ssl.omnihotels.com Open in urlscan Pro
143.204.89.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.em.omnihotels.com/?qs=3202c9c97ac8755a7e812381f718a3e314c3c2d72d302413a98de30a64fa02d22cacb571c20c1f5869a97a2ce351...
Effective URL:
https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campa...
Submission: On June 23 via api (June 23rd 2022, 6:24:39 pm UTC) from US — Scanned from DE

Summary HTTP 154 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 51 IPs in 9 countries across 59 domains to perform 154 HTTP transactions. The main IP is 143.204.89.15, located in United States and belongs to AMAZON-02, US. The main domain is ssl.omnihotels.com. The Cisco Umbrella rank of the primary domain is 192767.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 11th 2022. Valid for: a year.

This is the only time ssl.omnihotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.234.80 13.111.234.80	22606 (EXACT-7) (EXACT-7)
26	143.204.89.15 143.204.89.15	16509 (AMAZON-02) (AMAZON-02)
6	143.204.89.5 143.204.89.5	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:7e00:9:7c30:be80:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:4a00:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28d::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 31	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
1 4	104.21.58.221 104.21.58.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	46.137.177.196 46.137.177.196	16509 (AMAZON-02) (AMAZON-02)
1	143.204.94.161 143.204.94.161	16509 (AMAZON-02) (AMAZON-02)
1	54.175.67.42 54.175.67.42	14618 (AMAZON-AES) (AMAZON-AES)
2	2.21.20.161 2.21.20.161	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.92.195.40 52.92.195.40	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
3 5	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.228.196.14 54.228.196.14	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1 2	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	52.29.68.61 52.29.68.61	16509 (AMAZON-02) (AMAZON-02)
8	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	44.224.197.137 44.224.197.137	16509 (AMAZON-02) (AMAZON-02)
1 1	18.156.126.13 18.156.126.13	16509 (AMAZON-02) (AMAZON-02)
3 3	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.158.225.181 35.158.225.181	16509 (AMAZON-02) (AMAZON-02)
1 1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	18.184.103.225 18.184.103.225	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.93.253 18.156.93.253	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	143.204.95.155 143.204.95.155	16509 (AMAZON-02) (AMAZON-02)
1	99.80.124.254 99.80.124.254	16509 (AMAZON-02) (AMAZON-02)
1	52.6.201.25 52.6.201.25	14618 (AMAZON-AES) (AMAZON-AES)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 1	3.93.160.221 3.93.160.221	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.19.46.209 52.19.46.209	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 1	52.20.189.152 52.20.189.152	14618 (AMAZON-AES) (AMAZON-AES)
1 1	143.204.89.75 143.204.89.75	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.188.190 45.79.188.190	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4	52.44.45.214 52.44.45.214	14618 (AMAZON-AES) (AMAZON-AES)
4	54.163.244.190 54.163.244.190	14618 (AMAZON-AES) (AMAZON-AES)
154	51

1 13.111.234.80 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.em.omnihotels.com

click.em.omnihotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 143.204.89.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-15.fra50.r.cloudfront.net

ssl.omnihotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.89.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-5.fra50.r.cloudfront.net

www.omnihotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7e00:9:7c30:be80:21 (United States)

ASN16509 (AMAZON-02, US)

d1n00d49gkbray.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4a00:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

8703439.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2908977.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28d::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 209.54.176.128 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.58.221 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

cdn.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.137.177.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-177-196.eu-west-1.compute.amazonaws.com

go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-161.fra50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.67.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-67-42.compute-1.amazonaws.com

514012238.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.161 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-161.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.92.195.40 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.13 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.196.14 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-196-14.eu-west-1.compute.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

4f36e5fd-8df3-411b-bf83-4d9d958da17e.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.242 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.68.61 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-68-61.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.224.197.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-197-137.us-west-2.compute.amazonaws.com

www.trustedsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.126.13 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-126-13.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.225.181 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-225-181.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.103.225 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-103-225.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.93.253 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-93-253.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.95.155 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-155.fra50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.124.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-124-254.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.201.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-201-25.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.160.221 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-160-221.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.46.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-46-209.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.253 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.189.152 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-189-152.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-75.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.188.190 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-18.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.44.45.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-45-214.compute-1.amazonaws.com

tr2.smarterhq.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.163.244.190 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-244-190.compute-1.amazonaws.com

onsiteshq.smarterhq.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	omnihotels.com 1 redirects click.em.omnihotels.com — Cisco Umbrella Rank: 398802 ssl.omnihotels.com — Cisco Umbrella Rank: 192767 www.omnihotels.com — Cisco Umbrella Rank: 119514	661 KB
31	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 286	24 KB
8	smarterhq.io tr2.smarterhq.io — Cisco Umbrella Rank: 9864 onsiteshq.smarterhq.io — Cisco Umbrella Rank: 45359	2 KB
8	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 987	8 KB
8	doubleclick.net 4 redirects 8703439.fls.doubleclick.net — Cisco Umbrella Rank: 229351 2908977.fls.doubleclick.net — Cisco Umbrella Rank: 232755 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	5 KB
7	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 408 ib.adnxs.com — Cisco Umbrella Rank: 244	7 KB
6	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2256 api.permutive.com — Cisco Umbrella Rank: 1815	59 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	676 B
4	yahoo.com 2 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 745 ups.analytics.yahoo.com — Cisco Umbrella Rank: 299 cms.analytics.yahoo.com — Cisco Umbrella Rank: 847	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5448 adservice.google.de — Cisco Umbrella Rank: 7751	2 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	4 KB
4	serving-sys.com 1 redirects secure-ds.serving-sys.com — Cisco Umbrella Rank: 1709 bs.serving-sys.com — Cisco Umbrella Rank: 1051	24 KB
4	affec.tv 1 redirects go.affec.tv — Cisco Umbrella Rank: 6662 map.go.affec.tv — Cisco Umbrella Rank: 6981	3 KB
4	getrockerbox.com 1 redirects getrockerbox.com — Cisco Umbrella Rank: 5288	12 KB
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	3 KB
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 6409 cm.teads.tv — Cisco Umbrella Rank: 6765 t.teads.tv — Cisco Umbrella Rank: 2210	7 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	193 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 865 image6.pubmatic.com — Cisco Umbrella Rank: 629	391 B
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1128	1 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 501	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	999 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 192	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336 token.rubiconproject.com — Cisco Umbrella Rank: 711	653 B
2	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 457 usermatch.krxd.net — Cisco Umbrella Rank: 1270	496 B
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1638	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	1 KB
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 794	1 KB
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 784	19 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 369	7 KB
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 947	168 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 1968	344 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 2598	612 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1158	324 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 387	306 B
1	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 134	260 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 907	633 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 4942	292 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 1701	123 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2217	263 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 2142	913 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 681	763 B
1	zeotap.com 1 redirects mwzeom.zeotap.com — Cisco Umbrella Rank: 1343	390 B
1	tremorhub.com amazon.partners.tremorhub.com — Cisco Umbrella Rank: 4880	183 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 545	183 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 483	672 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 445	485 B
1	trustedsite.com www.trustedsite.com — Cisco Umbrella Rank: 14962	943 B
1	prmutv.co 4f36e5fd-8df3-411b-bf83-4d9d958da17e.prmutv.co — Cisco Umbrella Rank: 260124	227 B
1	igodigital.com 514012238.collect.igodigital.com — Cisco Umbrella Rank: 206645	2 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1332	5 KB
1	bttrack.com cdn.bttrack.com — Cisco Umbrella Rank: 6696	3 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 9115	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	114 KB
1	cloudfront.net d1n00d49gkbray.cloudfront.net	26 KB
0	survata.com Failed px.surveywall-api.survata.com Failed
154	59

	Domain	Requested by
31	s.amazon-adsystem.com	1 redirects ssl.omnihotels.com s.amazon-adsystem.com
26	ssl.omnihotels.com	ssl.omnihotels.com
8	pixel.mathtag.com	secure-ds.serving-sys.com pixel.mathtag.com ssl.omnihotels.com
6	www.omnihotels.com	ssl.omnihotels.com
5	api.permutive.com	cdn.permutive.com
5	secure.adnxs.com	3 redirects ssl.omnihotels.com
4	onsiteshq.smarterhq.io	d1n00d49gkbray.cloudfront.net
4	tr2.smarterhq.io	d1n00d49gkbray.cloudfront.net ssl.omnihotels.com
4	www.facebook.com	ssl.omnihotels.com
4	getrockerbox.com	1 redirects ssl.omnihotels.com getrockerbox.com
3	connect.facebook.net	ssl.omnihotels.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com ssl.omnihotels.com
2	uipglob.semasio.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	bs.serving-sys.com	1 redirects secure-ds.serving-sys.com
2	ib.adnxs.com	1 redirects cdn.permutive.com
2	adservice.google.de	adservice.google.com
2	ct.pinterest.com	s.pinimg.com ssl.omnihotels.com
2	www.google.de	ssl.omnihotels.com
2	www.google.com	ssl.omnihotels.com
2	adservice.google.com	8703439.fls.doubleclick.net 2908977.fls.doubleclick.net
2	map.go.affec.tv	1 redirects ssl.omnihotels.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	px.ads.linkedin.com	2 redirects
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	secure-ds.serving-sys.com	ssl.omnihotels.com secure-ds.serving-sys.com
2	go.affec.tv	www.googletagmanager.com go.affec.tv
2	s.pinimg.com	ssl.omnihotels.com s.pinimg.com
2	s.yimg.com	ssl.omnihotels.com s.yimg.com
2	2908977.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	8703439.fls.doubleclick.net	1 redirects www.googletagmanager.com
1	sync.taboola.com	1 redirects
1	image6.pubmatic.com	s.amazon-adsystem.com
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	us-u.openx.net	s.amazon-adsystem.com
1	sb.scorecardresearch.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	odr.mookie1.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	mwzeom.zeotap.com	1 redirects
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	pixel.advertising.com	1 redirects
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	www.trustedsite.com	cdn.ywxi.net
1	4f36e5fd-8df3-411b-bf83-4d9d958da17e.prmutv.co	cdn.permutive.com
1	t.teads.tv	ssl.omnihotels.com
1	cdn.permutive.com	go.affec.tv
1	sp.analytics.yahoo.com	ssl.omnihotels.com
1	cm.teads.tv	p.teads.tv
1	px4.ads.linkedin.com	ssl.omnihotels.com
1	www.linkedin.com	1 redirects
1	514012238.collect.igodigital.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	cdn.bttrack.com	www.googletagmanager.com
1	p.teads.tv	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	cdn.ywxi.net	ssl.omnihotels.com
1	www.googletagmanager.com	ssl.omnihotels.com
1	d1n00d49gkbray.cloudfront.net	ssl.omnihotels.com
1	click.em.omnihotels.com	1 redirects
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
154	81

This site contains links to these domains. Also see Links.

Domain
www.omnihotels.com
www.facebook.com
www.youtube.com
twitter.com
www.pinterest.com
www.instagram.com

Subject Issuer	Validity	Valid
*.omnihotels.com Go Daddy Secure Certificate Authority - G2	`2022-02-11` - `2023-03-15`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.ywxi.net Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-02` - `2022-07-01`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-13` - `2022-08-03`	2 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
getrockerbox.com Cloudflare Inc ECC CA-3	`2022-02-13` - `2023-02-12`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
affec.tv Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.collect.igodigital.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2022-02-26` - `2023-02-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.prmutv.co R3	`2022-04-12` - `2022-07-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.trustedsite.com Amazon	`2022-01-25` - `2023-02-23`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.samplicio.us Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2022-04-28` - `2022-07-27`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
smarterhq.io Amazon	`2021-10-20` - `2022-11-17`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Frame ID: CD7A6983774FEFD1C2A1D4536AFB8D5E
Requests: 100 HTTP requests in this frame

Frame: https://8703439.fls.doubleclick.net/activityi;dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail
Frame ID: 766B687E9985F4FB501AA64DF38C49E1
Requests: 1 HTTP requests in this frame

Frame: https://2908977.fls.doubleclick.net/activityi;dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail
Frame ID: 882C5A43F5F2D305FA52BC71156849AC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D42b83a30-4040-ad54-bcef-bc7c19f08dc0%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.omnihotels.com/&ex-hargs=v%3D1.0%3Bc%3D2531508700701%3Bp%3D42B83A30-4040-AD54-BCEF-BC7C19F08DC0&cb=173163887171366800&dcc=t
Frame ID: C58C5B190755E1A56C49C0D86774D040
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail
Frame ID: 3AF848A0ABF2E1A5ABAF3838D6E003A0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail
Frame ID: 05B8A1882CCB8E06DA8325D7AD940185
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail
Frame ID: A6A997DBBA1F1FC6AC7D4ED7A5662051
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail
Frame ID: 2DEB6D69D059FCFE76A48BD51D7575E4
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/event/js?mt_id=1596615&mt_adid=250702&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Frame ID: F42B488EDB65C9BA7D523CA0F6F1A201
Requests: 2 HTTP requests in this frame

Frame: https://pixel.mathtag.com/event/js?mt_id=1596613&mt_adid=250702&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Frame ID: E21D3B3F3B56E44C61C4BD78C4C5C493
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=R06HKNZKR5y1tg9HgGQLeQ&dmt=3&ex-pl-n-g-hmt=ms-hbbz5QjuAn5vGsrW-Tg&ep=mfS4I4Lxm4iN8M-0MyueFUoEFpGYE5cin2dW6jdvjnKkudj4V_J5INYsJiAGHumZpAt2ahr_L6sh7ka8IxaWr0xKq4iAOTePyz_ridA3pu73gSv1fGbaP-9uewY59VN19f8vcN17CsU2fzQEvE-WyrrCwBY1mEiUaBqkodrEgMNyOqwk-5dsuyE9kvLoEmsM2MtDzRYxzCT4xXyrCTae--JYiNFbq0dKoS3mBGgwvNpnIVW248eogomkkpH6o9xi3djcL8VVRSoyQ-DTuNlqFlQ4Z-UfHo6iTv3mHN8NkENmxHWNcfxRXi5IQhMIqmRaxM2Qp_OmnuYIOv0DguHBy_z_bDh8P8Tbj0zRxOdrVPmwfyvO-__jaJkDMQZ4E84n
Frame ID: 35130AFDB67FB46FF558177ACE76A332
Requests: 39 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=966162b4-afe1-4f00-bd51-4b9cf8d4269a&no_iframe=1&mt_adid=250702&source=mathtag
Frame ID: CD8C8E968F4A7F808D69A0F5A6B2F099
Requests: 2 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=972362b4-afe1-4e00-8080-1db933fc8827&no_iframe=1&mt_adid=250702&source=mathtag
Frame ID: 16D7050DBE99F84BA2CED2DF278EB87F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Select Guest Sign-In | Omni Hotels & Resorts

