cache
access-control-allow-credentials: true
referer: https://reservations.nobuhotels.com/
Vary: Origin
sec-fetch-site: cross-site
Conversation-ID: 1uw47fger
incap-client-ip: 149.56.153.183

OPTIONS
H/1.1 200 events
services-p1.synxis.com/gw/v1/log/ Frame 0
0 404ms
69ms Preflight 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://reservations.nobuhotels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Conversation-ID: q1gi3vk3b
Date: Tue, 20 Dec 2022 16:01:23 GMT
Message-ID: 2ekkqcx1g
Transfer-Encoding: chunked
Vary: Origin
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Forwarded-Host: services-p1.synxis.com
X-Iinfo: 0-37557787-37557793 NNNN CT(2 11 0) RT(1671552083807 19) q(0 0 0 0) r(0 0) U5
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://reservations.nobuhotels.com
access-control-max-age: 3600
access-control-request-headers: content-type
access-control-request-method: POST
cache-control: no-cache
cdn-loop: IncapCDN; id="1362_2695530"
content-encoding: gzip
incap-client-ip: 149.56.153.183
incap-proxy-1362: OK
origin: https://reservations.nobuhotels.com
pragma: no-cache
referer: https://reservations.nobuhotels.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
x-cloud-trace-context: e3f4521238d934f5f704d5346d68427a/8314731903545156826
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
x-forwarded-proto: https

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 83ms
38ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107225694-2&cid=1113919994.1671552080&jid=668872317&_u=aGHAiEABRAAAAGAAI~&z=1474330183

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 90ms
40ms Image
image/gif 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107225694-2&cid=1113919994.1671552080&jid=668872317&_u=aGHAiEABRAAAAGAAI~&z=1474330183

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 34ms
33ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DDTRQMB30T&gtm=2oebu0&_p=1731351748&cid=1113919994.1671552080&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=reservations.nobuhotels.com%2Fsbe%2F7999%2Fbooking-engine%2Frooms&dt=Nobu%20Hotel%20Los%20Cabos%20-%20Reservations%20-%20Room%20Availability&sid=1671552083&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DDTRQMB30T&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=11544281;dc_pre=CPTgtOHIiPwCFcVXwQod70AIUw;type=searc0;cat=nobul0;qty=1;cost=0;u1=;u2=;u3=USD;u4=2022%252F12%252F20;u5=2022%252F12%252F21;u8=;u9=1;u10=;u11=;u12=1;u13=;u16=;u17=Nobu%2BHotel%2BL...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11544281;type=searc0;cat=nobul0;qty=1;cost=0;u1=;u2=;u3=USD;u4=2022%252F12%252F20;u5=2022%252F12%252F21;u8=;u9=1;u10=;u11=;u12=1;u13=;u16=;u17=Nobu%2BHot...
https://ad.doubleclick.net/ddm/activity/src=11544281;dc_pre=CPTgtOHIiPwCFcVXwQod70AIUw;type=searc0;cat=nobul0;qty=1;cost=0;u1=;u2=;u3=USD;u4=2022%252F12%252F20;u5=2022%252F12%252F21;u8=;u9=1;u10=;u...
https://adservice.google.com/ddm/fls/z/src=11544281;dc_pre=CPTgtOHIiPwCFcVXwQod70AIUw;type=searc0;cat=nobul0;qty=1;cost=0;u1=;u2=;u3=USD;u4=2022%252F12%252F20;u5=2022%252F12%252F21;u8=;u9=1;u10=;u1...

42 B
494 B

93ms
42ms

Image
image/gif

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11544281;dc_pre=CPTgtOHIiPwCFcVXwQod70AIUw;type=searc0;cat=nobul0;qty=1;cost=0;u1=;u2=;u3=USD;u4=2022%252F12%252F20;u5=2022%252F12%252F21;u8=;u9=1;u10=;u11=;u12=1;u13=;u16=;u17=Nobu%2BHotel%2BLos%2BCabos;u19=7999;u20=Nobu%2BLos%2BCabos;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Protocol

Server

2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=11544281;dc_pre=CPTgtOHIiPwCFcVXwQod70AIUw;type=searc0;cat=nobul0;qty=1;cost=0;u1=;u2=;u3=USD;u4=2022%252F12%252F20;u5=2022%252F12%252F21;u8=;u9=1;u10=;u11=;u12=1;u13=;u16=;u17=Nobu%2BHotel%2BLos%2BCabos;u19=7999;u20=Nobu%2BLos%2BCabos;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=APNhuZ-dknPBTg2KVEFO1Q&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4...
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=APNhuZ-dknPBTg2KVEFO1Q&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj&sjrn_ula=774401732&google_gid=CAESEAg7AKdtSOAIV5IKkaGIUYU&google_cver=1

42 B
58 B

54ms
38ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj&sjrn_ula=774401732&google_gid=CAESEAg7AKdtSOAIV5IKkaGIUYU&google_cver=1
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 20 Dec 2022 16:01:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj&sjrn_ula=774401732&google_gid=CAESEAg7AKdtSOAIV5IKkaGIUYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=APNhuZ-dknPBTg2KVEFO1Q&google_nid=sojern_adh
https://cm.g.doubleclick.net/pixel?google_hm=APNhuZ-dknPBTg2KVEFO1Q&google_nid=sojern_adh&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDorAE91bGwcVyah4c6-BQoFff_4N9sAzC9cUyGtFprcRv3Kmg13kGalxT5oQFhFjmxBbHJBchbo0VDncDCnAaXfIISgU3GbNrxGmc7C_72HV-bBtWKg
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorAE91bGwcVyah4c6-BQoFff_4N9sAzC9cUyGtFprcRv3Kmg13kGalxT5oQFhFjmxBbHJBchbo0VDncDCnAaXfIISgU3GbNrxGmc7C_72HV-bBtWKg

170 B
244 B

48ms
37ms

Image
image/png

2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDorAE91bGwcVyah4c6-BQoFff_4N9sAzC9cUyGtFprcRv3Kmg13kGalxT5oQFhFjmxBbHJBchbo0VDncDCnAaXfIISgU3GbNrxGmc7C_72HV-bBtWKg

Protocol

Server

2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:24 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorAE91bGwcVyah4c6-BQoFff_4N9sAzC9cUyGtFprcRv3Kmg13kGalxT5oQFhFjmxBbHJBchbo0VDncDCnAaXfIISgU3GbNrxGmc7C_72HV-bBtWKg
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj
https://pixel.sojern.com/idsync/apn?id=6424406804217236213&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj

42 B
263 B

48ms
39ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=6424406804217236213&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 20 Dec 2022 16:01:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Date: Tue, 20 Dec 2022 16:01:23 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 35d8ad99-ba81-45ce-a3f6-81e686b3c16d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://pixel.sojern.com/idsync/apn?id=6424406804217236213&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=bd48c3f7-d0f2-41dd-969d-571f38872de1&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj

42 B
287 B

46ms
38ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=bd48c3f7-d0f2-41dd-969d-571f38872de1&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 20 Dec 2022 16:01:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.sojern.com/idsync/ttd?id=bd48c3f7-d0f2-41dd-969d-571f38872de1&sjrn_id=9qZonkEEZpzH0vKV44CqpIkPvw6fwtJ0-Gyxf6HsIGpBwfmTmA4fD64buJXtGXWj
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 327

GET
H2 200 ga.js Show response
google-analytics.com/ 45 KB
17 KB 87ms
20ms Script
text/javascript 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/ga.js

Requested by

Host: gatag.it
URL: https://gatag.it/v2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 15:53:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 454
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 20 Dec 2022 17:53:49 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
34ms Ping
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
33ms Ping
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
33ms Ping
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
34ms Ping
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
396 B 88ms
38ms Image
image/gif 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1728046812&utmhn=reservations.nobuhotels.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Nobu%20Hotel%20Los%20Cabos%20-%20Reservations%20-%20Room%20Availability&utmhid=1731351748&utmr=-&utmp=%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&utmht=1671552083789&utmac=UA-41848973-1&utmcc=__utma%3D72319120.1113919994.1671552080.1671552084.1671552084.1%3B%2B__utmz%3D72319120.1671552084.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1962117162&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAABAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.php Show response
www.gatag.it/ 146 B
764 B 118ms
32ms Script
application/javascript 52.72.241.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gatag.it/index.php?&skey=$48R3&device=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&callback=callback
Requested by: Host: gatag.it
URL: https://gatag.it/v2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.241.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-241-80.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 50f10898342061c80fea923b4a5ec511ce9e9fe32457dc69ecb5524bd3a8b44e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length: 146
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

smile.gif
capture.gatag.it/
Redirect Chain

https://capture.gatag.it/?act=0&cid=0&apikey=%3FYXZkew%253D%253D&type=look&name=Nobu%20Hotel%20Los%20Cabos&promo=&iata=&group=&arrival=2022%2F12%2F20&depart=2022%2F12%2F21&template=NGBE&chain=20034...
https://capture.gatag.it/smile.gif