Page URL History Show full URLs

https://click.em.omnihotels.com/?qs=3202c9c97ac8755a7e812381f718a3e314c3c2d72d302413a98de30a64fa02d22cacb571... HTTP 302
https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_so... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

154
Requests

76 %
HTTPS

23 %
IPv6

59
Domains

81
Subdomains

51
IPs

9
Countries

1212 kB
Transfer

3035 kB
Size

73
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.omnihotels.com/loyalty

Search URL Search Domain Scan URL

URL: https://www.facebook.com/omnihotels/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/omnihotels

Search URL Search Domain Scan URL

URL: https://twitter.com/omnihotels?lang=en

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/omnihotels/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/omnihotels/

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/travel-advisory
Title: Travel Advisory

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/shop/gift-cards
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/media-center
Title: Media Center

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/travel-agents
Title: Travel Agents

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/about-omni-hotels
Title: About Omni Hotels

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/site-map
Title: Site Map

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/terms-of-use
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/reservations/faq
Title: Reservation FAQ

Search URL Search Domain Scan URL

URL: https://www.omnihotels.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.em.omnihotels.com/?qs=3202c9c97ac8755a7e812381f718a3e314c3c2d72d302413a98de30a64fa02d22cacb571c20c1f5869a97a2ce3519b925eab6c94e1efb8bb HTTP 302
https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://8703439.fls.doubleclick.net/activityi;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail HTTP 302
https://8703439.fls.doubleclick.net/activityi;dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail

Request Chain 37

https://2908977.fls.doubleclick.net/activityi;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail HTTP 302
https://2908977.fls.doubleclick.net/activityi;dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail

Request Chain 43

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D42b83a30-4040-ad54-bcef-bc7c19f08dc0%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.omnihotels.com/&ex-hargs=v%3D1.0%3Bc%3D2531508700701%3Bp%3D42B83A30-4040-AD54-BCEF-BC7C19F08DC0&cb=173163887171366800 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D42b83a30-4040-ad54-bcef-bc7c19f08dc0%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.omnihotels.com/&ex-hargs=v%3D1.0%3Bc%3D2531508700701%3Bp%3D42B83A30-4040-AD54-BCEF-BC7C19F08DC0&cb=173163887171366800&dcc=t

Request Chain 53

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1656008672818&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Futm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26utm_content%3D126363%26utm_medium%3Demail%26utm_source%3Dsfmc%26sfmc_id%3D4699648%26ref_pagesrc%3D%26ref_pagedst%3D%26pagesrc%3DSI%26pagedst%3DSI%26utm_term%3D HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3868034%26time%3D1656008672818%26url%3Dhttps%253A%252F%252Fssl.omnihotels.com%252FOmni%253Futm_campaign%253Ddirect-ohr-select_guest-account_summary_jun_22%2526sfmc_activityid%253D47b0f733-c9c4-4acb-adbd-45111da4e543%2526utm_id%253D21d1792d-dd11-4b15-a50f-8e688966f80d%2526utm_content%253D126363%2526utm_medium%253Demail%2526utm_source%253Dsfmc%2526sfmc_id%253D4699648%2526ref_pagesrc%253D%2526ref_pagedst%253D%2526pagesrc%253DSI%2526pagedst%253DSI%2526utm_term%253D%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1656008672818&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Futm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26utm_content%3D126363%26utm_medium%3Demail%26utm_source%3Dsfmc%26sfmc_id%3D4699648%26ref_pagesrc%3D%26ref_pagedst%3D%26pagesrc%3DSI%26pagedst%3DSI%26utm_term%3D&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1656008672818&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Futm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26utm_content%3D126363%26utm_medium%3Demail%26utm_source%3Dsfmc%26sfmc_id%3D4699648%26ref_pagesrc%3D%26ref_pagedst%3D%26pagesrc%3DSI%26pagedst%3DSI%26utm_term%3D&liSync=true&e_ipv6=AQI5ACIdKdmYYQAAAYGRzwmDRJLf2crvRyhQmW89CKblnIFfye1cK0u8nVFIgqUV9HIAPT4Tkw

Request Chain 60

https://secure.adnxs.com/px?gdpr=&gdpr_consent=&id=1570877&order_id=%5BORDER_ID%5D&seg=29621998&t=1&value=%5BREVENUE%5D HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1570877%26order_id%3D%255BORDER_ID%255D%26seg%3D29621998%26t%3D1%26value%3D%255BREVENUE%255D

Request Chain 62

https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent= HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D62b4afe1da342e00017822ed%26chc%3Daf%26floc%3D%26redirect_url%3D HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D62b4afe1da342e00017822ed%2526chc%253Daf%2526floc%253D%2526redirect_url%253D HTTP 302
https://map.go.affec.tv/map/an/1564376606577479981?ch=62b4afe1da342e00017822ed&chc=af&floc=&redirect_url=

Request Chain 88

https://getrockerbox.com/rb?url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&action=view&source=omni_hotels&rb_source=omni_hotels&script_version=xyz.js&sessionId=d113e601-590d-4437-ba02-8967ee397d95&an_seg=26570503&type=imp&uid=rbos-824d6514-13b1-4e28-8d1c-c216e6eb1366 HTTP 302
https://secure.adnxs.com/seg?add=26570503

Request Chain 101

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=217303104191003887291&ex=neustar.biz

Request Chain 102

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=xyAAko2gRDumyI7q178OeQ&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=xyAAko2gRDumyI7q178OeQ&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YrSv4Q9BLfoJO3L.0bWwwgAA

Request Chain 103

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3eb30efd3d83fddc7161044028cf0650

Request Chain 104

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 105

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=L1CXt67oRf2SGKHPaxyeWg HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=L1CXt67oRf2SGKHPaxyeWg

Request Chain 106

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-TwY8HIpE2uQmr03ScCHV8NVBEIaI8B8-~A&ex=aoldisplay.com

Request Chain 107

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=93956558-b67a-4382-98d3-d3ba7672e325

Request Chain 110

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=8fa627d5-eaac-4e31-7cee-81328ae4a67c

Request Chain 111

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=1c649f3afc33b7aec47a905b2cfb3c88&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 112

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 116

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=f91ad623bd16ae71

Request Chain 117

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jnkI2EN4T9iyQLnEvbHP4w&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jnkI2EN4T9iyQLnEvbHP4w

Request Chain 118

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=FXy8A_4uQUGI_hLkxTWaqQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=FXy8A_4uQUGI_hLkxTWaqQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=66040214466713547501207086939224078070

Request Chain 119

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=m9qe3y0gQW2PANrszsicIw HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811805701247335035&gdpr=&gdpr_consent=

Request Chain 121

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3325649579704077738

Request Chain 122

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=bb526fe3-f321-11ec-9c4a-1384e0ef0206 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=bb526f78-f321-11ec-9c4a-1384e0ef0206

Request Chain 123

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a297df6a-84a4-4458-89fa-0f743bbb52c5

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEHOGLdLBhBKRNe2VZ41btSQ&google_cver=1

Request Chain 125

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=O6nkZjnO

Request Chain 126

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=c6cd35d5d1fe735f85c607fea11ce90a

Request Chain 128

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=K-aY0V91Z4J5aTHKqNDe9zc4fMM4ZgAC

Request Chain 129

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=453158C5EF04A763

Request Chain 130

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5677988431123376687&ex=appnexus.com

Request Chain 132

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=-EPZmt5ipdC64ubhBZf1PA&ex=rubiconproject.com&status=ok

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=ms-hbbz5QjuAn5vGsrW-Tg& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 135

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2DE2AFB462BB7A3F9902C7C605

Request Chain 136

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=6cccf84e5a678fb1cc6fd896dfdffe49b66eb5a1b05d3efd9edc8acafc7c5141

Request Chain 138

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=2e71404e-ebf5-4c50-aad6-6fcf9455dac8-tuct9ae3562

154 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Omni Show response
ssl.omnihotels.com/
Redirect Chain

https://click.em.omnihotels.com/?qs=3202c9c97ac8755a7e812381f718a3e314c3c2d72d302413a98de30a64fa02d22cacb571c20c1f5869a97a2ce3519b925eab6c94e1efb8bb
https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_ter...

35 KB
9 KB

1660ms
1475ms

Document
text/html

143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

0f3288fab3dec7ac6ab76678fd9dc5b2f343e888c96667b3ca44a4adcdc4d49b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 8107
content-type: text/html; charset=utf-8
date: Thu, 23 Jun 2022 18:24:32 GMT
server: Apache
vary: Accept-Encoding
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id: ymSzcDt-et43gGnbR1mxcUlYvosCUg7c3ZeN_AA1AjOpLoq59P1B9g==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-catalyst: 5.90104
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-ua-compatible: IE=edge,chrome=1

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 517
Content-Type: text/html; charset=utf-8
Date: Thu, 23 Jun 2022 18:24:30 GMT
Location: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email

GET
H2 200 fonts.css
ssl.omnihotels.com/css/om3/usablenet/ 2 KB
705 B 27ms
25ms Stylesheet
text/css 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/usablenet/fonts.css

Requested by

Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

62ee3c241e91084569fec1e6644b357e88cdacbc4918bf5dfc5b0204d2467e33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 304
last-modified: Mon, 25 Jan 2021 16:41:51 GMT
server: Apache
etag: "68a-5b9bc37089333-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: ZPBgubRYh_ftIQ9C7qXy9VVVIvDEcsU6K9IZ3wMTa9PRk9scV7dDjQ==

GET
H2 200 bootstrap.min.css
ssl.omnihotels.com/js/om3/bootstrap3/css/ 119 KB
20 KB 20ms
18ms Stylesheet
text/css 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/js/om3/bootstrap3/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

3807b4325425a62583bae8a5f549cd23d78414d8e91505872355cdfb6716b9a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 19740
last-modified: Mon, 26 Oct 2020 14:31:08 GMT
server: Apache
etag: "1da72-5b293c7fed645-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: AKvkTPFCWlchFHQ_rogWVIIxXCobjlzZlL_813Wx0Do28yiLbE1_PQ==

GET
H2 200 bootstrap-theme.min.css
ssl.omnihotels.com/js/om3/bootstrap3/css/ 23 KB
3 KB 26ms
24ms Stylesheet
text/css 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/js/om3/bootstrap3/css/bootstrap-theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

cfc0ccdf866ee5b0d01a5e224c253142fb3f1162a65a56b10212e32924a6216e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 2776
last-modified: Mon, 26 Oct 2020 14:31:08 GMT
server: Apache
etag: "5b74-5b293c800ae8b-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Aj-ZoKEN-_tttwLf9GNJmEYgsvE2VyyGN0ZYVBfq0he7ertTKFWbeA==

GET
H2 200 jquery.min.js Show response
ssl.omnihotels.com/js/jquery3/ 85 KB
30 KB 29ms
27ms Script
application/javascript 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/js/jquery3/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:32 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 206
x-cache: Hit from cloudfront
content-length: 30307
last-modified: Tue, 18 Dec 2018 14:07:45 GMT
server: Apache
etag: "1538f-57d4c6bec397d-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: CNO6B_9bTi1xDFK1oHscK-XSheH4LnvHWoOeyj6Qnu98CrxefeVvsg==

GET
H2 200 booking-global.css
ssl.omnihotels.com/css/om3/usablenet/ 3 KB
1 KB 26ms
24ms Stylesheet
text/css 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/usablenet/booking-global.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

5e253f3fe59706d941b1543978d621ccfdc3d73d2dd9ce4e6fe8b7f314cc9bfc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 988
last-modified: Mon, 26 Oct 2020 14:31:08 GMT
server: Apache
etag: "b2b-5b293c7feb704-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: XkLaAbg9rBS69g8wsfv5i-e_Z1Js2SzWA2qAbo2RHUoLr5YDxKJylA==

GET
H2 200 font-awesome.min.css
ssl.omnihotels.com/css/om3/font-awesome/ 30 KB
7 KB 21ms
19ms Stylesheet
text/css 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/font-awesome/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 7053
last-modified: Thu, 11 Jan 2018 08:20:08 GMT
server: Apache
etag: "7918-5627bd0dd99bd-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Dro8nNsNazeLsONPBA01W83OiJ2HrqtqwVU7BJyGv3VZsGGKqFbu9Q==

GET
H2 200 ssl2.css
ssl.omnihotels.com/css/om3/ 13 KB
4 KB 30ms
28ms Stylesheet
text/css 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/ssl2.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

21c5a26a772d63ea53c2b4e4a0e19ffa6a64387ec4661b76d49c91d2a81d4dda

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:07 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 205
x-cache: Hit from cloudfront
content-length: 3545
last-modified: Mon, 26 Oct 2020 14:30:27 GMT
server: Apache
etag: "34b7-5b293c58b5952-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: gZ7_G8u_6zab1ikZ-BVRJHWaBW3Vj5_NN4974PZ-QTPihqZqKkC-Fw==

GET
H2 200 arked-main.css
ssl.omnihotels.com/css/om3/usablenet/ 23 KB
6 KB 27ms
26ms Stylesheet
text/css 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/usablenet/arked-main.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

cededece3b690e20fd3d01dafd4684e3690cc510583f476fedc7dd509e31c07a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 5764
last-modified: Tue, 17 Nov 2020 18:08:34 GMT
server: Apache
etag: "5c79-5b45162142ee1-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: PtT3t0ao-L5PFBMp8SMljOihiq_pAQ7P4WtT7_Fvh68gzGvuufHXog==