43 B
541 B

24ms
24ms

Image
image/gif

52.72.241.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.gatag.it/smile.gif
Protocol: H2
Server: 52.72.241.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-241-80.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:24 GMT
last-modified: Tue, 05 Apr 2022 12:37:22 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "2b-5dbe7819c8480"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:23 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type: text/html; charset=UTF-8
location: /smile.gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK reports
reservations.nobuhotels.com/ 3 KB
1 KB 231ms
230ms Other
application/json 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://reservations.nobuhotels.com/reports?hid=7999&cid=20034&sid=YFNp-QIwcRyWeaQxNM6lZfjA

Requested by

Host: capture.duettoresearch.com
URL: https://capture.duettoresearch.com/assets/js/duetto/duetto.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.18.235 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c289dd04002a8841e894d707dca2d6ef43d1a5029b72d8d56d68bcdc571ae8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Tue, 20 Dec 2022 16:01:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Encoding: gzip
X-CDN: Imperva
ETag: W/"ce4-ul3Tq1H2ibWlvm58Xqsv52Mop7w"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
X-Iinfo: 10-555896769-555897092 SNYN RT(1671552079216 4683) q(0 1 1 -1) r(3 3) U6
Connection: keep-alive

POST receiver
capture.duettoresearch.com/ 0
0

GET
H/1.1 200
OK receiver
capture.duettoresearch.com/ 0
124 B 85ms
85ms Image
image/gif 52.43.15.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.duettoresearch.com/receiver?p0=%7B%22t%22%3A%22s%22%2C%22sd%22%3A%2220%2F12%2F2022%22%2C%22ed%22%3A%2221%2F12%2F2022%22%2C%22cc%22%3A%22USD%22%2C%22h%22%3A%227999%22%2C%22a%22%3A%22ca2020%22%2C%22u%22%3A%2212283025661695%22%7D&r=1671552083925&t=1481444621&a=ca2020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.15.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-15-42.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 16:01:23 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif

GET
H2 200 hotel_price_widget.js Show response
www.thehotelsnetwork.com/js/ 21 KB
9 KB 221ms
156ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092173&property_id=1016664&account_key=575A0F1A52C95EE2875BE07077C78D1F

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-585SFGN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5595f9316acf025320a453c4a2d8c37ffe453169d5d52356928ff2f839690384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:25 GMT
content-encoding: gzip
via: 1.1 df1151801209e878a7d395961b098b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
x-iinfo: 4-225086905-225086918 NNNN CT(17 5 0) RT(1671552085488 54) q(0 0 0 10) r(0 1) U5
pragma: no-cache
last-modified: Tue, 20 Dec 2022 15:34:12 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: max-age=7200
access-control-allow-credentials: true
x-amz-cf-id: PFbRpQNoSJ-IvsZES8QkUlIDdtcgG9xjMdcwePZ3EeMrg_cIco8-gA==

GET
H3

200

ps Show response
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=5093&pg=st&hcd=7999&
https://tag.yieldoptimizer.com/ps/ps?tc=637144909&t=s&p=5093&pg=st&hcd=7999&

1 KB
1 KB

67ms
42ms

Script
text/javascript

35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=637144909&t=s&p=5093&pg=st&hcd=7999&
Protocol: H3
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 460ae44f8b624e082a723f8cb7ed0f05dad32fd39fbeffd98f41374205f8662b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:24 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1328
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:25 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=637144909&t=s&p=5093&pg=st&hcd=7999&
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 85 KB
26 KB 85ms
19ms Script
application/javascript 23.34.59.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.62 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-62.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c3d9114c411c54b4adefe9e468878650721d1263d5643327e84cb3f2acf6a5d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 8dR3BCAziQkJNC3UwMctuGtkP2QmtGGm
content-encoding: br
date: Tue, 20 Dec 2022 16:01:25 GMT
last-modified: Tue, 13 Dec 2022 11:41:35 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: W/"1002592848acddbc8063e8c73ae9e3e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: RiCWvVl3PdJBxK-88fHqwlscm9458HiVWO-K7esTq5FXYdwN4iYcqA==
content-length: 26057
expires: Wed, 21 Dec 2022 00:01:25 GMT

GET
H3 200 296874611982149 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 24ms
23ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/296874611982149?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d1a9192cd71e043d6f9d26966fb335dc9e2efe4147c27df05da03afee30b6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 20 Dec 2022 16:01:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85883
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: F/hTZjFSgjUIWkGgFeIX1VcNkvXigeSEqDro4MmxYKXyF+cEQsThN4Qs1VTxOupptFno/3zFodWBDghggh/RQg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=296874611982149&ev=PageView&dl=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&rl=&if=false&ts=1671552085637&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671552079773.2038125639&it=1671552079653&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 20 Dec 2022 16:01:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 400 B
623 B 150ms
87ms Script
application/javascript 23.34.59.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=6669831&url=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&channel_type=code&jsonp=__tw128m3xrnq

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.24 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5a79b80316a1ce911a1254deb622f74e8b678f0175f8348d8dfee09c6eb4176

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://reservations.nobuhotels.com/;
X-Frame-Options	allow-from https://reservations.nobuhotels.com/

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://reservations.nobuhotels.com/;
legacy: 2023-06-30
date: Tue, 20 Dec 2022 16:01:25 GMT
content-length: 400
vary: Accept-Encoding
x-frame-options: allow-from https://reservations.nobuhotels.com/
content-type: application/javascript; charset=UTF-8

GET
H3 200 pixel
cm.g.doubleclick.net/ 170 B
188 B 41ms
40ms Image
image/png 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MjAyODQ1MTEyMzE1NQ&google_sc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1
https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=bd48c3f7-d0f2-41dd-969d-571f38872de1

43 B
68 B

39ms
38ms

Image
image/gif

35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=bd48c3f7-d0f2-41dd-969d-571f38872de1
Protocol: H3
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:24 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=bd48c3f7-d0f2-41dd-969d-571f38872de1
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 213

GET
H2 200 394499.gif
idsync.rlcdn.com/ 42 B
449 B 80ms
42ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/394499.gif?partner_uid=2028451123155
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:25 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 aasync
tag.adaraanalytics.com/ps/ 0
413 B 75ms
38ms Image
text/plain 35.190.67.248
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.adaraanalytics.com/ps/aasync?ckid=MjAyODQ1MTEyMzE1NXwxNjcxNTUyMDg1Njkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.67.248 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 248.67.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:25 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

src=9368825;dc_pre=CLbfsuLIiPwCFemDywEdCKsEtQ;type=invmedia;cat=aic-50;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9368825;type=invmedia;cat=aic-50;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9368825;dc_pre=CLbfsuLIiPwCFemDywEdCKsEtQ;type=invmedia;cat=aic-50;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...
https://adservice.google.com/ddm/fls/z/src=9368825;dc_pre=CLbfsuLIiPwCFemDywEdCKsEtQ;type=invmedia;cat=aic-50;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_con...

42 B
63 B

80ms
38ms

Image
image/gif

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9368825;dc_pre=CLbfsuLIiPwCFemDywEdCKsEtQ;type=invmedia;cat=aic-50;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Protocol

Server

2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=9368825;dc_pre=CLbfsuLIiPwCFemDywEdCKsEtQ;type=invmedia;cat=aic-50;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=8072699385364612712

43 B
68 B

40ms
40ms

Image
image/gif

35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=8072699385364612712
Protocol: H3
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:25 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=8072699385364612712
pragma: no-cache
date: Tue, 20 Dec 2022 16:01:25 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2028451123155
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=2028451123155

42 B
941 B

48ms
48ms

Image
image/gif

3.227.104.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=2028451123155

Protocol

HTTP/1.1

Server

3.227.104.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-104-119.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-090086c49.edge-va6.demdex.com 14 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ikHi2cKjTqg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v044-03ed1250d.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: hgFVLjNDRWU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=2028451123155
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 usermatch.gif
beacon.krxd.net/ 0
338 B 77ms
24ms Image
text/plain 54.85.136.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adara&partner_uid=2028451123155
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.136.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-136-197.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n038-ash-prod.krxd.net
date: Tue, 20 Dec 2022 16:01:25 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1671552085
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADARA
https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA
https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-6_eDcPVE2pHGjq4UafGECi7czuOT4kuXJ4M-~A

43 B
68 B

38ms
38ms

Image
image/gif

35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-6_eDcPVE2pHGjq4UafGECi7czuOT4kuXJ4M-~A
Protocol: H3
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:25 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-6_eDcPVE2pHGjq4UafGECi7czuOT4kuXJ4M-~A
date: Tue, 20 Dec 2022 16:01:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 / Show response
www.thehotelsnetwork.com/widget/core/latest/hub/ Frame D246 5 KB
2 KB 20ms
20ms Document
text/html 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/latest/hub/

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092173&property_id=1016664&account_key=575A0F1A52C95EE2875BE07077C78D1F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

53928dd92112d26f38075c7976bb33441fd6a5baa4ff4e4510fcbefb2b5e8bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://reservations.nobuhotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 2035
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 16:01:25 GMT
etag: W/"63a1b9b1-11fd"
last-modified: Tue, 20 Dec 2022 13:33:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 4-225086905-0 0CNN RT(1671552085488 211) q(0 -1 -1 -1) r(1 -1)

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 4 KB
1 KB 91ms
90ms Script
application/javascript 23.34.59.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=6669831&version=3609.8.8.4506.1595.1434.463.15.5.5.5.9.406&group_id=35&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.24 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74f9d9df4ca79ed105f44cfacf249f74ffbc757eb5ad60bd893c48b257447757

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:25 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=600
content-length: 1239
expires: Tue, 20 Dec 2022 16:11:25 GMT

GET
H2 200 _Incapsula_Resource Show response
www.thehotelsnetwork.com/ Frame D246 137 KB
19 KB 25ms
25ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1865936083

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

21886cd4fe5a339a5b03394227af4c1c1f2c096c4071db2be1cb3caa71abedbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19834
content-type: application/javascript

GET
H2 200 get_loader_data Show response
www.thehotelsnetwork.com/ 15 KB
7 KB 95ms
95ms Fetch
application/json 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/get_loader_data?hotel_id=1092173&property_id=1016664&account_key=575A0F1A52C95EE2875BE07077C78D1F

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092173&property_id=1016664&account_key=575A0F1A52C95EE2875BE07077C78D1F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5b4d5266b41c8719e967db2d0f426718418eb20455fcc942afa4ac1507774d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:25 GMT
content-encoding: gzip
via: 1.1 df1151801209e878a7d395961b098b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
x-iinfo: 4-225086905-225086918 PNNN RT(1671552085488 248) q(0 0 0 -1) r(1 1) U5
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: SYYxEpYsuIZXmfSDRcsWocNtjkHaKFxnlg3G_hzbcD3u1l3FTqnfKA==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _Incapsula_Resource
www.thehotelsnetwork.com/ Frame D246 1 B
36 B 21ms
20ms Image
text/plain 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thehotelsnetwork.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7172940780667447

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame 80D0 9 KB
3 KB 99ms
89ms Document
text/html 23.34.59.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=6669831&group=35&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.24 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3390a693f5406d48939010f979c81633288e3ea49119b9660422537daef4d56b

Request headers

Referer: https://reservations.nobuhotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-length: 2558
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 16:01:26 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 11 KB
4 KB 81ms
80ms Script
application/javascript 23.34.59.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=6669831&version=ff93808ef52c6dd040640c4853b854bd_54b38ce21f91378e0506dbdcf6be4489&language=en&group_id=35&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.24 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55aad2b591c7f93a64378e2e95bebfdecac9317b7e1cad27f58824541a52cbdb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:26 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=600
content-length: 3799
expires: Tue, 20 Dec 2022 16:11:26 GMT

GET
H2 200 index.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 400 KB
104 KB 83ms
46ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=cf12a4d7

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1092173&property_id=1016664&account_key=575A0F1A52C95EE2875BE07077C78D1F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cd13fb47ebda7c6c5b3fe86e6a177801b7b404921536ffb77b321cffdbe85e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://reservations.nobuhotels.com/
Origin: https://reservations.nobuhotels.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 20 Dec 2022 14:43:08 GMT
x-cdn: Imperva
etag: W/"63a1c9fc-63ea5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 14-468513777-0 0CNN RT(1671552085880 42) q(0 -1 -1 4) r(0 -1)
cache-control: max-age=0
content-length: 106110

GET
H2 200 0.0f55d8dd.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 80D0 46 KB
16 KB 19ms
19ms Script
application/javascript 23.34.59.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=6669831&group=35&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.62 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-62.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8250a0a8a2b63bfae72b2604bc53e7764530aa08651e7c0cb253a90a6c762a8c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: FTaBdM5aPM6e3Wa0SH3EvXHWpAST4v3U
content-encoding: gzip
date: Tue, 20 Dec 2022 16:01:26 GMT
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: ayWyg1yDl1FFns8xsWBk2jbyYxtf2uy8yy6wkh9m8Ab5YA6sb62agA==
content-length: 15960
expires: Wed, 20 Dec 2023 16:01:26 GMT

GET
H2 200 1.e70c3212.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 80D0 209 KB
65 KB 24ms
23ms Script
application/javascript 23.34.59.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/1.e70c3212.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=6669831&group=35&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.62 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-62.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0632db5862332ab9532c662a841ffcf248e251a3598c47af1c161397f86b83c0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 4he9aXnAzzD0s9QWqf7vYLwfUTS9PPNG
content-encoding: br
date: Tue, 20 Dec 2022 16:01:26 GMT
last-modified: Tue, 13 Dec 2022 11:41:36 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: W/"baae8b5a0b52d6c3a7fb6e64c0990eb9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: iC0JfgB_syZ7z7nm8Y68yTwkVuiRK7hP1YqEj7aZS2KbiKWnn5LwsA==
content-length: 66240
expires: Wed, 20 Dec 2023 16:01:26 GMT

GET
H2 200 iframe.0d6400b8.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 80D0 746 KB
201 KB 24ms
24ms Script
application/javascript 23.34.59.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.0d6400b8.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=6669831&group=35&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.62 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-62.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c6b2c19c43ac95eca75453136061bc5bcf96a605118b3306323d4ffcbc98d55f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: utj8UYCLnUR5gFFx1qtxXtHc9VZ4g.Yy
content-encoding: br
date: Tue, 20 Dec 2022 16:01:26 GMT
last-modified: Tue, 13 Dec 2022 11:41:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: W/"1b85d047a703c4d9a32f8d30a125ea89"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: AuOD4_XHPFupIVgx57AEp9qXLy5-342Q44wZw5SGO6X0j27k_5EZ-A==
content-length: 205327
expires: Wed, 20 Dec 2023 16:01:26 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame 80D0 13 KB
13 KB 56ms
18ms Font
application/octet-stream 23.34.59.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=6669831&group=35&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.62 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-62.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
date: Tue, 20 Dec 2022 16:01:26 GMT
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12852
x-amz-cf-id: Ki09OfWUH6IzlYy8HMtJ8G9hrOKF2HulLKhPj8Vgb7TeqkR1fZIxyQ==
expires: Wed, 20 Dec 2023 16:01:26 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame 80D0 12 KB
13 KB 57ms
19ms Font
application/octet-stream 23.34.59.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=6669831&group=35&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.62 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-62.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
date: Tue, 20 Dec 2022 16:01:26 GMT
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12688
x-amz-cf-id: 516ep8cKK3VUO1lsgHaj7-iy8PGNzRjGfXZ2D41nFu-APelW-VCXkg==
expires: Wed, 20 Dec 2023 16:01:26 GMT

POST
H/1.1 200
OK events Show response
reservations.nobuhotels.com/gw/v1/log/ 61 B
1 KB 200ms
200ms Fetch
application/json 45.223.18.235
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://reservations.nobuhotels.com/gw/v1/log/events
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.18.235 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx /
Resource Hash: 83590481b12c52878257e2e9774856b9a1216f781fc5bc55b3ab3964a1a290d0