GET
H2 200 arke.css
ssl.omnihotels.com/css/om3/ 50 KB
7 KB 32ms
32ms Stylesheet
text/css 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/arke.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

0aa424e8bfcc06d6e537e84a61f068b1b15b7cab48839eeb3075909a249a7020

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 6541
last-modified: Wed, 30 Jun 2021 13:23:46 GMT
server: Apache
etag: "c827-5c5fba1d9aa64-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: zAaD5xlIONmojhUxUUvMarhhv3xB16DisrNQGJYLQBS7YnFTBoV3oA==

GET
H2 200 omni-hotels-select-guest-white
www.omnihotels.com/-/media/images/selectguest/ 110 KB
110 KB 253ms
185ms Image
image/png 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.omnihotels.com/-/media/images/selectguest/omni-hotels-select-guest-white

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-5.fra50.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

b60760bdfcc23fea8d502e82b920d55680acdeaa229cf290791efab974b923eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:32 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-disposition: inline; filename="omni-hotels-select-guest-white.png"
content-length: 112180
x-ua-compatible: IE=edge
last-modified: Tue, 03 Dec 2019 15:53:53 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/png
cache-control: private, max-age=604800
accept-ranges: bytes
access-control-allow-headers: content-type, accept
x-amz-cf-id: XHOocLX8BLBvgny_MeWapz1fJ9UmVGQ7kVr6V6CH3IKji1oop9R3jg==
expires: Thu, 30 Jun 2022 18:24:32 GMT

GET
H2 200 account_icon.svg
www.omnihotels.com/assets/css/img/ 1 KB
1 KB 74ms
9ms Image
image/svg+xml 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.omnihotels.com/assets/css/img/account_icon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-5.fra50.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

dbf877e58bb3aeffa3a8d343858194b8830c743f2f69876b38bbb8d487a69ce0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 04:16:03 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 50909
x-cache: Hit from cloudfront
x-ua-compatible: IE=edge
access-control-allow-origin: *
last-modified: Mon, 11 Apr 2022 18:13:13 GMT
server: Microsoft-IIS/8.5
etag: W/"80c2c4cecf4dd81:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: content-type, accept
x-amz-cf-id: bdBcsN_hY0utVvPmiQ4_NyQhUPM77CfhyrtxQBx4wqM4gf95fSboLw==

GET
H2 200 iconHibiscus.png
ssl.omnihotels.com/images/om3/ 2 KB
2 KB 18ms
16ms Image
image/png 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.omnihotels.com/images/om3/iconHibiscus.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

f7817b1b319bff0940b21ce3ca187c54027386b508044a7057e7bed8c2b261b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:10:38 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2018 08:01:35 GMT
server: Apache
age: 834
etag: "635-5627b8e8e561f"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1589
x-amz-cf-id: 8-sTawn6BRFjt-6bc7or8n_B-kU9xgbft1hBx_miCMEhXU6w--dvlA==

GET
H2 200 sign-in-page.jpg
www.omnihotels.com/~/media/images/selectguest/ 99 KB
99 KB 559ms
505ms Image
image/jpeg 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.omnihotels.com/~/media/images/selectguest/sign-in-page.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-5.fra50.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

aa726b02d3080d0e7ce8b799bd3f95ff80467457e190b05d2561cc8c6fa8f6b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:32 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-disposition: inline; filename="sign-in-page.jpg"
content-length: 101132
x-ua-compatible: IE=edge
last-modified: Wed, 08 Jun 2022 21:22:48 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/jpeg
cache-control: private, max-age=604800
accept-ranges: bytes
access-control-allow-headers: content-type, accept
x-amz-cf-id: POuLuAfUsyEA7TxQ8TsNSb8hB0QOfx5RFiM-EUA14X-cInQr8GKe5g==
expires: Thu, 30 Jun 2022 18:24:32 GMT

GET
H2 200 loading.gif
ssl.omnihotels.com/images/om3/ 5 KB
5 KB 18ms
16ms Image
image/gif 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.omnihotels.com/images/om3/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

748533f53846b130f62213b847ce93de7581faa93c3b886958fbc1537957e46f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:10:38 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2018 08:20:08 GMT
server: Apache
age: 834
etag: "1237-5627bd0de265d"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4663
x-amz-cf-id: g50KrIWXUnKQr3T2Wr176lnmUaXiHZNIpHTN_4zU2_BtevavJbED-g==

GET facebook.png
www.omnihotels.com/-/media/digex/social/ 0
0

GET
H2 200 youtube.png
www.omnihotels.com/-/media/digex/social/ 3 KB
3 KB 67ms
14ms Image
image/png 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.omnihotels.com/-/media/digex/social/youtube.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-5.fra50.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

0830e7874cce1ec2b27978ca6f6927514643e3140b2ac90231e9f3c01d953b80

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:32 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
age: 762
x-cache: Hit from cloudfront
content-disposition: inline; filename="YouTube.png"
content-length: 2983
x-ua-compatible: IE=edge
last-modified: Wed, 24 Jul 2019 00:13:12 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/png
cache-control: private, max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: content-type, accept
x-amz-cf-id: hbM3SpQjgOU0UVrOLJmAiA5yJs1FPID-RLnRlZZtjBvYvFpBrZkIDQ==
expires: Thu, 30 Jun 2022 18:11:49 GMT

GET twitter.png
www.omnihotels.com/-/media/digex/social/ 0
0

GET
H2 200 pinterest.png
www.omnihotels.com/-/media/digex/social/ 3 KB
3 KB 474ms
473ms Image
image/png 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.omnihotels.com/-/media/digex/social/pinterest.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-5.fra50.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

1b530072d3cbe0662a11fdc9516d5c2b40e168eebeb314faf95393f879eb026f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:32 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-disposition: inline; filename="Pinterest.png"
content-length: 2650
x-ua-compatible: IE=edge
last-modified: Wed, 24 Jul 2019 00:12:56 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/png
cache-control: private, max-age=604800
accept-ranges: bytes
access-control-allow-headers: content-type, accept
x-amz-cf-id: NNBvNAqH4PVnVDzlvTIA6nNX7DsIA-pN1osHJrUcT1A_t0JxTg2yZQ==
expires: Thu, 30 Jun 2022 18:24:32 GMT

GET
H2 200 instagramicon2.png
www.omnihotels.com/-/media/images/icons/ 1 KB
2 KB 27ms
26ms Image
image/png 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.omnihotels.com/-/media/images/icons/instagramicon2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-5.fra50.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

730d219f570bf42425ba1d5839fbfd7c553c4d09a82afc361b58f8b678b70aeb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:28 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
age: 184
x-cache: Hit from cloudfront
content-disposition: inline; filename="InstagramIcon2.png"
content-length: 1116
x-ua-compatible: IE=edge
last-modified: Thu, 03 Oct 2019 14:46:07 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/png
cache-control: private, max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: content-type, accept
x-amz-cf-id: 023rQuVwEmZJi6tB7PIUuYJO89josiqlmpzwKNKYB-i7kYEoAhcJNg==
expires: Thu, 30 Jun 2022 18:21:28 GMT

GET
H2 200 omni.js Show response
d1n00d49gkbray.cloudfront.net/js/ 76 KB
26 KB 48ms
9ms Script
application/javascript 2600:9000:2156:7e00:9:7c30:be80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1n00d49gkbray.cloudfront.net/js/omni.js
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:9:7c30:be80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2c0e1aebf907b85c8790c7910529e00521037df698079cef17489cd7ff37a97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 22 Jun 2022 23:13:11 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 21:46:51 GMT
server: AmazonS3
age: 69082
etag: W/"ba07639de361d72b2d682bae718f1dd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: UKgwtaOgohRi53SBv_KYuUM0SS730YAz
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yax2fid2bxXUaeSTm-aG9cfb1_2b9RrxJeVQU0ET8tkB6EJxkS5IJg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 602 KB
114 KB 126ms
89ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P94FLW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bfc8bf9713f6ff38443b76d7da5deed214d9461128ecd11319ee804e4c68326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116054
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 18:24:32 GMT

GET
H2 200 GothamBookRegular.otf
ssl.omnihotels.com/css/om3/fonts/ 29 KB
16 KB 22ms
21ms Font
application/x-font-otf 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/fonts/GothamBookRegular.otf

Requested by

Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/css/om3/usablenet/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

30cf61509fb1a5405caf7ed1a872068936c72f69bf0cf5d9ae50ae418552e3bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ssl.omnihotels.com/css/om3/usablenet/fonts.css
Origin: https://ssl.omnihotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:07 GMT
content-encoding: gzip
last-modified: Thu, 11 Jan 2018 08:20:08 GMT
server: Apache
age: 205
x-frame-options: SAMEORIGIN
etag: "733c-5627bd0dda95d-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-font-otf
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 16036
x-amz-cf-id: BN22VKWVczTwJ1djAflXt4npXvH9pO_WhP07OrAy6U-skZYCllYBOA==

GET
H2 200 ArquitectaW04-Bd.woff2
ssl.omnihotels.com/css/om3/fonts/ 64 KB
64 KB 18ms
17ms Font
application/octet-stream 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/fonts/ArquitectaW04-Bd.woff2

Requested by

Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/css/om3/usablenet/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

22ea9e8de73d9c75f388acb6be4db2e1dbe153bb39e248c6b9a2272387f92e50

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ssl.omnihotels.com/css/om3/usablenet/fonts.css
Origin: https://ssl.omnihotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 17:55:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 22 Aug 2019 11:04:52 GMT
server: Apache
age: 1721
etag: "10150-590b2a8b321f0-gzip"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 1i_snEs7JZ_sWixPBTS1o8foD-4dmG4qRkaGoS7TB3ZdFO5q8D37Qg==

GET
H2 200 lineThrough.png
ssl.omnihotels.com/images/om3/ 965 B
1 KB 17ms
15ms Image
image/png 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.omnihotels.com/images/om3/lineThrough.png

Requested by

Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/css/om3/ssl2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

1d6a33ad1ba88ce5a28637b82db9475f28d06d85de54b20348252479f44b4ecf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/css/om3/ssl2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 17:55:53 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2018 08:20:48 GMT
server: Apache
age: 1719
etag: "3c5-5627bd3423899"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 965
x-amz-cf-id: lRTpamxAVgdrGfYUaHRJ3DikSuCVVsZUffKqYqvOPUZGkveOzs_0Fg==

GET
H2 200 fontawesome-webfont.woff2
ssl.omnihotels.com/css/om3/fonts/ 75 KB
76 KB 23ms
21ms Font
application/octet-stream 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/css/om3/font-awesome/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ssl.omnihotels.com/css/om3/font-awesome/font-awesome.min.css
Origin: https://ssl.omnihotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:07 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 11 Jan 2018 08:05:14 GMT
server: Apache
age: 205
etag: "12d68-5627b9b9bfe2c-gzip"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: GWxG1w_yFZWQroJzjpGJff8rN33Tpk8FhNDjxVeWZF-txbBTCOWukA==

GET
H2 200 LTCGoudyOldstyleW05-Regular.woff2
ssl.omnihotels.com/css/om3/fonts/ 61 KB
61 KB 17ms
16ms Font
application/octet-stream 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/fonts/LTCGoudyOldstyleW05-Regular.woff2

Requested by

Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/css/om3/usablenet/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

7b32c59725175b8f92cbbaf27ff1554c6a906a7ac99ff5965ed48f8926c7d29a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ssl.omnihotels.com/css/om3/usablenet/fonts.css
Origin: https://ssl.omnihotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:00:10 GMT
content-encoding: gzip
last-modified: Thu, 22 Aug 2019 11:04:51 GMT
server: Apache
age: 1462
x-frame-options: SAMEORIGIN
etag: "f2c0-590b2a8a78dfc-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 62172
x-amz-cf-id: 4V7mIBEg-E9QfqljzlO4wBHw_r80Xb3bXFsJuaS21QgfPhJgxMILxg==

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 19 KB
5 KB 206ms
11ms Script
text/javascript 2600:9000:2156:4a00:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4a00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 17:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2967
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4567
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: phq-7yS50R4HgpE0PjtSescqcf6GjQJkixZeBxrj3lsaI-x9hbAx1A==
expires: Thu, 23 Jun 2022 18:35:04 GMT

GET
H2 200 omni-menu-logo.png
ssl.omnihotels.com/images/om3/ 9 KB
10 KB 16ms
14ms Image
image/png 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.omnihotels.com/images/om3/omni-menu-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

503b04691b06ad292b016be7db745ea2a2e8a477d1024fabda07f18300dbef78

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:06 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Thu, 22 Aug 2019 11:04:52 GMT
server: Apache
age: 206
etag: "24de-590b2a8b34130"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9438
x-amz-cf-id: 7rH4mD1QFKvWlhkvJ9ylrX8J5CTMxEpN9o5DhLjXDLJM_0KAiPCM-w==

GET
H2 200 bootstrap.min.js Show response
ssl.omnihotels.com/js/om3/bootstrap3/js/ 37 KB
10 KB 15ms
13ms Script
application/javascript 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/js/om3/bootstrap3/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 10036
last-modified: Mon, 26 Oct 2020 14:31:08 GMT
server: Apache
etag: "92e8-5b293c7ff1e53-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 1IeR8rpYA4VueRoMua8xrqGGciKgHAWArlVzpcoOoYkm6JxyBap7rA==

GET
H2 200 moment.min.js Show response
ssl.omnihotels.com/js/om3/vendor/ 50 KB
17 KB 16ms
14ms Script
application/javascript 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/js/om3/vendor/moment.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 17024
last-modified: Thu, 11 Jan 2018 08:01:33 GMT
server: Apache
etag: "c909-5627b8e6c618f-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 7vYDf_v5djrYiNYPoB298hEz2InnFeyB3xsN4TCTMW82eUrgjpCCxA==

GET
H2 200 accessible-slick.min.js Show response
ssl.omnihotels.com/js/om3/vendor/ 43 KB
11 KB 16ms
15ms Script
application/javascript 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/js/om3/vendor/accessible-slick.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