Request headers

Referer: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

content-encoding: gzip
X-CDN: Imperva
accept-language: en-CA,en;q=0.9
X-Iinfo: 10-555896769-555897092 SNNN RT(1671552079216 6990) q(0 0 0 -1) r(1 1) U6
cdn-loop: IncapCDN; id="358_2559050"
sec-fetch-dest: empty
Connection: keep-alive
pragma: no-cache
x-forwarded-host: reservations.nobuhotels.com
x-amzn-trace-id: Root=1-63a1dc56-468db70c07cf1e4e4b0e96e2
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json;charset=UTF-8
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache
referer: https://reservations.nobuhotels.com/?adult=2&arrive=2022-12-20&chain=20034&child=0&config=DFT&configcode=DFT&currency=USD&depart=2022-12-21&hotel=7999&level=hotel&locale=en-US&rooms=1&theme=DFT&themecode=DFT
incap-client-ip: 149.56.153.183
sec-fetch-mode: cors
Date: Tue, 20 Dec 2022 16:01:26 GMT
message-id: 1x6lx6dg2
origin: https://reservations.nobuhotels.com
via: 1.1 google, 1.1 google
x-real-ip: 10.123.78.112
x-forwarded-for: 149.56.153.183, 198.143.38.1, 10.123.78.112,10.30.2.237,10.30.0.241
x-forwarded-proto: https
Content-Length: 53
Server: nginx
incap-proxy-358: OK
access-control-max-age: 3600
access-control-allow-credentials: true
sec-fetch-site: same-origin
conversation-id: wua4mzzxk
x-forwarded-port: 443
app-env: p1

POST
H2 200 token Show response
accounts.livechatinc.com/customer/ Frame 80D0 138 B
1 KB 120ms
109ms XHR
application/json 23.34.59.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/1.e70c3212.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.24 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 135c1de5296a2c1a99f963bf1190ee02560d3da299bab443a3a62600de21b8e7

Request headers

Referer: https://secure.livechatinc.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:26 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 138
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame 80D0 13 KB
13 KB 24ms
24ms Font
application/octet-stream 23.34.59.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.62 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-62.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
date: Tue, 20 Dec 2022 16:01:26 GMT
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12852
x-amz-cf-id: Ki09OfWUH6IzlYy8HMtJ8G9hrOKF2HulLKhPj8Vgb7TeqkR1fZIxyQ==
expires: Wed, 20 Dec 2023 16:01:26 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame 80D0 12 KB
13 KB 25ms
24ms Font
application/octet-stream 23.34.59.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.62 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-62.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
date: Tue, 20 Dec 2022 16:01:26 GMT
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12688
x-amz-cf-id: 516ep8cKK3VUO1lsgHaj7-iy8PGNzRjGfXZ2D41nFu-APelW-VCXkg==
expires: Wed, 20 Dec 2023 16:01:26 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
18ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=296874611982149&ev=Microdata&dl=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&rl=&if=false&ts=1671552087194&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Nobu%20Hotel%20Los%20Cabos%20-%20Reservations%20-%20Room%20Availability%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671552079773.2038125639&it=1671552079653&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 20 Dec 2022 16:01:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 c3373f4d.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 153 KB
42 KB 19ms
19ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/c3373f4d.min.js?h=cf12a4d7

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=cf12a4d7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b57f37a06a946433919e4273b009b9026c6af04f3999f05b5806384078bc7cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://reservations.nobuhotels.com/
Origin: https://reservations.nobuhotels.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 20 Dec 2022 15:34:11 GMT
x-cdn: Imperva
etag: W/"63a1d5f3-26565"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 14-468513777-0 0CNN RT(1671552085880 1200) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 42893

GET
H2 200 ec6c1c5195eb457d8b2cba6b15191d30.min.js Show response
js.sentry-cdn.com// 2 KB
1 KB 39ms
11ms Script
text/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com//ec6c1c5195eb457d8b2cba6b15191d30.min.js

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=cf12a4d7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7001af9c7a0179ce7606b6aee1bfdd367d506e65e656656893d9af0893aa1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reservations.nobuhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 72
x-envoy-upstream-service-time: 13
content-length: 1017
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-6b588b9c8d-2wrtw, cache-yul12828-YUL
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: https://sentry.io

GET
H2 200 8c365a89.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 41 KB
14 KB 23ms
23ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/8c365a89.min.js?h=cf12a4d7

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=cf12a4d7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7838b27565b3304e12a6378452a6e13e5c4a492e9f5d7c89bfc8e785c1a74505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://reservations.nobuhotels.com/
Origin: https://reservations.nobuhotels.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 20 Dec 2022 15:29:19 GMT
x-cdn: Imperva
etag: W/"63a1d4cf-a337"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 14-468513777-0 0CNN RT(1671552085880 1256) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 13485

POST
H2 200 add_widget_url_history Show response
www.thehotelsnetwork.com/ 12 B
204 B 172ms
172ms Fetch
application/json 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/add_widget_url_history

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=cf12a4d7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a627cdef47d90beb8922c69653ebe40592d9af103fb4e925c2dee8bc0615f83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 16:01:27 GMT
content-encoding: gzip
via: 1.1 df1151801209e878a7d395961b098b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
x-iinfo: 4-225086905-225086918 PNNN RT(1671552085488 1689) q(0 0 0 -1) r(1 1) U6
pragma: no-cache
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: F4i-MFQ_uTrIf0ZewkjGGQshM2XsQQBJGY4Gq776J8RUQ3AxVRZ8wA==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 aef08f56.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 33 KB
14 KB 31ms
31ms Script
application/javascript 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/aef08f56.min.js?h=cf12a4d7

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=cf12a4d7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e4a92b97bae4ef9b15161660b85e6c3415efc46ccd736cf93bac8ea0b3c44001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://reservations.nobuhotels.com/
Origin: https://reservations.nobuhotels.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:01:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 20 Dec 2022 13:33:39 GMT
x-cdn: Imperva
etag: W/"63a1b9b3-84cc"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 14-468513777-0 0CNN RT(1671552085880 2396) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 14416

OPTIONS
H/1.1 200 events
services-p1.synxis.com/gw/v1/log/ Frame 0
0 132ms
132ms Preflight 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://reservations.nobuhotels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Conversation-ID: 2qd7jwv7z
Date: Tue, 20 Dec 2022 16:01:27 GMT
Message-ID: 27gnsh9mb
Transfer-Encoding: chunked
Vary: Origin
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Forwarded-Host: services-p1.synxis.com
X-Iinfo: 9-400290677-400290735 SNNN RT(1671552081772 6706) q(0 0 0 2) r(1 1) U5
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://reservations.nobuhotels.com
access-control-max-age: 3600
access-control-request-headers: content-type
access-control-request-method: POST
cache-control: no-cache
cdn-loop: IncapCDN; id="1362_2695530"
content-encoding: gzip
incap-client-ip: 149.56.153.183
incap-proxy-1362: OK
origin: https://reservations.nobuhotels.com
pragma: no-cache
referer: https://reservations.nobuhotels.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
x-cloud-trace-context: 3dceecd2595496963ce3fc24d2a40e96/13263151316575896881
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
x-forwarded-proto: https

OPTIONS
H/1.1 200 events
services-p1.synxis.com/gw/v1/log/ Frame 0
0 132ms
132ms Preflight 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://reservations.nobuhotels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Conversation-ID: fxfinx4yn
Date: Tue, 20 Dec 2022 16:01:28 GMT
Message-ID: 2haun18m0
Transfer-Encoding: chunked
Vary: Origin
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Forwarded-Host: services-p1.synxis.com
X-Iinfo: 9-400290676-400290734 SNNN RT(1671552081772 6706) q(0 0 0 4) r(1 1) U5
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://reservations.nobuhotels.com
access-control-max-age: 3600
access-control-request-headers: content-type
access-control-request-method: POST
cache-control: no-cache
cdn-loop: IncapCDN; id="1362_2695530"
content-encoding: gzip
incap-client-ip: 149.56.153.183
incap-proxy-1362: OK
origin: https://reservations.nobuhotels.com
pragma: no-cache
referer: https://reservations.nobuhotels.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
x-cloud-trace-context: 7bf4003a58044983add4d511b3de3d06/527801371184348713
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
x-forwarded-proto: https