4c53bd4fb46505b90b10e21b4c6e477a14abb0ed61eab0a7b44ee0c351de5b5a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 10466
last-modified: Tue, 25 May 2021 14:35:23 GMT
server: Apache
etag: "aa39-5c3286fb64436-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: ZSHJRa2L1g1IF-I4jF0B3gDyPmtNof-oAsA1pGO8cPyOykrFzOdb-g==

GET
H2 200 plp.js Show response
ssl.omnihotels.com/js/om3/vendor/ 32 KB
8 KB 18ms
16ms Script
application/javascript 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/js/om3/vendor/plp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

37c4be258a68d8b392bce3a464145c52dc34bd8f0756e6b4fad007c09b36120e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 7543
last-modified: Tue, 09 Nov 2021 16:02:44 GMT
server: Apache
etag: "8122-5d05d3d71d48f-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: UorWsjBvGFW8E6i2ujW5q3gDtIetAFb2Snsr3hkFHUPousg9xDomlg==

GET
H2 200 main.js Show response
ssl.omnihotels.com/js/om3/ 3 KB
1 KB 19ms
18ms Script
application/javascript 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/js/om3/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

c8e0b472171087f9a8f8d7c36a84500ff6ac1300bf4026dd36f364e9217a6edb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 971
last-modified: Wed, 09 Feb 2022 16:30:33 GMT
server: Apache
etag: "c30-5d7985a535b3c-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: cqG6YEPjHVRXevD_9S5iIBlBKhGmpiYk8ZGV5BPwfsa-Fx3eqNIzag==

GET
H2 200 jquery.mark.min.js Show response
ssl.omnihotels.com/js/om3/vendor/ 16 KB
6 KB 18ms
17ms Script
application/javascript 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/js/om3/vendor/jquery.mark.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

d62611ebf06cf82add515782a4299be09718556bef094120a5253b1d2e7186c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 5629
last-modified: Thu, 11 Jan 2018 08:01:33 GMT
server: Apache
etag: "40c4-5627b8e6c618f-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 4YSrTE40H75VsIqWdNG50YoBVvaQKUYig3uTCj_xn7W5Gp4pW-p5cA==

GET
H2 200 ssl.js Show response
ssl.omnihotels.com/js/om3/ 4 KB
2 KB 19ms
19ms Script
application/javascript 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/js/om3/ssl.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

4ec91d6d6b2b6fbe100ea2018f7c7acca7ae03559dcd8bcfa5c0417a7fb1ffde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:21:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 210
x-cache: Hit from cloudfront
content-length: 1354
last-modified: Thu, 05 May 2022 14:27:36 GMT
server: Apache
etag: "1037-5de448b1d4a3a-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: DZXvzAPxKZJNJcOkl4q1xLHmx9xY9rnRNGBPoJNLTEM2z-fUoYlVuQ==

GET
H2 200 ArquitectaW04-Bk.woff2
ssl.omnihotels.com/css/om3/fonts/ 66 KB
65 KB 34ms
14ms Font
application/octet-stream 143.204.89.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.omnihotels.com/css/om3/fonts/ArquitectaW04-Bk.woff2

Requested by

Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/css/om3/usablenet/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-15.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

65d1463c45255ff182b9ac12abcbf638d81713bcad608d27ec5a682d3b22098e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ssl.omnihotels.com/css/om3/usablenet/fonts.css
Origin: https://ssl.omnihotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 17:55:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 22 Aug 2019 11:04:52 GMT
server: Apache
age: 1721
etag: "1077c-590b2a8b33190-gzip"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 1A4dEYGVX3XCdATJp2ZU9m3yckb9gTEn5hfmLokgit7FIIwrXMY_oQ==

GET
H2

200

activityi;dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%... Show response
8703439.fls.doubleclick.net/ Frame 766B
Redirect Chain

https://8703439.fls.doubleclick.net/activityi;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DS...
https://8703439.fls.doubleclick.net/activityi;dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.o...

1 KB
785 B

22ms
18ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8703439.fls.doubleclick.net/activityi;dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P94FLW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ae70997090041f2e7ac3cb19c7aa71d0ae3e5b6c0811ba90d7bbac5b2a9652fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 608
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 18:24:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 18:24:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8703439.fls.doubleclick.net/activityi;dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%2... Show response
2908977.fls.doubleclick.net/ Frame 882C
Redirect Chain

https://2908977.fls.doubleclick.net/activityi;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI...
https://2908977.fls.doubleclick.net/activityi;dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.om...

1 KB
776 B

29ms
26ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2908977.fls.doubleclick.net/activityi;dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P94FLW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

cb9d427092ab51585eb2729cce8407a274daeacf82496b514e095a9b9e7203c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 599
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 18:24:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 18:24:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://2908977.fls.doubleclick.net/activityi;dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 104ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P94FLW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5725
date: Thu, 23 Jun 2022 16:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 23 Jun 2022 18:49:07 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 112ms
16ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P94FLW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=59886
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 106ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: p+dNPqUdxRnd6r7D4KEsenFtkcpRxXyd3ctAan9KtSl/WH7aN9R4y1xPokrJ+zTru+aLcs5z4Arv0bZjtxkabg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 18:24:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 146ms
57ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 9YJ76QP6F2KJYEGK
x-amz-id-2: mWXPRksQ0QwiPRwqbu12QWu4qiBgLppmQ4o31RBNRWlmWdYiPrqC57euFzmy73ad7DQiTeJc6GU=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 207ms
112ms Script
application/javascript 2a02:26f0:6c00:28d::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame C58C
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D42b83a30-4040-ad54-bcef-bc7c19f08dc0%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.omnihotels.com/&ex-hargs=v%3D1.0%3Bc%3D25315087...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D42b83a30-4040-ad54-bcef-bc7c19f08dc0%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.omnihotels.com/&ex-hargs=v%3D1.0%3Bc%3D25315087...

940 B
2 KB

182ms
165ms

Document
text/html

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D42b83a30-4040-ad54-bcef-bc7c19f08dc0%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.omnihotels.com/&ex-hargs=v%3D1.0%3Bc%3D2531508700701%3Bp%3D42B83A30-4040-AD54-BCEF-BC7C19F08DC0&cb=173163887171366800&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

dd602dc5ccdcea07c0fb5688be167ffb0d451708b02d5cab532a7b2f226c2c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssl.omnihotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 940
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 23 Jun 2022 18:24:33 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: JE2ZXS8H78X6YNMH3D20

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 23 Jun 2022 18:24:33 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D42b83a30-4040-ad54-bcef-bc7c19f08dc0%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.omnihotels.com/&ex-hargs=v%3D1.0%3Bc%3D2531508700701%3Bp%3D42B83A30-4040-AD54-BCEF-BC7C19F08DC0&cb=173163887171366800&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: RRY9NE46XE3C6R7ECE9Q

GET
H2 200 xyz.js Show response
getrockerbox.com/assets/ 46 KB
10 KB 342ms
249ms Script
application/javascript 104.21.58.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/assets/xyz.js
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda439ff213c7bc22c13d3a1c74db46d55bd9d16aeb725ee37a9a27c24c0fdfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN6dXhgaxVC%2BSEa1wpDK4nBHkeU92uXDUxp9V%2BPgGa6NxbDtN3Qu1VYherF97Oks4tjZ9J6DmbNBXJ1LnbQqt3TZeSaYDF0ZZcQVSsZgi18pBvnyWFMp19mGTdW%2FP0CHQcBT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 71ff42dd08c5b968-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 17 KB
6 KB 128ms
30ms Script
application/javascript 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P94FLW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7fc4e7e24bdfb9955a95e4ff4904f160455ff3ff48fd88aead4bad5153ba0a67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Thu, 23 Jun 2022 18:24:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 07:41:03 GMT
Server: AmazonS3
x-amz-request-id: 8PQNK1VCV7GN975Y
ETag: "a483ab54f15ef5b4755923baf02b68cb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=296
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5706
x-amz-id-2: 2wk7ipVCtLQYwH7fCZEJ1wPx6x0QD/pfs30lsNdPGZa5JBcAbHaO7k0EXFo1p33LjZdjhr47OMA=

GET
H/1.1 200
OK 44641 Show response
cdn.bttrack.com/universal/ 3 KB
3 KB 141ms
31ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/universal/44641
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P94FLW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 4f86eec5dbec516431f6ff8c11596f1d6a0f878f2b40193fb82d7e401e0edac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:32 GMT
Cache-Control: max-age=782
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2716
X-HW: 1656008672.dop107.lo4.t,1656008672.cds064.lo4.shn,1656008672.dop107.lo4.t,1656008672.cds313.lo4.c
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK 621d00ad5354be28613fa21c Show response
go.affec.tv/j/ 662 B
1 KB 163ms
41ms Script
application/javascript 46.137.177.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/j/621d00ad5354be28613fa21c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P94FLW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.177.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-177-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5a964a8d4d0a80feda96413b3332966fea98bf48dd6019979bd5a3d7ebb2e126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
Cache-Control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 427
Expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 72ms
17ms Script
application/x-javascript 143.204.94.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P94FLW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-161.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 21:21:36 GMT
Via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 75777
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: FytzNJ-yKa_Mvm5HEDGpl58vc2gpDGTaHLyfNbaYlnzxsqrEbE949w==

GET
H2 200 collect.js Show response
514012238.collect.igodigital.com/ 8 KB
2 KB 351ms
112ms Script
application/javascript 54.175.67.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://514012238.collect.igodigital.com/collect.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P94FLW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.67.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-67-42.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 14:12:09 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 69 KB
21 KB 95ms
20ms Script
application/javascript 2.21.20.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073747411
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 38340c81a6abf327da0789e6e28c7d7692d0790d94a60108199264a0b9363237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:32 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 09:49:46 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"c3f5cc14f2d6d25cdb126fd97705e667"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21256
x-amz-cf-id: 0hFfZXffhrhWkEtgqVT8i8ZvyARA41bajxcnYCB_lZ7zF7byQvM8jg==

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/ssl.omnihotels.com/ 171 B
966 B 658ms
174ms XHR
application/json 52.92.195.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/ssl.omnihotels.com/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.195.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 037007ec7765412b5078a8550c5f77c549a550c156be35a528ea68452ad3fd65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:34 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: JFRP70TX472K6T23
x-amz-replication-status: COMPLETED
Content-Length: 152
x-amz-id-2: +G4UqnxhW7jre2MZWfDcGpM90YRw5mm58M5AmDSXyLbj61j+xRFl2HIkMFYzNW6wZJ7fyBiKr/U=
Last-Modified: Mon, 20 Jun 2022 11:56:37 GMT
Server: AmazonS3
ETag: "fb8a129acbca986e39757209a6fecbfc"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: NwsGwQW.vz6oMV8stDk8csU6C8lXwT2X
Access-Control-Allow-Origin: https://ssl.omnihotels.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/ssl.omnihotels.com/ 171 B
966 B 683ms
192ms XHR
application/json 52.92.195.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/ssl.omnihotels.com/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.195.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 037007ec7765412b5078a8550c5f77c549a550c156be35a528ea68452ad3fd65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:34 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: JFRZX3XM6CTWW8K1
x-amz-replication-status: COMPLETED
Content-Length: 152
x-amz-id-2: 9jMN6qg3ubdBFY/KdSw/Y3vyYs7UPYtfs26pgzQ07ik6lpk3PdKHrC9aaaepLuwWhGfryiCkQrM=
Last-Modified: Mon, 20 Jun 2022 11:56:37 GMT
Server: AmazonS3
ETag: "fb8a129acbca986e39757209a6fecbfc"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: NwsGwQW.vz6oMV8stDk8csU6C8lXwT2X
Access-Control-Allow-Origin: https://ssl.omnihotels.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1656008672818&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Futm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26sfmc_acti...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3868034%26time%3D1656008672818%26url%3Dhttps%253A%252F%252Fssl.omnihotels.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1656008672818&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Futm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26sfmc_acti...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1656008672818&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Futm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26sfmc_act...

0
265 B

418ms
211ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1656008672818&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Futm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26utm_content%3D126363%26utm_medium%3Demail%26utm_source%3Dsfmc%26sfmc_id%3D4699648%26ref_pagesrc%3D%26ref_pagedst%3D%26pagesrc%3DSI%26pagedst%3DSI%26utm_term%3D&liSync=true&e_ipv6=AQI5ACIdKdmYYQAAAYGRzwmDRJLf2crvRyhQmW89CKblnIFfye1cK0u8nVFIgqUV9HIAPT4Tkw
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B4817A198E174804AEBAE4C22EE123C3 Ref B: VIEEDGE2121 Ref C: 2022-06-23T18:24:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiIZDDUI03KAljuV1S9Q==
x-li-fabric: prod-lor1

Redirect headers

date: Thu, 23 Jun 2022 18:24:33 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E541A4100852487E8BBB06936AC504E9 Ref B: VIEEDGE1612 Ref C: 2022-06-23T18:24:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3868034&time=1656008672818&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Futm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26utm_content%3D126363%26utm_medium%3Demail%26utm_source%3Dsfmc%26sfmc_id%3D4699648%26ref_pagesrc%3D%26ref_pagedst%3D%26pagesrc%3DSI%26pagedst%3DSI%26utm_term%3D&liSync=true&e_ipv6=AQI5ACIdKdmYYQAAAYGRzwmDRJLf2crvRyhQmW89CKblnIFfye1cK0u8nVFIgqUV9HIAPT4Tkw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiIZC81yhPS2OrjbXtQA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 33ms
30ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1093465189&t=pageview&_s=1&dl=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Select%20Guest%20Sign-In%20%7C%20Omni%20Hotels%20%26%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=749242228&gjid=1683024915&cid=713303023.1656008673&tid=UA-27724367-1&_gid=1500868592.1656008673&_r=1&gtm=2wg6f0P94FLW&z=349553439

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ssl.omnihotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ssl.omnihotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-33986005-1&cid=713303023.1656008673&jid=697156397&gjid=1393100647&_gid=1500868592.1656008673&_u=YGDAiEABBAAAAG~&z=1923834639

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ssl.omnihotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Jun 2022 18:24:32 GMT
content-type: text/plain
access-control-allow-origin: https://ssl.omnihotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 27ms
26ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1093465189&t=pageview&_s=1&dl=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&dp=%2Fselect-guest%2FSI&ul=en-us&de=UTF-8&dt=Select%20Guest%20Sign-In%20%7C%20Omni%20Hotels%20%26%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAC~&jid=697156397&gjid=1393100647&cid=713303023.1656008673&tid=UA-33986005-1&_gid=1500868592.1656008673&gtm=2wg6f0P94FLW&z=1913217913

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 01:04:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62389
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1237086486375637 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 296ms
293ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1237086486375637?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e925fe3f66634a87c42bf2461d64fcbda50327a963087c52f657817fe4ea3edb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: vk39Gyi6qcV+v8LhNYWiJPjq4hAHcBnbBQ/rMNtrHalY2mllyfWFZQOZpAPm1QM/EoFPR8ooFoJuRLuqrwhsZg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 18:24:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656008673152
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10139944.json Show response
s.yimg.com/wi/config/ 46 B
687 B 57ms
29ms XHR
application/octet-stream 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10139944.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f20a3917eb3aabaac6696b91b209379aa80937ccbc5346fa8bf68be407c09222

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:44:10 GMT
x-content-type-options: nosniff
age: 6023
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 6AZNS6Z6AQ36HWEG
x-amz-id-2: tTGD2+BMMGxOK/x3vzZyChWLRGM+aDgwfg7gnkkgezhHi/pyPkYGAWcyV1gM9poZ712OSEblxWQ=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sun, 11 Sep 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 06 Aug 2021 04:48:32 GMT
server: ATS
etag: "9e6db3a5696b5715edbac24633e0ccb7"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: GydqhQSWKSvmoedUJTdALZVDdGXpGyWF
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 85 B
433 B 176ms
69ms Fetch
application/json 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&advertiser_id=31741
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cca1972bbb2ff90e0188221c50a24f44a13a246088f1f82516ee7ead7fb8fad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:33 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ssl.omnihotels.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 85
Expires: Thu, 23 Jun 2022 18:24:33 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?gdpr=&gdpr_consent=&id=1570877&order_id=%5BORDER_ID%5D&seg=29621998&t=1&value=%5BREVENUE%5D
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1570877%26order_id%3D%255BORDER_ID%255D%26seg%3D29621998%26t%3D1%26value%3D%255BREVENUE%255D

0
1015 B

239ms
221ms

Script
application/javascript

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1570877%26order_id%3D%255BORDER_ID%255D%26seg%3D29621998%26t%3D1%26value%3D%255BREVENUE%255D

Requested by

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:33 GMT
X-Proxy-Origin: 193.27.14.37; 193.27.14.37; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2f1ed10e-926f-4e4b-8752-30997e283611
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:33 GMT
X-Proxy-Origin: 193.27.14.37; 193.27.14.37; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a04bec22-ca75-461e-9bd5-54b150bfe270
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1570877%26order_id%3D%255BORDER_ID%255D%26seg%3D29621998%26t%3D1%26value%3D%255BREVENUE%255D
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
go.affec.tv/per/ 855 B
1 KB 38ms
37ms Script
application/javascript 46.137.177.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/per/?gdpr=&gdpr_consent=&k=f6372266-fde2-4ec5-8c32-8bab26ee4edb&p=4f36e5fd-8df3-411b-bf83-4d9d958da17e
Requested by: Host: go.affec.tv
URL: https://go.affec.tv/j/621d00ad5354be28613fa21c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.177.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-177-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0f623bc2f5b56e73f92a71d841f035bd16150027a8c37b2162f53edc7ee27116

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
Cache-Control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 552
Expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H/1.1

204
No Content

1564376606577479981 Show response
map.go.affec.tv/map/an/
Redirect Chain

https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D62b4afe1da342e00017822ed%26chc%3Daf%26floc%3D%26redirect_url%3D
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D62b4afe1da342e00017822ed%2526chc%253Daf%2526floc%253D%2526redirect_url%253D
https://map.go.affec.tv/map/an/1564376606577479981?ch=62b4afe1da342e00017822ed&chc=af&floc=&redirect_url=

0
591 B

33ms
33ms

Script
text/html

54.228.196.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://map.go.affec.tv/map/an/1564376606577479981?ch=62b4afe1da342e00017822ed&chc=af&floc=&redirect_url=
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: HTTP/1.1
Server: 54.228.196.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-196-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:33 GMT
X-Proxy-Origin: 193.27.14.37; 193.27.14.37; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d4f9dded-2744-45ca-bd3d-82b794c37e81
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://map.go.affec.tv/map/an/1564376606577479981?ch=62b4afe1da342e00017822ed&chc=af&floc=&redirect_url=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%... Show response
adservice.google.com/ddm/fls/i/ Frame 3AF8 1 KB
1 KB 102ms
47ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail

Requested by

Host: 8703439.fls.doubleclick.net
URL: https://8703439.fls.doubleclick.net/activityi;dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b376828bc31d01c21207ce9e299f1d1ca4bb7b5bcb2ead0b1c0fd519a4947cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8703439.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 609
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 18:24:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 26ms
22ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27724367-1&cid=713303023.1656008673&jid=749242228&gjid=1683024915&_gid=1500868592.1656008673&_u=YEBAAEAAAAAAAC~&z=1903383922

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ssl.omnihotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Jun 2022 18:24:32 GMT
content-type: text/plain
access-control-allow-origin: https://ssl.omnihotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3... Show response
adservice.google.com/ddm/fls/i/ Frame 05B8 1 KB
669 B 93ms
48ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail

Requested by

Host: 2908977.fls.doubleclick.net
URL: https://2908977.fls.doubleclick.net/activityi;dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac95caf6f49e32fbce0d0fb95056dfd49691830fe768df25051d13cc8a7372ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2908977.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 599
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 18:24:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 32ms
7ms Script
application/javascript 2a02:26f0:6c00:28d::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 1073747411 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/1/ 4 KB
1 KB 355ms
289ms XHR
application/octet-stream 2.21.20.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/1/1073747411
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073747411
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-161.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 5815d432d80be9326fed83c4723e9aa4cbeb050b0060cc08d1e8d64a573e7c80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 1.VbHUW2eOhm3_J9u9ESvqgFIwmpUEyU
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 18:28:32 GMT
server: ATS/7.1.0
x-amz-request-id: 2AEF6NDADKNKCAK7
etag: "999e6d91178c56d691d91791480fa28b"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=385
date: Thu, 23 Jun 2022 18:24:33 GMT
accept-ranges: bytes
content-length: 906
x-amz-id-2: uKMsFtqZplpsid7jB9sXRNQf9VaHH/1Ln0nOCVaVv94/jvc6laP+lHkBDg983k+4+3xEF+lM3KA=

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 96ms
43ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27724367-1&cid=713303023.1656008673&jid=749242228&_u=YEBAAEAAAAAAAC~&z=1317818807

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 293ms
240ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27724367-1&cid=713303023.1656008673&jid=749242228&_u=YEBAAEAAAAAAAC~&z=1317818807

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 88ms
44ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-33986005-1&cid=713303023.1656008673&jid=697156397&_u=YGDAiEABBAAAAG~&z=1276201435

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 89ms
45ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-33986005-1&cid=713303023.1656008673&jid=697156397&_u=YGDAiEABBAAAAG~&z=1276201435

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 123ms
35ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2023%20Jun%202022%2018%3A24%3A32%20GMT&n=0&b=Select%20Guest%20Sign-In%20%7C%20Omni%20Hotels%20%26%20Resorts&.yp=10139944&f=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:33 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 23 Jun 2022 18:24:33 GMT

GET
H2 200 4f36e5fd-8df3-411b-bf83-4d9d958da17e-async.js Show response
cdn.permutive.com/ 217 KB
59 KB 99ms
51ms Script
application/javascript 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/4f36e5fd-8df3-411b-bf83-4d9d958da17e-async.js
Requested by: Host: go.affec.tv
URL: https://go.affec.tv/per/?gdpr=&gdpr_consent=&k=f6372266-fde2-4ec5-8c32-8bab26ee4edb&p=4f36e5fd-8df3-411b-bf83-4d9d958da17e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df2484a3c0a9b38125cdce7e5a8aa756e00cd676c1c1e49181b05619a43f2b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 4f36e5fd-8df3-411b-bf83-4d9d958da17e
age: 2583
x-guploader-uploadid: ADPycdvIS4S1cyE7bdSvtqpjUDUiqI_KCzbDnQZpVZKEvg-q798sDlCse3seLc-ZDC_FYYC_jDma3wMgm1T7E03sEJ5zEQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 09 Jun 2022 15:46:10 GMT
server: cloudflare
etag: W/"313fdcd347e1a2d8d74f5e68b0038937"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=qBdUrQ==, md5=MT/c00fhotjXT15osAOJNw==
x-goog-generation: 1654789570066112
cache-control: public, max-age=900
x-goog-stored-content-length: 61922
cf-ray: 71ff42decd40ee75-CDG
expires: Thu, 23 Jun 2022 18:39:33 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
832 B 78ms
34ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613054820814&cb=1656008673006

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.9b6656b8.1656008673.8daf7e14
x-envoy-upstream-service-time: 1
x-pinterest-rid: 6788301399002803
pin-unauth: dWlkPU5UbGlZakF3WTJFdFl6aGtaaTAwT0dJNUxUazJaakl0WTJJM1lqaG1NalppTVdFMA
access-control-allow-origin: https://ssl.omnihotels.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 67ms
42ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613054820814&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1656008673020

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:33 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9b6656b8.1656008673.8daf7e1d
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1754717443701396
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%... Show response
adservice.google.de/ddm/fls/i/ Frame A6A9 194 B
242 B 99ms
45ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLPpwYWZxPgCFRtIHQkd9lEMPQ;src=8703439;type=hotcount;cat=omnih0;ord=5215751865004;gtm=2wg6f0;auiddc=2016727944.1656008673;u1=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;u13=undefined;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 18:24:33 GMT
expires: Thu, 23 Jun 2022 18:24:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3... Show response
adservice.google.de/ddm/fls/i/ Frame 2DEB 194 B
870 B 97ms
44ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNvqwYWZxPgCFRpEHQkd8QcF2w;src=2908977;type=audie0;cat=omnih0;ord=3989471585868;gtm=2wg6f0;auiddc=2016727944.1656008673;u21=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail;~oref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 18:24:33 GMT
expires: Thu, 23 Jun 2022 18:24:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 track
t.teads.tv/ 23 B
143 B 166ms
80ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=5.5.4_dee72da&advertiser_id=31741&referer=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%3Dundefined%26ref_pagedst%3D%3Dundefined%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%3Dundefined%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&cohort_id=Select%20Guest%20Sign-In%20%7C%20Omni%20Hotels%20%26%20Resorts
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H3 200 integrations Show response
getrockerbox.com/ 42 B
555 B 150ms
130ms Script
text/javascript 104.21.58.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/integrations?source=omni_hotels
Requested by: Host: getrockerbox.com
URL: https://getrockerbox.com/assets/xyz.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7Dke5ENwJgGT3im1WasW6O4K0sQWgkIPbRCD2OaqJyuaze3BP23woAsu9q4NTDOm6dnwfMt9LlMFmajUTiFjR4l1IwoEE5H5j4uRyhflrgvQ9ciKCBqyXfBQjT6NS8QAwyo"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 71ff42dec8d3b7ac-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jpuid Show response
getrockerbox.com/ 67 B
643 B 150ms
132ms Script
text/javascript 104.21.58.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/jpuid?jsonp=RB.jsonPUID
Requested by: Host: getrockerbox.com
URL: https://getrockerbox.com/assets/xyz.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 778ccf0b26ad8c975d5729d81c8958f60488e65148c09eb5dbe99a4bc68904c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXzTWLI%2FFSwwgjK%2FYZi1mrJyoWWQgnz6r2EAoXxDcZxSvI%2BK%2BAwZ2vr%2BIYD1%2F1ZJN0y3rSKWBDqJqOzh5qrYcNCziVYjcJ6H7nlbu3rScZHl0WpLMRGqPnSBtOTcK5EAAEjC"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 71ff42dec8cfb7ac-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pxid Show response
4f36e5fd-8df3-411b-bf83-4d9d958da17e.prmutv.co/v2.0/ 12 B
227 B 74ms
16ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4f36e5fd-8df3-411b-bf83-4d9d958da17e.prmutv.co/v2.0/pxid?k=f6372266-fde2-4ec5-8c32-8bab26ee4edb
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/4f36e5fd-8df3-411b-bf83-4d9d958da17e-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer: https://ssl.omnihotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://ssl.omnihotels.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 29 B
875 B 70ms
20ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/4f36e5fd-8df3-411b-bf83-4d9d958da17e-async.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

76f8a0ca4e8fc3afc651dc5241e373e49acdbec76cd58c497dafe1da17af9e4e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ssl.omnihotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:33 GMT
X-Proxy-Origin: 193.27.14.37; 193.27.14.37; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 103f6ba5-83f7-4625-9dd6-8c0cb87e7334
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ssl.omnihotels.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 29
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 233 B
360 B 68ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=f6372266-fde2-4ec5-8c32-8bab26ee4edb
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/4f36e5fd-8df3-411b-bf83-4d9d958da17e-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 330268ca0872ec324d4e29aab6992cdeed9d8ea3e92c1be48ebe19b49b285e3f

Request headers

Referer: https://ssl.omnihotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://ssl.omnihotels.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google

GET
BLOB 200
OK b3d445f2-e47f-430e-9322-aa2cd9a917d2
https://ssl.omnihotels.com/ 31 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ssl.omnihotels.com/b3d445f2-e47f-430e-9322-aa2cd9a917d2
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9a3a6658977f235dfe54903a7e612462bab2401be3d08d16fcb6dfddfd25852

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 31929

GET
BLOB 200
OK 4361bea0-41cb-46d5-aabc-6d6f51c7fd73
https://ssl.omnihotels.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ssl.omnihotels.com/4361bea0-41cb-46d5-aabc-6d6f51c7fd73
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3fdc99f4073ef5961efa056d69c34702d0bffbfdfa4598f66036a1e9f1c6d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 20393