POST
H/1.1 200 events Show response
services-p1.synxis.com/gw/v1/log/ 31 B
2 KB 82ms
81ms XHR
application/json 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/modules-main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7db025befd8366a72f3b11db5696cc6f90fb8921f0abc71113050bdc739e1119

Request headers

Accept: application/json, text/plain, */*
Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

sec-fetch-mode: cors
Date: Tue, 20 Dec 2022 16:01:28 GMT
Message-ID: m1imazihh
origin: https://reservations.nobuhotels.com
content-encoding: gzip
X-CDN: Imperva
accept-language: en-CA,en;q=0.9
Via: 1.1 google, 1.1 google
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
Transfer-Encoding: chunked
X-Iinfo: 9-400290677-400290735 SNNN RT(1671552081772 6812) q(0 0 0 2) r(1 1) U5
cdn-loop: IncapCDN; id="1362_2695530"
sec-fetch-dest: empty
x-forwarded-proto: https
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
X-Forwarded-Host: services-p1.synxis.com
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json;charset=UTF-8
access-control-allow-origin: https://reservations.nobuhotels.com
incap-proxy-1362: OK
x-cloud-trace-context: c646a4b56dacce3243a81255de97c7d5/12130652181835725741
cache-control: no-cache
access-control-allow-credentials: true
referer: https://reservations.nobuhotels.com/
Vary: Origin
sec-fetch-site: cross-site
Conversation-ID: 23o2rvk25
incap-client-ip: 149.56.153.183

POST
H/1.1 200 events Show response
services-p1.synxis.com/gw/v1/log/ 31 B
2 KB 121ms
121ms XHR
application/json 45.60.241.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://services-p1.synxis.com/gw/v1/log/events
Requested by: Host: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/public/js/modules-main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.241.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7db025befd8366a72f3b11db5696cc6f90fb8921f0abc71113050bdc739e1119

Request headers

Accept: application/json, text/plain, */*
Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

sec-fetch-mode: cors
Date: Tue, 20 Dec 2022 16:01:28 GMT
Message-ID: 1ry7e0es3
origin: https://reservations.nobuhotels.com
content-encoding: gzip
X-CDN: Imperva
accept-language: en-CA,en;q=0.9
Via: 1.1 google, 1.1 google
x-forwarded-for: 149.56.153.183, 198.143.38.24, 34.149.239.5
Transfer-Encoding: chunked
X-Iinfo: 9-400290676-400290734 SNNN RT(1671552081772 6813) q(0 0 0 3) r(1 1) U5
cdn-loop: IncapCDN; id="1362_2695530"
sec-fetch-dest: empty
x-forwarded-proto: https
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
X-Forwarded-Host: services-p1.synxis.com
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json;charset=UTF-8
access-control-allow-origin: https://reservations.nobuhotels.com
incap-proxy-1362: OK
x-cloud-trace-context: b5f6f0039076e60f59ce8604eff029d9/9637970617287458347
cache-control: no-cache
access-control-allow-credentials: true
referer: https://reservations.nobuhotels.com/
Vary: Origin
sec-fetch-site: cross-site
Conversation-ID: 9xs5has97
incap-client-ip: 149.56.153.183

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
37ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DDTRQMB30T&gtm=2oebu0&_p=1731351748&cid=1113919994.1671552080&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1671552083&sct=1&seg=0&dl=https%3A%2F%2Freservations.nobuhotels.com%2F%3Fadult%3D2%26arrive%3D2022-12-20%26chain%3D20034%26child%3D0%26config%3DDFT%26configcode%3DDFT%26currency%3DUSD%26depart%3D2022-12-21%26hotel%3D7999%26level%3Dhotel%26locale%3Den-US%26rooms%3D1%26theme%3DDFT%26themecode%3DDFT&dt=Nobu%20Hotel%20Los%20Cabos%20-%20Reservations%20-%20Room%20Availability&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DDTRQMB30T&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 16:01:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reservations.nobuhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 init Show response
www.thehotelsnetwork.com/agent/ 592 B
811 B 121ms
121ms Fetch
application/json 45.60.196.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/agent/init

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=cf12a4d7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f2184f8b678a81c1f44406cead1d68ebc96968452cc6ed63d7d5abb4f637dc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://reservations.nobuhotels.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 16:01:28 GMT
via: 1.1 df1151801209e878a7d395961b098b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: EWR53-C3
vary: Origin
x-cache: Miss from cloudfront
x-forwarded-for: 149.56.153.183, 198.143.38.17
access-control-allow-origin: https://reservations.nobuhotels.com
x-iinfo: 4-225086905-225086918 PNNN RT(1671552085488 3113) q(0 0 0 -1) r(1 1) U6
content-type: application/json
access-control-allow-credentials: true
content-length: 592
x-amz-cf-id: DyEvtnjy6FVv5ljGRCDZx2IrzCnIPNI_NwA389rzA9OztYu5XS-TCA==

POST get-visitor-data
www.thehotelsnetwork.com/agent/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: reservations.nobuhotels.com
URL: https://reservations.nobuhotels.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=302345713

Domain: capture.duettoresearch.com
URL: https://capture.duettoresearch.com/receiver

Domain: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/agent/get-visitor-data