GET
H3 200 210262292977069 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 167ms
164ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/210262292977069?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c80bbd7c9dc2df5f59c5a5e3d23e83e1c38bb225fe74209b8206e70b5f48fff0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: fIqDoJGXc0MWfXGln5z0DGUiV4FoiTRxKD9stXHdclXFlbliM+V0aKxczSr3DIVTveHGExQgCWn/snzv5jl4pA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 18:24:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656008673367
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 46ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1237086486375637&ev=PageView&dl=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&rl=&if=false&ts=1656008673202&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656008673201.651351288&it=1656008672866&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 23 Jun 2022 18:24:33 GMT

GET
H/1.1

200
OK

seg
secure.adnxs.com/
Redirect Chain

https://getrockerbox.com/rb?url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddi...
https://secure.adnxs.com/seg?add=26570503

43 B
1 KB

50ms
50ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=26570503

Requested by

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:33 GMT
X-Proxy-Origin: 193.27.14.37; 193.27.14.37; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7e86f904-813e-47e1-8fd4-25f4fb9a2ad9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Thu, 23 Jun 2022 18:24:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJitaZgZHzzP8n2wWXOM1vvwC1wvPiXPyicez3M10gw4qz8CZZr1snskLW67LvMsle%2Bud%2BBTIl%2B6c%2B8U7OL6lASlZP2uNg0RQaetwCIfPGpfdOIFRtVmHJtwWoRKMU8A4T%2B9"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://secure.adnxs.com/seg?add=26570503
cf-ray: 71ff42dfba0ab7ac-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 39ms
17ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=f6372266-fde2-4ec5-8c32-8bab26ee4edb
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/4f36e5fd-8df3-411b-bf83-4d9d958da17e-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 03c15344ce609b11e34605f4e4ebf5e5550ba81bc7e378c635fb217552422e69

Request headers

Referer: https://ssl.omnihotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://ssl.omnihotels.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H2 200 Serving Show response
bs.serving-sys.com/ 839 B
1010 B 85ms
9ms Script
text/html 52.29.68.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073747411&dispType=js&sync=0&sessionid=2934321088935210718&pageurl=$$https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail$$&activityValues=$$Session%3D4492583065559852520$$&ns=0&rnd=1856418640426678&uinadv=%7B%7D
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073747411
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.68.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-68-61.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 56b2291eb207321604a10b0e2d999405e958978009e75e1a0b6ee248acaf6a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 426
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H3 200 tpd Show response
api.permutive.com/v2.0/ 2 B
39 B 53ms
35ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd?k=f6372266-fde2-4ec5-8c32-8bab26ee4edb
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/4f36e5fd-8df3-411b-bf83-4d9d958da17e-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ssl.omnihotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://ssl.omnihotels.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
via: 1.1 google

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame F42B 1 KB
2 KB 122ms
53ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1596615&mt_adid=250702&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073747411
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x25 config:1.0.0 /
Resource Hash: a4af9b910551aa2f3cde6481f9b7da64cc490c659e9df343148f7add7f582b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:33 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1485
Expires: Thu, 23 Jun 2022 18:24:32 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame E21D 1 KB
2 KB 113ms
51ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1596613&mt_adid=250702&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073747411
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0 /
Resource Hash: 23df57940e7fd130b08139c3446c3ba0d0a4e4d5ccdc92f039f257146419d678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:33 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1485
Expires: Thu, 23 Jun 2022 18:24:32 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 3513 6 KB
6 KB 106ms
106ms Document
text/html 209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=R06HKNZKR5y1tg9HgGQLeQ&dmt=3&ex-pl-n-g-hmt=ms-hbbz5QjuAn5vGsrW-Tg&ep=mfS4I4Lxm4iN8M-0MyueFUoEFpGYE5cin2dW6jdvjnKkudj4V_J5INYsJiAGHumZpAt2ahr_L6sh7ka8IxaWr0xKq4iAOTePyz_ridA3pu73gSv1fGbaP-9uewY59VN19f8vcN17CsU2fzQEvE-WyrrCwBY1mEiUaBqkodrEgMNyOqwk-5dsuyE9kvLoEmsM2MtDzRYxzCT4xXyrCTae--JYiNFbq0dKoS3mBGgwvNpnIVW248eogomkkpH6o9xi3djcL8VVRSoyQ-DTuNlqFlQ4Z-UfHo6iTv3mHN8NkENmxHWNcfxRXi5IQhMIqmRaxM2Qp_OmnuYIOv0DguHBy_z_bDh8P8Tbj0zRxOdrVPmwfyvO-__jaJkDMQZ4E84n

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D42b83a30-4040-ad54-bcef-bc7c19f08dc0%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.omnihotels.com/&ex-hargs=v%3D1.0%3Bc%3D2531508700701%3Bp%3D42B83A30-4040-AD54-BCEF-BC7C19F08DC0&cb=173163887171366800&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

25727a56f910b1b41d985d9d9663ac3b74f6392855940747bbc0e1bbb61ce011

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D42b83a30-4040-ad54-bcef-bc7c19f08dc0%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.omnihotels.com/&ex-hargs=v%3D1.0%3Bc%3D2531508700701%3Bp%3D42B83A30-4040-AD54-BCEF-BC7C19F08DC0&cb=173163887171366800&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 5748
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 23 Jun 2022 18:24:33 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: JFWW21FKXK3YVKB5PC8W

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 51ms
32ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=210262292977069&ev=PageView&dl=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&rl=&if=false&ts=1656008673455&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656008673201.651351288&it=1656008672866&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 18:24:33 GMT

GET
H2 200 ajax Show response
www.trustedsite.com/rpc/ 6 B
943 B 658ms
163ms Script
text/javascript 44.224.197.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=ssl.omnihotels.com&rand=1656008673477

Requested by

Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.224.197.137 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-224-197-137.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-length: 26
x-content-type-options: nosniff

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame CD8C 705 B
1 KB 43ms
42ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=966162b4-afe1-4f00-bd51-4b9cf8d4269a&no_iframe=1&mt_adid=250702&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1596613&mt_adid=250702&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x11 config:1.0.0 /
Resource Hash: 0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2

Request headers

Referer: https://ssl.omnihotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 705
Content-Type: text/html
Date: Thu, 23 Jun 2022 18:24:33 GMT
Expires: Thu, 23 Jun 2022 18:24:32 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master zrh-pixel-x11 config:1.0.0

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 16D7 705 B
1 KB 75ms
35ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=972362b4-afe1-4e00-8080-1db933fc8827&no_iframe=1&mt_adid=250702&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1596615&mt_adid=250702&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x27 config:1.0.0 /
Resource Hash: 0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2

Request headers

Referer: https://ssl.omnihotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 705
Content-Type: text/html
Date: Thu, 23 Jun 2022 18:24:33 GMT
Expires: Thu, 23 Jun 2022 18:24:32 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master zrh-pixel-x27 config:1.0.0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame E21D 43 B
525 B 42ms
40ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:33 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 23 Jun 2022 18:24:32 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame F42B 43 B
525 B 85ms
42ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1596615&mt_adid=250702&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x30 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:33 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 23 Jun 2022 18:24:32 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=217303104191003887291&ex=neustar.biz

43 B
556 B

106ms
105ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=217303104191003887291&ex=neustar.biz

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=R06HKNZKR5y1tg9HgGQLeQ&dmt=3&ex-pl-n-g-hmt=ms-hbbz5QjuAn5vGsrW-Tg&ep=mfS4I4Lxm4iN8M-0MyueFUoEFpGYE5cin2dW6jdvjnKkudj4V_J5INYsJiAGHumZpAt2ahr_L6sh7ka8IxaWr0xKq4iAOTePyz_ridA3pu73gSv1fGbaP-9uewY59VN19f8vcN17CsU2fzQEvE-WyrrCwBY1mEiUaBqkodrEgMNyOqwk-5dsuyE9kvLoEmsM2MtDzRYxzCT4xXyrCTae--JYiNFbq0dKoS3mBGgwvNpnIVW248eogomkkpH6o9xi3djcL8VVRSoyQ-DTuNlqFlQ4Z-UfHo6iTv3mHN8NkENmxHWNcfxRXi5IQhMIqmRaxM2Qp_OmnuYIOv0DguHBy_z_bDh8P8Tbj0zRxOdrVPmwfyvO-__jaJkDMQZ4E84n

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1ZXWSMGRPXDN4BFPGB33
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:33 GMT
server: AAWebServer
location: https://s.amazon-adsystem.com/ecm3?id=217303104191003887291&ex=neustar.biz
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=xyAAko2gRDumyI7q178OeQ&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=xyAAko2gRDumyI7q178OeQ&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YrSv4Q9BLfoJO3L.0bWwwgAA

43 B
556 B

297ms
103ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YrSv4Q9BLfoJO3L.0bWwwgAA

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N4TA7RWWMRM22681G1MY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YrSv4Q9BLfoJO3L.0bWwwgAA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 23 Jun 2022 18:24:34 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3eb30efd3d83fddc7161044028cf0650

43 B
556 B

296ms
105ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3eb30efd3d83fddc7161044028cf0650

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: KSHKZNNNNSHE0BG0HY93
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3eb30efd3d83fddc7161044028cf0650
Date: Thu, 23 Jun 2022 18:24:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
556 B

172ms
107ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YEP2H606YZQ8P1A1YWYC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Date: Thu, 23 Jun 2022 18:24:34 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=L1CXt67oRf2SGKHPaxyeWg
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=L1CXt67oRf2SGKHPaxyeWg

43 B
556 B

204ms
107ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=L1CXt67oRf2SGKHPaxyeWg

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GDA948EEJSBSV0ADB1Q0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=L1CXt67oRf2SGKHPaxyeWg
date: Thu, 23 Jun 2022 18:24:33 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1
https://s.amazon-adsystem.com/ecm3?id=y-TwY8HIpE2uQmr03ScCHV8NVBEIaI8B8-~A&ex=aoldisplay.com

43 B
556 B

287ms
111ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-TwY8HIpE2uQmr03ScCHV8NVBEIaI8B8-~A&ex=aoldisplay.com

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: R82KMG2VQD097H7RA14M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=y-TwY8HIpE2uQmr03ScCHV8NVBEIaI8B8-~A&ex=aoldisplay.com
date: Thu, 23 Jun 2022 18:24:34 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=93956558-b67a-4382-98d3-d3ba7672e325

43 B
556 B

290ms
104ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=93956558-b67a-4382-98d3-d3ba7672e325

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HEP9T7EQPJ954CBM2SPW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Thu, 23 Jun 2022 18:24:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=93956558-b67a-4382-98d3-d3ba7672e325

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 3513 43 B
183 B 535ms
101ms Image
image/gif 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=R06HKNZKR5y1tg9HgGQLeQ&dmt=3&ex-pl-n-g-hmt=ms-hbbz5QjuAn5vGsrW-Tg&ep=mfS4I4Lxm4iN8M-0MyueFUoEFpGYE5cin2dW6jdvjnKkudj4V_J5INYsJiAGHumZpAt2ahr_L6sh7ka8IxaWr0xKq4iAOTePyz_ridA3pu73gSv1fGbaP-9uewY59VN19f8vcN17CsU2fzQEvE-WyrrCwBY1mEiUaBqkodrEgMNyOqwk-5dsuyE9kvLoEmsM2MtDzRYxzCT4xXyrCTae--JYiNFbq0dKoS3mBGgwvNpnIVW248eogomkkpH6o9xi3djcL8VVRSoyQ-DTuNlqFlQ4Z-UfHo6iTv3mHN8NkENmxHWNcfxRXi5IQhMIqmRaxM2Qp_OmnuYIOv0DguHBy_z_bDh8P8Tbj0zRxOdrVPmwfyvO-__jaJkDMQZ4E84n
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 3513 0
123 B 468ms
34ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
via: http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=8fa627d5-eaac-4e31-7cee-81328ae4a67c

43 B
556 B

284ms
105ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=8fa627d5-eaac-4e31-7cee-81328ae4a67c

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DS5MQGET3Y0PS73AA76C
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 23 Jun 2022 18:24:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=8fa627d5-eaac-4e31-7cee-81328ae4a67c
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71ff42e46fc501eb-ZRH
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=1c649f3afc33b7aec47a905b2cfb3c88&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

158ms
105ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=1c649f3afc33b7aec47a905b2cfb3c88&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BEZ6YDB1GR2DNSHFMKZJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=1c649f3afc33b7aec47a905b2cfb3c88&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1656008674049090-404
Expires: Thu, 23 Jun 2022 18:24:34 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

142ms
102ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N35N1FW302ASZNEH5CFM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 23 Jun 2022 18:24:34 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=Q1A86T27D5XRA0RQQPPS:sn=www.imdb.com
x-cache: Miss from cloudfront
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: Q1A86T27D5XRA0RQQPPS
strict-transport-security: max-age=31536000; includeSubDomains
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy: interest-cohort=()
x-robots-tag: noindex, nofollow
x-amz-cf-id: cYGT6yC5MeohsuwK0lUVqcaokOfOk6krGAOCN7Hd80fP046YEp0Z0A==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 3513 0
338 B 104ms
31ms Image
text/plain 99.80.124.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=R06HKNZKR5y1tg9HgGQLeQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=R06HKNZKR5y1tg9HgGQLeQ&dmt=3&ex-pl-n-g-hmt=ms-hbbz5QjuAn5vGsrW-Tg&ep=mfS4I4Lxm4iN8M-0MyueFUoEFpGYE5cin2dW6jdvjnKkudj4V_J5INYsJiAGHumZpAt2ahr_L6sh7ka8IxaWr0xKq4iAOTePyz_ridA3pu73gSv1fGbaP-9uewY59VN19f8vcN17CsU2fzQEvE-WyrrCwBY1mEiUaBqkodrEgMNyOqwk-5dsuyE9kvLoEmsM2MtDzRYxzCT4xXyrCTae--JYiNFbq0dKoS3mBGgwvNpnIVW248eogomkkpH6o9xi3djcL8VVRSoyQ-DTuNlqFlQ4Z-UfHo6iTv3mHN8NkENmxHWNcfxRXi5IQhMIqmRaxM2Qp_OmnuYIOv0DguHBy_z_bDh8P8Tbj0zRxOdrVPmwfyvO-__jaJkDMQZ4E84n
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.124.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-124-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
cache-control: private, no-cache, no-store
x-request-time: D=52 t=1656008674
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 3513 0
263 B 398ms
97ms Image
text/plain 52.6.201.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=R06HKNZKR5y1tg9HgGQLeQ&dmt=3&ex-pl-n-g-hmt=ms-hbbz5QjuAn5vGsrW-Tg&ep=mfS4I4Lxm4iN8M-0MyueFUoEFpGYE5cin2dW6jdvjnKkudj4V_J5INYsJiAGHumZpAt2ahr_L6sh7ka8IxaWr0xKq4iAOTePyz_ridA3pu73gSv1fGbaP-9uewY59VN19f8vcN17CsU2fzQEvE-WyrrCwBY1mEiUaBqkodrEgMNyOqwk-5dsuyE9kvLoEmsM2MtDzRYxzCT4xXyrCTae--JYiNFbq0dKoS3mBGgwvNpnIVW248eogomkkpH6o9xi3djcL8VVRSoyQ-DTuNlqFlQ4Z-UfHo6iTv3mHN8NkENmxHWNcfxRXi5IQhMIqmRaxM2Qp_OmnuYIOv0DguHBy_z_bDh8P8Tbj0zRxOdrVPmwfyvO-__jaJkDMQZ4E84n
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.201.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-201-25.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 3513 0
123 B 87ms
20ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=UFJc2opURMiSOEhAJxkPeQ&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-zxf6z
date: Thu, 23 Jun 2022 18:24:34 GMT
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=f91ad623bd16ae71

43 B
556 B

106ms
105ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=f91ad623bd16ae71

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JB6AM6GZ3MKVE2AP8A1T
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=f91ad623bd16ae71
date: Thu, 23 Jun 2022 18:24:34 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jnkI2EN4T9iyQLnEvbHP4w&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jnkI2EN4T9iyQLnEvbHP4w

43 B
556 B

108ms
108ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jnkI2EN4T9iyQLnEvbHP4w

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RNE40T8T9HJZX65D87F8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jnkI2EN4T9iyQLnEvbHP4w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=FXy8A_4uQUGI_hLkxTWaqQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=FXy8A_4uQUGI_hLkxTWaqQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=66040214466713547501207086939224078070

43 B
556 B

106ms
105ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=66040214466713547501207086939224078070

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: R9H0K4E9744Y8F03B1M8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v034-0a50a7dd7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nSoGMeLER3U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=66040214466713547501207086939224078070
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=m9qe3y0gQW2PANrszsicIw
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811805701247335035&gdpr=&gdpr_consent=

43 B
556 B

106ms
106ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811805701247335035&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VAYDD7DZ73HBMQ2PSYGX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:34 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811805701247335035&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 3513 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3325649579704077738

43 B
556 B

107ms
105ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3325649579704077738

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NSXVJWPWHWACCBGTEBM5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:34 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3325649579704077738
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=bb526fe3-f321-11ec-9c4a-1384e0ef0206
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=bb526f78-f321-11ec-9c4a-1384e0ef0206

43 B
556 B

107ms
106ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=bb526f78-f321-11ec-9c4a-1384e0ef0206

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PZGC3NT121XQKYRN230P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 23 Jun 2022 18:24:34 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=bb526f78-f321-11ec-9c4a-1384e0ef0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 87
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a297df6a-84a4-4458-89fa-0f743bbb52c5

43 B
556 B

110ms
109ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a297df6a-84a4-4458-89fa-0f743bbb52c5

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:33 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GGKX6PZ91A6WMGCBR3CQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:33 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a297df6a-84a4-4458-89fa-0f743bbb52c5
cache-control: private
content-type: text/html; charset=UTF-8
content-length: 211
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEHOGLdLBhBKRNe2VZ41btSQ&google_cver=1

43 B
556 B

105ms
105ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEHOGLdLBhBKRNe2VZ41btSQ&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NCTK548RKK81R4K70N51
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEHOGLdLBhBKRNe2VZ41btSQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=O6nkZjnO

43 B
556 B

106ms
106ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=O6nkZjnO

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: A0FECBDTZEV465R67RY5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //s.amazon-adsystem.com/ecm3?ex=krux.com&id=O6nkZjnO
date: Thu, 23 Jun 2022 18:24:34 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a004-ash-prod.krxd.net

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=c6cd35d5d1fe735f85c607fea11ce90a

43 B
556 B

105ms
105ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=c6cd35d5d1fe735f85c607fea11ce90a

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 50WM3EMXNJR974MVMVVX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=c6cd35d5d1fe735f85c607fea11ce90a
date: Thu, 23 Jun 2022 18:24:34 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-length: 0
x-amz-cf-id: vGrmq0IOg_WgGkHZJVAijyJvvJgTVK7OTSznxzjQ02DU-voRvQ0-nQ==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 3513 43 B
306 B 47ms
23ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=R06HKNZKR5y1tg9HgGQLeQ&dmt=3&ex-pl-n-g-hmt=ms-hbbz5QjuAn5vGsrW-Tg&ep=mfS4I4Lxm4iN8M-0MyueFUoEFpGYE5cin2dW6jdvjnKkudj4V_J5INYsJiAGHumZpAt2ahr_L6sh7ka8IxaWr0xKq4iAOTePyz_ridA3pu73gSv1fGbaP-9uewY59VN19f8vcN17CsU2fzQEvE-WyrrCwBY1mEiUaBqkodrEgMNyOqwk-5dsuyE9kvLoEmsM2MtDzRYxzCT4xXyrCTae--JYiNFbq0dKoS3mBGgwvNpnIVW248eogomkkpH6o9xi3djcL8VVRSoyQ-DTuNlqFlQ4Z-UfHo6iTv3mHN8NkENmxHWNcfxRXi5IQhMIqmRaxM2Qp_OmnuYIOv0DguHBy_z_bDh8P8Tbj0zRxOdrVPmwfyvO-__jaJkDMQZ4E84n
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:34 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=K-aY0V91Z4J5aTHKqNDe9zc4fMM4ZgAC

43 B
556 B

112ms
111ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=K-aY0V91Z4J5aTHKqNDe9zc4fMM4ZgAC

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2EMYBTB6BN1SCVK9B55Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=K-aY0V91Z4J5aTHKqNDe9zc4fMM4ZgAC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Thu, 23 Jun 2022 18:24:34 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=453158C5EF04A763

43 B
556 B

107ms
106ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=453158C5EF04A763

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TE52K933PGA4JSP1F1Q3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:39 GMT
frontend-id: 4
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=453158C5EF04A763
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=5677988431123376687&ex=appnexus.com

43 B
556 B

107ms
107ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5677988431123376687&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YD1VQK3T7RND1Z91A06N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
X-Proxy-Origin: 193.27.14.37; 193.27.14.37; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d42cec20-8346-43d4-9ff0-5bc13d46e1ba
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=5677988431123376687&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 3513 0
225 B 57ms
14ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=5LsgSJVfTGiwbAoFCwkFGg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=R06HKNZKR5y1tg9HgGQLeQ&dmt=3&ex-pl-n-g-hmt=ms-hbbz5QjuAn5vGsrW-Tg&ep=mfS4I4Lxm4iN8M-0MyueFUoEFpGYE5cin2dW6jdvjnKkudj4V_J5INYsJiAGHumZpAt2ahr_L6sh7ka8IxaWr0xKq4iAOTePyz_ridA3pu73gSv1fGbaP-9uewY59VN19f8vcN17CsU2fzQEvE-WyrrCwBY1mEiUaBqkodrEgMNyOqwk-5dsuyE9kvLoEmsM2MtDzRYxzCT4xXyrCTae--JYiNFbq0dKoS3mBGgwvNpnIVW248eogomkkpH6o9xi3djcL8VVRSoyQ-DTuNlqFlQ4Z-UfHo6iTv3mHN8NkENmxHWNcfxRXi5IQhMIqmRaxM2Qp_OmnuYIOv0DguHBy_z_bDh8P8Tbj0zRxOdrVPmwfyvO-__jaJkDMQZ4E84n
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:32 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=-EPZmt5ipdC64ubhBZf1PA&ex=rubiconproject.com&status=ok

43 B
556 B

107ms
107ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=-EPZmt5ipdC64ubhBZf1PA&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: M2DHA84X3JAF1K9T5P83
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=-EPZmt5ipdC64ubhBZf1PA&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=ms-hbbz5QjuAn5vGsrW-Tg&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

101ms
101ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZD2WA5JEA3YSRMMHJQTD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame 3513 0
324 B 179ms
30ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=R06HKNZKR5y1tg9HgGQLeQ&dmt=3&ex-pl-n-g-hmt=ms-hbbz5QjuAn5vGsrW-Tg&ep=mfS4I4Lxm4iN8M-0MyueFUoEFpGYE5cin2dW6jdvjnKkudj4V_J5INYsJiAGHumZpAt2ahr_L6sh7ka8IxaWr0xKq4iAOTePyz_ridA3pu73gSv1fGbaP-9uewY59VN19f8vcN17CsU2fzQEvE-WyrrCwBY1mEiUaBqkodrEgMNyOqwk-5dsuyE9kvLoEmsM2MtDzRYxzCT4xXyrCTae--JYiNFbq0dKoS3mBGgwvNpnIVW248eogomkkpH6o9xi3djcL8VVRSoyQ-DTuNlqFlQ4Z-UfHo6iTv3mHN8NkENmxHWNcfxRXi5IQhMIqmRaxM2Qp_OmnuYIOv0DguHBy_z_bDh8P8Tbj0zRxOdrVPmwfyvO-__jaJkDMQZ4E84n
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2DE2AFB462BB7A3F9902C7C605

43 B
556 B

108ms
108ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2DE2AFB462BB7A3F9902C7C605

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: E37SEN6GGCM8GYWVSPR1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 23 Jun 2022 18:24:34 GMT
Server: openresty/1.15.8.2
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2DE2AFB462BB7A3F9902C7C605
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Thu, 23 Jun 2022 18:24:33 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=6cccf84e5a678fb1cc6fd896dfdffe49b66eb5a1b05d3efd9edc8acafc7c5141

43 B
556 B

104ms
104ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=6cccf84e5a678fb1cc6fd896dfdffe49b66eb5a1b05d3efd9edc8acafc7c5141

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TK41HENGDWFFY098J69N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:34 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=6cccf84e5a678fb1cc6fd896dfdffe49b66eb5a1b05d3efd9edc8acafc7c5141
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3513 0
166 B 166ms
19ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=R06HKNZKR5y1tg9HgGQLeQ&dmt=3&ex-pl-n-g-hmt=ms-hbbz5QjuAn5vGsrW-Tg&ep=mfS4I4Lxm4iN8M-0MyueFUoEFpGYE5cin2dW6jdvjnKkudj4V_J5INYsJiAGHumZpAt2ahr_L6sh7ka8IxaWr0xKq4iAOTePyz_ridA3pu73gSv1fGbaP-9uewY59VN19f8vcN17CsU2fzQEvE-WyrrCwBY1mEiUaBqkodrEgMNyOqwk-5dsuyE9kvLoEmsM2MtDzRYxzCT4xXyrCTae--JYiNFbq0dKoS3mBGgwvNpnIVW248eogomkkpH6o9xi3djcL8VVRSoyQ-DTuNlqFlQ4Z-UfHo6iTv3mHN8NkENmxHWNcfxRXi5IQhMIqmRaxM2Qp_OmnuYIOv0DguHBy_z_bDh8P8Tbj0zRxOdrVPmwfyvO-__jaJkDMQZ4E84n
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3513
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=2e71404e-ebf5-4c50-aad6-6fcf9455dac8-tuct9ae3562

43 B
556 B

104ms
103ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=2e71404e-ebf5-4c50-aad6-6fcf9455dac8-tuct9ae3562

Requested by

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 18:24:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AQ44ZSXHH5QT6FD9ZYM4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=2e71404e-ebf5-4c50-aad6-6fcf9455dac8-tuct9ae3562
date: Thu, 23 Jun 2022 18:24:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13505

GET
H2 200 SmarterHandler.ashx Show response
tr2.smarterhq.io/app1/ 294 B
416 B 472ms
99ms Script
text/javascript 52.44.45.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=1164019685&i=7b2hrefqup-1&cb=_smtr.postprocess&cu=true&bv=2.7.14&utc=0&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&pt=5&href=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&hostn=ssl.omnihotels.com&pathn=%2Fomni
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/omni.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.45.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-45-214.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 78b7266eb34e40d909715f1ed382a3381cc768ca58a50c83b90c96b777c1870e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:34 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 294
content-type: text/javascript

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
130 B 18ms
18ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=f6372266-fde2-4ec5-8c32-8bab26ee4edb
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/4f36e5fd-8df3-411b-bf83-4d9d958da17e-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e2c93a043df298057c329b4a1b58c2215c14f8ad6325a1dfb157f4fa6f09f83f

Request headers

Referer: https://ssl.omnihotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 23 Jun 2022 18:24:33 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://ssl.omnihotels.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
via: 1.1 google

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame CD8C 43 B
524 B 36ms
35ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=966162b4-afe1-4f00-bd51-4b9cf8d4269a&no_iframe=1&mt_adid=250702&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x8 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=966162b4-afe1-4f00-bd51-4b9cf8d4269a&no_iframe=1&mt_adid=250702&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:33 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x8 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 23 Jun 2022 18:24:32 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 16D7 43 B
525 B 36ms
36ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=972362b4-afe1-4e00-8080-1db933fc8827&no_iframe=1&mt_adid=250702&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x32 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=972362b4-afe1-4e00-8080-1db933fc8827&no_iframe=1&mt_adid=250702&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:24:33 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x32 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 23 Jun 2022 18:24:32 GMT