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-20 17:55:12	Name: __lc_cid Value: c4e6916c-ce9a-4d36-7567-50f1ecb42134
.accounts.livechatinc.com/v2/customer/token	1970-01-20 17:55:12	Name: __lc_cst Value: fd1cf44f81edd777fc7c10fdf8081fc47c2e4593c43b241afd79a1951c3ff51754a013ed6a7867da184cd3dbf3d1f8a04c134e63b387b87da8f21bb15436
.accounts.livechatinc.com/customer/token	1970-01-20 17:55:12	Name: __lc_cid Value: c4e6916c-ce9a-4d36-7567-50f1ecb42134
.accounts.livechatinc.com/customer/token	1970-01-20 17:55:12	Name: __lc_cst Value: fd1cf44f81edd777fc7c10fdf8081fc47c2e4593c43b241afd79a1951c3ff51754a013ed6a7867da184cd3dbf3d1f8a04c134e63b387b87da8f21bb15436
reservations.nobuhotels.com/	1969-12-31 23:59:59	Name: sessionID Value: YFNp-QIwcRyWeaQxNM6lZfjA
.nobuhotels.com/	1970-01-20 17:04:24	Name: visid_incap_2559050 Value: OmO77AarSRCmBhy55js2JE7coWMAAAAAQUIPAAAAAACrmszedTaQ28umGsz839ql
.nobuhotels.com/	1969-12-31 23:59:59	Name: incap_ses_358_2559050 Value: APUyR+Ig6gJVCAvO9d/3BE/coWMAAAAApU7t3j4GFwMvpQw01KXl8Q==
.synxis.com/	1970-01-20 17:04:13	Name: visid_incap_2103294 Value: Aedu68sIR7iSKFBBbKmS1E7coWMAAAAAQUIPAAAAAAAP9mMiKo4Hfrl0CHvyw0Zf
.synxis.com/	1969-12-31 23:59:59	Name: incap_ses_1172_2103294 Value: G8gvHvY2kggErjjfkshDEE7coWMAAAAAlY0J6vMU6c08yWClcs7Dqg==
.nobuhotels.com/	1970-01-20 10:28:48	Name: _gcl_au Value: 1.1.1563199414.1671552080
.bing.com/	1970-01-20 17:40:48	Name: MUID Value: 0C293EDFC55A630A02782C5FC4F06271
.bat.bing.com/	1970-01-20 08:29:16	Name: MR Value: 0
.nobuhotels.com/	1970-01-20 08:20:38	Name: _uetsid Value: 8ad3dec0807f11edae1a21eadbfad4aa
.nobuhotels.com/	1970-01-20 17:40:48	Name: _uetvid Value: 8ad3f2b0807f11eda95eed6c28230945
.nobuhotels.com/	1970-01-20 10:28:48	Name: _fbp Value: fb.1.1671552079773.2038125639
.nobuhotels.com/	1970-01-20 08:20:38	Name: _gid Value: GA1.2.1192877900.1671552080
.nobuhotels.com/	1970-01-20 08:19:12	Name: _gat_UA-107225694-2 Value: 1
.nobuhotels.com/	1969-12-31 23:59:59	Name: apisession Value: MDAxMjF-MmV6NmNvZ2ZGMzRHTXFxUnE1dlVkTTRCT2tEVDNrZExkRCtzTStuazd5MURvTGJ2QlpNY0dtYmhsNEo1ZUVuSnFwNWo1WWVqU2xjMFlIRmNVcDhjOXNFTjgySTdvRGZHQ2UySlJDT2hMaWhKVkxoajRqZkx1WnFxSXgyOC9lWkZMWjZOM3JjWFVjbVFJY0VpZjhNeGJ0QzJydVgrQ2g2azU0TWpObm9nSzlIQmVJUDd3UkNHcDlmSVFadEI2RlhobURMWUpjQlc0NFlHS2hqMzJDODNzeTkvM0pJc3dxWXh6V01TM2MzS2JBY2l2anFPaFA3V3JVMHNaVzhNRGl3WWp5ZUkyMjZnSUMxODAwZTN1UDZYbFBlbkdCMDFoeU5vUkVtMW8wbU1GSy8wUHFVcW1MZU9WeTk0dkNsUTFFTWQ
.nobuhotels.com/	1969-12-31 23:59:59	Name: nlbi_2559050 Value: 7w9pIVtNSibaTZpvBNv7aAAAAADxO3IJTLvlSrOmN1dM44b8
.reservations.nobuhotels.com/	1970-01-20 17:55:12	Name: _ga Value: GA1.3.1113919994.1671552080
.reservations.nobuhotels.com/	1970-01-20 08:20:38	Name: _gid Value: GA1.3.1192877900.1671552080
.reservations.nobuhotels.com/	1970-01-20 08:19:12	Name: _dc_gtm_UA-106819988-1 Value: 1
.reservations.nobuhotels.com/	1970-01-20 08:19:12	Name: _dc_gtm_UA-107225694-2 Value: 1
.sojern.com/	1970-01-20 17:04:48	Name: dc-adv Value: %5B%7B%22dr%22%3A%221%22%2C%22dt%22%3A%222022%2F12%2F20%22%2C%22et%22%3A%22hs%22%2C%22hb%22%3A%22Nobu+Hotel+L%22%2C%22nt%22%3A%222%22%2C%22pid%22%3A%227999%22%2C%22pn%22%3A%22Nobu+Los+Cab%22%2C%22rt%22%3A%222022%2F12%2F21%22%7D%5D
gatag.it/	1970-01-20 08:29:16	Name: AWSALBCORS Value: mDkndU3p/RPWckLY9pToEBjsDwwroiYV+mbmPeZzZnPKYs848hO2Z3be5WgN7pvNrJgxa//jXYHtLkxDwh+VulkW15//CLUS/sgORuuifMZ7pcSLCldvDxUNfsq2
.nobuhotels.com/	1970-01-20 17:55:12	Name: _ga_DDTRQMB30T Value: GS1.1.1671552083.1.0.1671552083.0.0.0
.nobuhotels.com/	1970-01-20 17:55:12	Name: _ga Value: GA1.1.1113919994.1671552080
.adnxs.com/	1970-01-20 10:28:48	Name: uuid2 Value: 6424406804217236213
.adsrvr.org/	1970-01-20 17:04:48	Name: TDID Value: bd48c3f7-d0f2-41dd-969d-571f38872de1
.reservations.nobuhotels.com/	1970-01-20 17:55:12	Name: __utma Value: 72319120.1113919994.1671552080.1671552084.1671552084.1
.reservations.nobuhotels.com/	1969-12-31 23:59:59	Name: __utmc Value: 72319120
.reservations.nobuhotels.com/	1970-01-20 12:42:00	Name: __utmz Value: 72319120.1671552084.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.reservations.nobuhotels.com/	1970-01-20 08:19:12	Name: __utmt Value: 1
.reservations.nobuhotels.com/	1970-01-20 08:19:13	Name: __utmb Value: 72319120.1.10.1671552084
.sojern.com/	1970-01-20 17:04:48	Name: cid Value: 00f361b9-9f9d-9273-c14e-0d8a54414ed5#1671494400000
.sojern.com/	1970-01-20 09:02:24	Name: ttdid Value: bd48c3f7-d0f2-41dd-969d-571f38872de1
.sojern.com/	1970-01-20 10:28:48	Name: apnid Value: 6424406804217236213
.doubleclick.net/	1970-01-20 17:55:12	Name: IDE Value: AHWqTUkikZ0oE2UMh71cqS3b4Mt-CyTIIH0K3IenfTZtVH6MTL0DpVxQOyROSqbWX40
www.gatag.it/	1970-01-20 08:29:16	Name: AWSALBCORS Value: Yh9OWR2X2MnXjHDXNFlNVE0SttUVCoj9C5u6p5zpcBsur3p1//7MTH5wuPU/tqQV2ZQ1r98vFjHpQoyzEn3BqEUz6YwGMdNkKsguaMN6cTGHlktPEmtKNEolhpVK
www.gatag.it/	1969-12-31 23:59:59	Name: PHPSESSID Value: nc8hj4hojde18t6bpcbgv4gua6
.reservations.nobuhotels.com/	1970-01-20 17:55:12	Name: __utmv Value: 72319120.\|4=device=pc=1
.sojern.com/	1970-01-20 17:04:48	Name: gid Value: CAESEAg7AKdtSOAIV5IKkaGIUYU
capture.gatag.it/	1970-01-20 08:29:16	Name: AWSALBCORS Value: nUzx/eAnndjMB71x/zT5efGrcrAZDpfZ5BddR48n1LDgbsMaEU1kcGNtZ9JpoyCgnGKJFCcOKd4e9PP1NDPkDYnzcuczET9Znj6OK2PMP3egC8lZqUZw3UiaCTbc
.yieldoptimizer.com/	1970-01-20 17:04:48	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 17:04:48	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 17:04:48	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 17:04:48	Name: cktst Value: 637144909
.yieldoptimizer.com/	1970-01-20 17:04:48	Name: ckid Value: 2028451123155
.yieldoptimizer.com/	1970-01-20 17:04:48	Name: ph Value: %7B%22p%22%3A%5B1025%2C1203%2C1476%2C39%2C1305%2C1465%2C1034%2C1084%2C1022%5D%2C%22t%22%3A%5B122440%2C122440%2C122440%2C122440%2C122440%2C122440%2C122440%2C122440%2C122440%5D%7D
www.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: __thn_ss Value: 3049c7bbe68205fafaa13e65a9f6b6b7
.thehotelsnetwork.com/	1970-01-20 17:04:18	Name: visid_incap_2454396 Value: 9pkeMU+6TXmF+mqL/PTGG1XcoWMAAAAAQUIPAAAAAAAqLUiURJAr08qYu3h5Vk0T
.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: nlbi_2454396 Value: K3QOGLXXwj3Vf6RZ5i1CcAAAAAAOOmAxBds5Tquvrf362qe6
.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: incap_ses_1170_2454396 Value: XNewIsM4fxc78vc9mq08EFXcoWMAAAAA8bwU+F3faV+aWj3jxtzldg==
.adsrvr.org/	1970-01-20 17:04:48	Name: TDCPM Value: CAEYASABKAIyCwiM8u_cxauxOxAFOAFaB280NTZxZmVgAg..
.yahoo.com/	1970-01-20 17:05:09	Name: A3 Value: d=AQABBFXcoWMCEHappq7JabDVUzv0TtlzwF0FEgEBAQEto2OrYwAAAAAA_eMAAA&S=AQAAAtoSr7EhewlCM74SSXzY7o4
.adaraanalytics.com/	1970-01-20 17:04:48	Name: ckid Value: 2028451123155
.adaraanalytics.com/	1970-01-20 17:04:48	Name: aackid Value: 2028451123155
.krxd.net/	1970-01-20 12:38:24	Name: _kuid_ Value: PRPKWkeg
.rlcdn.com/	1970-01-20 17:04:48	Name: rlas3 Value: SR2JLaQUjGWZw6xecRDzKj9wGfTuKtq+VhyhMYm88hA=
.rlcdn.com/	1970-01-20 09:45:36	Name: pxrc Value: CAA=
.demdex.net/	1970-01-20 12:38:24	Name: demdex Value: 68290783557146581303717560802662059929
.analytics.yahoo.com/	1970-01-20 17:04:48	Name: IDSYNC Value: 19ak~28yg
.turn.com/	1970-01-20 12:38:24	Name: uid Value: 8072699385364612712
.dpm.demdex.net/	1970-01-20 12:38:24	Name: dpm Value: 68290783557146581303717560802662059929
.yieldoptimizer.com/	1970-01-20 17:04:48	Name: dph Value: %7B%22t%22%3A%5B122440%2C122440%2C122440%5D%2C%22dp%22%3A%5B5093%2C4889%2C5530%5D%7D
accounts.livechatinc.com/	1970-01-20 08:19:12	Name: __oauth_redirect_detector Value: counter=1&t=1671552116&tag=36a8267b065cc20f52c55792dc9cbda1948ce2bf

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://reservations.nobuhotels.com/?adult=2&chain=20034&child=0&configcode=DFT&currency=USD&depart=2022-05-12&hotel=7999&level=hotel&locale=en-US&rooms=1&themecode=DFT Message: Refused to load the script 'https://reservations.nobuhotels.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=302345713' because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'nonce-KORsWRpVEmrHa4NKR9JTSg==' 'unsafe-inline' 'unsafe-eval' 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com pdx-col.eum-appdynamics.com https://.gtsgapps.com https://.livechatinc.com https://api.livechatinc.com https://cdn.livechatinc.com https://secure.livechatinc.com https://ib.adnxs.com https://pro.ip-api.com https://vars.hotjar.com https://in.hotjar.com .gtsgig.com .laasie.ai https://zbf3t54l4l.execute-api.us-west-2.amazonaws.com https://.asksuite.com .asksuite.com https://.virtualturbopano.com .virtualturbopano.com https://www.virtualturbopano.com https://my.matterport.com .my.matterport.com https://virtual-turbo-360.captur3d.io .virtual-turbo-360.captur3d.io .support.matterport.com .reservations.nobuhotels.com https://.support.matterport.com https://*.capture.duettoresearch.com". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://capture.duettoresearch.com/assets/js/duetto/duetto.js(Line 1) Message: Refused to connect to 'https://capture.duettoresearch.com/receiver' because it violates the following Content Security Policy directive: "default-src 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com pdx-col.eum-appdynamics.com https://.gtsgapps.com https://.livechatinc.com https://api.livechatinc.com https://cdn.livechatinc.com https://secure.livechatinc.com https://ib.adnxs.com https://pro.ip-api.com https://vars.hotjar.com https://in.hotjar.com .gtsgig.com .laasie.ai https://zbf3t54l4l.execute-api.us-west-2.amazonaws.com https://.asksuite.com .asksuite.com https://.virtualturbopano.com .virtualturbopano.com https://www.virtualturbopano.com https://my.matterport.com .my.matterport.com https://virtual-turbo-360.captur3d.io .virtual-turbo-360.captur3d.io .support.matterport.com .reservations.nobuhotels.com https://.support.matterport.com https://*.capture.duettoresearch.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src data: ; base-uri 'self'; frame-ancestors 'self'; style-src 'self' https: 'unsafe-inline'; font-src data: ; media-src ; script-src 'strict-dynamic' 'nonce-KORsWRpVEmrHa4NKR9JTSg==' 'unsafe-inline' 'unsafe-eval' 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com pdx-col.eum-appdynamics.com https://.gtsgapps.com https://.livechatinc.com https://api.livechatinc.com https://cdn.livechatinc.com https://secure.livechatinc.com https://ib.adnxs.com https://pro.ip-api.com https://vars.hotjar.com https://in.hotjar.com .gtsgig.com .laasie.ai https://zbf3t54l4l.execute-api.us-west-2.amazonaws.com https://.asksuite.com .asksuite.com https://.virtualturbopano.com .virtualturbopano.com https://www.virtualturbopano.com https://my.matterport.com .my.matterport.com https://virtual-turbo-360.captur3d.io .virtual-turbo-360.captur3d.io .support.matterport.com .reservations.nobuhotels.com https://.support.matterport.com https://.capture.duettoresearch.com; default-src 'self' .synxis.com .googletagmanager.com .google-analytics.com google-analytics.com .google.com .googleapis.com .gatag.it gatag.it .doubleclick.net icm.aexp-static.com .sabrehospitality.com .asc.sabre.com .thehotelsnetwork.com thehotelsnetwork.com .trivago.com trivago.com .tripadvisor.com tripadvisor.com .sojern.com sojern.com .triptease.io triptease.io .sabre-gcp.com .sabre-gcp.com:3000 .sabre-gcp.com:3001 .sabre-gcp.com:3002 .sabrecirrus.com pdx-col.eum-appdynamics.com https://.gtsgapps.com https://.livechatinc.com https://api.livechatinc.com https://cdn.livechatinc.com https://secure.livechatinc.com https://ib.adnxs.com https://pro.ip-api.com https://vars.hotjar.com https://in.hotjar.com .gtsgig.com .laasie.ai https://zbf3t54l4l.execute-api.us-west-2.amazonaws.com https://.asksuite.com .asksuite.com https://.virtualturbopano.com .virtualturbopano.com https://www.virtualturbopano.com https://my.matterport.com .my.matterport.com https://virtual-turbo-360.captur3d.io .virtual-turbo-360.captur3d.io .support.matterport.com .reservations.nobuhotels.com https://.support.matterport.com https://*.capture.duettoresearch.com; report-uri /reports?hid=7999&cid=20034&sid=YFNp-QIwcRyWeaQxNM6lZfjA
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
ad.doubleclick.net
adservice.google.com
api.ipify.org
api.livechatinc.com
bat.bing.com
be-cms-api.synxis.com
beacon.krxd.net
beacon.sojern.com
capture.duettoresearch.com
capture.gatag.it
cdn.livechatinc.com
cdn.trackhs.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
cr4dl.gtsgapps.com
d.turn.com
dpm.demdex.net
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
forge.gtsgapps.com
gatag.it
google-analytics.com
gtly.to
ib.adnxs.com
idsync.rlcdn.com
js.sentry-cdn.com
loscabos.nobuhotels.com
match.adsrvr.org
mes4.gtsgapps.com
pixel.sojern.com
reservations.nobuhotels.com
secure.livechatinc.com
services-p1.synxis.com
ssl.google-analytics.com
stats.g.doubleclick.net
tag.adaraanalytics.com
tag.yieldoptimizer.com
ups.analytics.yahoo.com
widgets.gtsgig.com
www.allinclusivecollection.com
www.facebook.com
www.gatag.it
www.google-analytics.com
www.google.ca
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.thehotelsnetwork.com
capture.duettoresearch.com
reservations.nobuhotels.com
www.thehotelsnetwork.com
107.178.244.119
13.249.190.110
142.250.72.98
142.251.41.6
23.34.59.24
23.34.59.62
2600:1901:0:56f6::
2600:9000:20ee:1800:1:279d:1d40:93a1
2606:4700:20::681a:1e2
2606:4700:3033::6815:5303
2607:f8b0:4004:c07::9d
2607:f8b0:4006:809::2008
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2003
2607:f8b0:4006:823::2002
2620:112:f002:bbbb::23
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::729
3.224.104.191
3.227.104.119
35.190.52.204
35.190.60.146
35.190.67.248
44.195.110.233
45.223.18.235
45.60.151.144
45.60.196.96
45.60.241.22
50.63.7.201
52.223.40.198
52.43.15.42
52.72.241.80
54.175.87.114
54.85.136.197
64.185.227.156
68.67.179.155
76.13.32.147
005b33e1dca40abae28f41bc812941fc1f68021905811225231569a55db83993
0088a48d02c4b7b030481627b922901d2ee9232895d8f3bc02b9453b3e190dd9
04025905c78ae9f9cc78a58e1387aa677c8548a8a5894eaa94447f082cf2c23f
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0632db5862332ab9532c662a841ffcf248e251a3598c47af1c161397f86b83c0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5198a44416a4cecee6e5975d758ef39921039ee4d6e8b4ee933b11e01c342
0e671dd0a96a7b3a5c5ded4160402d2d9807ef0f258d8d92871d17814061dc70
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
135c1de5296a2c1a99f963bf1190ee02560d3da299bab443a3a62600de21b8e7
13b1ceb4ad72af9a951bd67f78dd5aa523c52088f83d59e107d3e032ba69ddb2
13ed64e31854fc7e8e3e542fef0d24813e05a6137d56160064ec6824367b9a03
17fc517bd467a15983a4394189b63d61d0e1b7b00678b27a8b54b7035f42acee
1a726b060dc1caea851686f9440e7732dfdf9002943ff857c4c2b8475fb3de92
1e1aacd78dd4af57a3f9543b18322d720e48ed276622eae2eee1daec8bf90112
21886cd4fe5a339a5b03394227af4c1c1f2c096c4071db2be1cb3caa71abedbf
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
29a22b4d54f9fb7191e9e6c63f11af14a6e34fb7b66720021f18bd533bac9018
29a95814a3c7ce3e354c131a33de0f2d7836fff6a7f4a2ba64a313b6c1b0f209
2fb5f131d4dde6d4cc233489fb2a7ab41024b9be0a1dd9fa563219bcaa2d6837
3390a693f5406d48939010f979c81633288e3ea49119b9660422537daef4d56b
37d3ad5a052e74aea1ac7c2458d0c901264f67e4f0c2dcf5fe0084d72fe6f165
3a65e3f0253585b60aa363b67b7276e927355187075807370d4a208eb8f1457d
3deee5c87e84b8f75fb3eec6e18ba6338eb25321fc25dbd8ac58954a628f61fa
41f63ca5ca8f25840002856c5614eebf539853ad5651b571998a8466a0bb0824
460ae44f8b624e082a723f8cb7ed0f05dad32fd39fbeffd98f41374205f8662b
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
4c696303a636e00d7bc9e7767e6a075726c1b244ae6a86bbcdb689ce12e92ef2
4ed148127f00ac44fac749efd614c529d91d96c0d290a395e0010a2f34178d26
50f10898342061c80fea923b4a5ec511ce9e9fe32457dc69ecb5524bd3a8b44e
53928dd92112d26f38075c7976bb33441fd6a5baa4ff4e4510fcbefb2b5e8bec
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5595f9316acf025320a453c4a2d8c37ffe453169d5d52356928ff2f839690384
55aad2b591c7f93a64378e2e95bebfdecac9317b7e1cad27f58824541a52cbdb
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
55fb568780e89e3e25cadf6128d45fb9ac298b38fd7f5329b5631bf1689bed27
5b4d5266b41c8719e967db2d0f426718418eb20455fcc942afa4ac1507774d23
5df8acef829d96072125f2c24ac311dc35b0f0ec31cf5e2439a53c4d1dfa1ad1
625a63fbc3b92e8b3b7ca3a1a0d3372f066aa66104b925e8b353744b1e283df1
64b58c75d96c74e9f836236ca9764b5c55ac3d58d91fe295bb76a6b1cf320c11
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74a1b487adcfbb5c464a4a66e138d6f887bda5b529bc1a7a05eeb5ecd4af61cf
74f9d9df4ca79ed105f44cfacf249f74ffbc757eb5ad60bd893c48b257447757
760382ab59a9ead5627783083496debc5fe829db2ae238e92a62c60ba06c8ed5
7838b27565b3304e12a6378452a6e13e5c4a492e9f5d7c89bfc8e785c1a74505
7d1a9192cd71e043d6f9d26966fb335dc9e2efe4147c27df05da03afee30b6d0
7db025befd8366a72f3b11db5696cc6f90fb8921f0abc71113050bdc739e1119
7ef76a816ed776637195f9a3cecc5f9095e07e0260a4da7df12532a88b6af659
7fc5ff80b1ce06351406075b2c53eb64b163b0a5fc37864fcd7a542a3dae8f22
8074a161d80ffca068c5a4969bccfa4b5a4189d3b0da84702d13d2f0b2b29606
8250a0a8a2b63bfae72b2604bc53e7764530aa08651e7c0cb253a90a6c762a8c
829234d608da2d2a116b304cef7ab8286e5d3eaccfa2c5066f21ae8b272e1bdb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83590481b12c52878257e2e9774856b9a1216f781fc5bc55b3ab3964a1a290d0
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8825dc4d61a2cadba97be1943b3915899749a233d2e719ea734e2ff043a0f421
8c3d9114c411c54b4adefe9e468878650721d1263d5643327e84cb3f2acf6a5d
91694e77238f305d0254caca72ad44d0fe9d674992ec37101828982c0f75d582
a35d5a545df0832187feb25441ae32dd63d3f4ff0a71767cb7df96482ac67bbf
a577a80fa62d8da4aa500b07c3449b5932e87bdcfbc81dfda8e374527b878497
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
a627cdef47d90beb8922c69653ebe40592d9af103fb4e925c2dee8bc0615f83e
a8820829bf43f181bf50e9086f3970ea831f69c26d3a80ebb4b0caf40739afe3
ab6b1c7ac4e24f69a76d0ae3a03a16319e9340d2709d53e8de6c2feed4e4c224
aeccc46e8f6885a4432e63e8455747ed2914bc1544d2c8550c88ff99f488c742
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4d6d4261ff8934fae656f8b18ac4b856479f47c9cec48e7abaf4ba1b50e4f8c
b57f37a06a946433919e4273b009b9026c6af04f3999f05b5806384078bc7cea
b5a79b80316a1ce911a1254deb622f74e8b678f0175f8348d8dfee09c6eb4176
b63a310a292d809d3a65a417bb06a17cde7cd77213da4f91ff58f2803d99a6e5
bdae92e65d1e25119560524820a0067f91494bddbde48565ecfff782749e587f
bf7be7d4baa03f1b58be7626dad5c0094f814bb02751892de3836fe34584c9a5
c289dd04002a8841e894d707dca2d6ef43d1a5029b72d8d56d68bcdc571ae8b1
c60678b892a67260c46697906e6901731f147d0bebcf3a5bc6eec7d0b98a7b68
c6b2c19c43ac95eca75453136061bc5bcf96a605118b3306323d4ffcbc98d55f
ca536ba9fc5725b2d3e02229dd74b71a2b372ace2e5d342626794d1f4983cbdc
cd13fb47ebda7c6c5b3fe86e6a177801b7b404921536ffb77b321cffdbe85e35
d7cdd6d89b4fa55ee546505971c0acdc6b25648453e692222e908dd56215f462
d9e0256a032c19e147ae088add8eb800dbf2df9bee98b35146ca75d38b620ada
dae782b6c7faaac04d419cd605e67eb52da12b98609e884bd88e1558dbd36d96
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e03678fb1a6b476aaa19050ea0bc60147c6c5e1e78be5e912b16f9183e6d5c17
e0945c2667eb5c954d7e17f623dbe96fe12c88fe4fc5c4d930a564f9a93e9649
e3670c41cbeb304353600463d4de4c43b145c72138e40feca796d24e704d4813
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a92b97bae4ef9b15161660b85e6c3415efc46ccd736cf93bac8ea0b3c44001
e60d08f427fc54fa9e825df39f48eb5111cfd7344b8ab36638e85823c4b8add1
e7001af9c7a0179ce7606b6aee1bfdd367d506e65e656656893d9af0893aa1e1
e7b65f6d3ef0a4e62f16bedcb1880c571454a8d2cabca0dc64e5a3697aae8747
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0128d0bcebcb313014e06e4416ae7c23ba042ed0c9565656082d171cab368cf
f18cd485b383d043ba2ad4c63e3eb75239e7296a81e0ea782a0899afe1477dd5
f2184f8b678a81c1f44406cead1d68ebc96968452cc6ed63d7d5abb4f637dc13
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f866d7d929ad2ed6f384a3cbc71301d532a852f000d8001105b99c7503409f1f
ffd8d06d30b07b6eb857aca13a6679a95f9e0ad1ed8043329cc424c41f71c291

reservations.nobuhotels.com Open in urlscan Pro 45.223.18.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

89 %HTTPS

44 %IPv6

34 Domains

51 Subdomains

38 IPs

1 Countries

3304 kBTransfer

11838 kBSize

66 Cookies

15 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reservations.nobuhotels.com Open in urlscan Pro
45.223.18.235 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

89 %
HTTPS

44 %
IPv6

34
Domains

51
Subdomains

38
IPs

1
Countries

3304 kB
Transfer

11838 kB
Size

66
Cookies

145 HTTP transactions
0 data transactions