GET
H2 200 SmarterHandler.ashx Show response
tr2.smarterhq.io/app1/ 295 B
416 B 101ms
99ms Script
text/javascript 52.44.45.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=672019464&i=7b2hrefqup-1&cb=_smtr.postprocess&t=Select%20Guest%20Sign-In%20%7C%20Omni%20Hotels%20%20Resorts&cid=_bookingStep-customerInfo&cn=bookingStep-customerInfo&bv=2.7.14&utc=0&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&pt=3&href=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&hostn=ssl.omnihotels.com&pathn=%2Fomni&modalc=637916054740151017^018191cf-0adf-443e-a0b6-8d4b9accf451^018191cf-0adf-4fdb-a403-a32642a4faa9^0^193.27.14.37
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/omni.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.45.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-45-214.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: ada98a81565e7ffcb1dc1340ed0651bc7efcd4936fd23ebb97a89590d437fbc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:34 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 295
content-type: text/javascript

GET
H2 200 / Show response
onsiteshq.smarterhq.io/api/v3/onsite/ 111 B
224 B 340ms
126ms Script
text/plain 54.163.244.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsiteshq.smarterhq.io/api/v3/onsite/?instanceId=7b2hrefqup-1&loiId=018191cf-0adf-443e-a0b6-8d4b9accf451&sessionId=018191cf-0adf-4fdb-a403-a32642a4faa9&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&callback=_smtr.postprocess&r=1339369561&isNewVisitor=true&accountId=377&campaign=direct-ohr-select_guest-account_summary_jun_22&medium=email&isEmailProvided=false&espSubIdProvided=false&ref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/omni.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.244.190 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-244-190.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
server: Kestrel
x-request-id: 0HMI36153K641:00000417
content-type: text/plain; charset=utf-8

GET
H2 200 smtr1x1.gif
tr2.smarterhq.io/app1/ 43 B
159 B 103ms
102ms Image
image/gif 52.44.45.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr2.smarterhq.io/app1/smtr1x1.gif?r=626566308&action=checkout&i=7b2hrefqup-1&modalc=637916054740151017%5E018191cf-0adf-443e-a0b6-8d4b9accf451%5E018191cf-0adf-4fdb-a403-a32642a4faa9%5E0%5E193.27.14.37&value=Page&bv=2.7.14
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.45.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-45-214.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:34 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 43
content-type: image/gif

GET
H2 200 smtr1x1.gif
tr2.smarterhq.io/app1/ 43 B
159 B 101ms
100ms Image
image/gif 52.44.45.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr2.smarterhq.io/app1/smtr1x1.gif?r=1804830045&action=campaign&i=7b2hrefqup-1&modalc=637916054740151017%5E018191cf-0adf-443e-a0b6-8d4b9accf451%5E018191cf-0adf-4fdb-a403-a32642a4faa9%5E0%5E193.27.14.37&pageId=0HMIL4S4IH6IU%3A000026F3&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_medium=email&utm_source=sfmc&utm_content=126363&href=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&bv=2.7.14
Requested by: Host: ssl.omnihotels.com
URL: https://ssl.omnihotels.com/Omni?pagesrc=SI&pagedst=SI&ref_pagesrc=&ref_pagedst=&utm_medium=email&utm_source=adhoc&utm_campaign=direct-ohr-select_guest-account_summary_jun_22&utm_source=sfmc&utm_term=&utm_content=126363&utm_id=21d1792d-dd11-4b15-a50f-8e688966f80d&sfmc_id=4699648&sfmc_activityid=47b0f733-c9c4-4acb-adbd-45111da4e543&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.45.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-45-214.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:24:34 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
onsiteshq.smarterhq.io/api/v3/onsite/ 111 B
227 B 234ms
123ms Script
text/plain 54.163.244.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsiteshq.smarterhq.io/api/v3/onsite/?instanceId=7b2hrefqup-1&loiId=018191cf-0adf-443e-a0b6-8d4b9accf451&sessionId=018191cf-0adf-4fdb-a403-a32642a4faa9&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&callback=_smtr.postprocess&r=406718604&isNewVisitor=true&accountId=377&campaign=direct-ohr-select_guest-account_summary_jun_22&medium=email&isEmailProvided=false&espSubIdProvided=false&ref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/omni.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.244.190 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-244-190.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
server: Kestrel
x-request-id: 0HMIAQV9CMSHH:00000A1E
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
onsiteshq.smarterhq.io/api/v3/onsite/ 111 B
225 B 234ms
124ms Script
text/plain 54.163.244.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsiteshq.smarterhq.io/api/v3/onsite/?instanceId=7b2hrefqup-1&loiId=018191cf-0adf-443e-a0b6-8d4b9accf451&sessionId=018191cf-0adf-4fdb-a403-a32642a4faa9&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&callback=_smtr.postprocess&r=1810032241&isNewVisitor=true&accountId=377&campaign=direct-ohr-select_guest-account_summary_jun_22&medium=email&isEmailProvided=false&espSubIdProvided=false&ref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/omni.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.244.190 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-244-190.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
server: Kestrel
x-request-id: 0HMHD6D2KOLOO:000002E3
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
onsiteshq.smarterhq.io/api/v3/onsite/ 111 B
225 B 233ms
124ms Script
text/plain 54.163.244.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsiteshq.smarterhq.io/api/v3/onsite/?instanceId=7b2hrefqup-1&loiId=018191cf-0adf-443e-a0b6-8d4b9accf451&sessionId=018191cf-0adf-4fdb-a403-a32642a4faa9&url=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&callback=_smtr.postprocess&r=676427726&isNewVisitor=true&accountId=377&campaign=direct-ohr-select_guest-account_summary_jun_22&medium=email&isEmailProvided=false&espSubIdProvided=false&ref=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/omni.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.244.190 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-244-190.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
server: Kestrel
x-request-id: 0HMIDOROPPI8H:00000A21
content-type: text/plain; charset=utf-8

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 54ms
54ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=f6372266-fde2-4ec5-8c32-8bab26ee4edb
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/4f36e5fd-8df3-411b-bf83-4d9d958da17e-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.omnihotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 23 Jun 2022 18:24:34 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1237086486375637&ev=Microdata&dl=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&rl=&if=false&ts=1656008674705&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Select%20Guest%20Sign-In%20%7C%20Omni%20Hotels%20%26%20Resorts%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1656008673201.651351288&it=1656008672866&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 18:24:34 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=210262292977069&ev=Microdata&dl=https%3A%2F%2Fssl.omnihotels.com%2FOmni%3Fpagesrc%3DSI%26pagedst%3DSI%26ref_pagesrc%3D%26ref_pagedst%3D%26utm_medium%3Demail%26utm_source%3Dadhoc%26utm_campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26utm_source%3Dsfmc%26utm_term%3D%26utm_content%3D126363%26utm_id%3D21d1792d-dd11-4b15-a50f-8e688966f80d%26sfmc_id%3D4699648%26sfmc_activityid%3D47b0f733-c9c4-4acb-adbd-45111da4e543%26utm_medium%3Demail&rl=&if=false&ts=1656008674971&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Select%20Guest%20Sign-In%20%7C%20Omni%20Hotels%20%26%20Resorts%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1656008673201.651351288&it=1656008672866&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.omnihotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 18:24:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 18:24:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.omnihotels.com
URL: https://www.omnihotels.com/-/media/digex/social/facebook.png

Domain: www.omnihotels.com
URL: https://www.omnihotels.com/-/media/digex/social/twitter.png

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/af	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
.omnihotels.com/	1970-01-20 04:00:12	Name: phoenix_session Value: 877e7caff484ee0a111a72f5cb404b9e1f58c07c
.omnihotels.com/	1970-01-20 04:00:10	Name: login_fg_public Value: firstName%3A%7ClastName%3A
.omnihotels.com/	1970-01-20 04:00:09	Name: smtrsession Value: cameFromEmail%7Ctrue
.omnihotels.com/	1970-01-20 06:09:44	Name: _gcl_au Value: 1.1.2016727944.1656008673
ssl.omnihotels.com/	1970-01-20 08:22:13	Name: FirstSession Value: source%3Dadhoc%26medium%3Demail%26campaign%3Ddirect-ohr-select_guest-account_summary_jun_22%26term%3D%26content%3D126363%26date%3D20220623
.omnihotels.com/	1970-01-20 04:00:10	Name: random Value: 6908035
.omnihotels.com/	1970-01-20 21:31:20	Name: _ga Value: GA1.2.713303023.1656008673
.omnihotels.com/	1970-01-20 04:01:35	Name: _gid Value: GA1.2.1500868592.1656008673
.omnihotels.com/	1970-01-20 04:00:08	Name: _gat_UA-27724367-1 Value: 1
.omnihotels.com/	1970-01-20 04:00:08	Name: _dc_gtm_UA-33986005-1 Value: 1
.go.affec.tv/	1970-01-20 12:45:44	Name: ck Value: 62b4afe0a236f50001190ba2
.go.affec.tv/	1970-01-20 12:45:44	Name: oo Value: 1
.yahoo.com/	1970-01-20 12:46:06	Name: A3 Value: d=AQABBOGvtGICEEQPxULxpHPoDZcaCEA9fDgFEgEBAQEBtmK-YgAAAAAA_eMAAA&S=AQAAAutmhyya-jOKMBCfKf2qTpo
.ssl.omnihotels.com/	1970-01-20 12:45:44	Name: _pin_unauth Value: dWlkPU5UbGlZakF3WTJFdFl6aGtaaTAwT0dJNUxUazJaakl0WTJJM1lqaG1NalppTVdFMA
.go.affec.tv/	1970-01-20 12:45:44	Name: pt Value: eyJhbiI6eyJkdCI6MTY1NjAwODY3MywiaWQiOiIxNTY0Mzc2NjA2NTc3NDc5OTgxIiwibHMiOjE2NTYwMDg2NzN9LCJ2IjowfQ==\|1656008673\|65e7311a73a52cb26c93b73e8b864a4d375b4af1
.omnihotels.com/	1970-01-20 08:23:39	Name: permutive-id Value: 3aefe332-5aed-427e-b129-4098161173cc
.omnihotels.com/	1970-01-20 06:09:44	Name: _fbp Value: fb.1.1656008673201.651351288
.getrockerbox.com/	1970-01-20 04:43:20	Name: uuid Value: rbos-824d6514-13b1-4e28-8d1c-c216e6eb1366
.omnihotels.com/	1970-01-20 04:43:20	Name: rbuid Value: rbos-824d6514-13b1-4e28-8d1c-c216e6eb1366
.facebook.com/	1970-01-20 06:09:44	Name: fr Value: 0JR48YYb3PtYar6tA..BitK_h...1.0.BitK_h.
.adnxs.com/	1970-01-20 06:09:44	Name: uuid2 Value: 5677988431123376687
.linkedin.com/	1970-01-20 04:43:20	Name: UserMatchHistory Value: AQIBw5zBcbWXAgAAAYGRzwfEgiosaSkkcDiXTKiSGceuNn-JjaX2BQWOJDToxxAf03KXCY45ENHweg
.linkedin.com/	1970-01-20 04:43:20	Name: AnalyticsSyncHistory Value: AQLcNO5fvDnp9AAAAYGRzwfEGCAxvo8F-Os9GT2GVwdGbqVkmgMbO4SjGSXnpa2Xk1vxiMRjREsofDa7BCki5A
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:32:02	Name: bcookie Value: "v=2&54dce6ea-cabd-4599-8a8f-527f71aef8d2"
.linkedin.com/	1970-01-20 04:01:35	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2422:u=1:x=1:i=1656008673:t=1656095073:v=2:sig=AQHDly3D9rVTjnvaSKtk7bTMvMf_BE_H"
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_1073747411 Value: 1
.serving-sys.com/	1970-01-20 06:09:44	Name: OT2 Value: 1001nj1qIO
.amazon-adsystem.com/	1970-01-20 08:36:37	Name: ad-id Value: A5VZXDNDQkpPo2mVdUEeFl4
.amazon-adsystem.com/	1970-01-22 00:01:06	Name: ad-privacy Value: 0
.adnxs.com/	1970-01-20 06:09:44	Name: anj Value: dTM7k!M4/8D>6NRF']wIg2E>8x6kJ`!fss0=Ir4A3KL9D3I?-j@!zB!
ssl.omnihotels.com/	1970-01-20 04:01:35	Name: trustedsite_visit Value: 1
.mathtag.com/	1970-01-20 13:26:03	Name: uuid Value: 972362b4-afe1-4e00-8080-1db933fc8827
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:32:02	Name: bscookie Value: "v=1&20220623182433bfe22b2d-ca09-4573-8b4e-d681f81c8bd5AQHy0Zo3Vrpft-2bT6D3-PjYk6t8hUhf"
.linkedin.com/	1970-01-20 21:30:28	Name: li_gc Value: MTswOzE2NTYwMDg2NzM7MjswMjHxdgt7CPjRr9Bp57t5NErgpYSpbgQCeHUlzRIobhEHgg==
.mathtag.com/	1970-01-20 04:43:20	Name: mt_misc Value: mt_bt:1
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1656008673_1
.serving-sys.com/	1970-01-20 06:09:44	Name: u2 Value: a297df6a-84a4-4458-89fa-0f743bbb52c54Hu06g
.agkn.com/	1970-01-20 12:45:44	Name: ab Value: 0001%3AoZD2AGeNfjmJptVDoEX%2B8cutIFSXgt8s
.myvisualiq.net/	1970-01-20 21:31:20	Name: tuuid Value: 93956558-b67a-4382-98d3-d3ba7672e325
.myvisualiq.net/	1970-01-20 21:31:20	Name: c Value: 1656008673
.myvisualiq.net/	1970-01-20 21:31:20	Name: tuuid_lu Value: 1656008673
.bidswitch.net/	1970-01-20 12:45:44	Name: tuuid Value: 42bd2941-193c-43b3-bb2a-92037b0ddf38
.bidswitch.net/	1970-01-20 12:45:44	Name: c Value: 1656008673
.bidswitch.net/	1970-01-20 12:45:44	Name: tuuid_lu Value: 1656008673
.casalemedia.com/	1970-01-20 12:45:44	Name: CMID Value: YrSv4Q9BLfoJO3L.0bWwwgAA
.casalemedia.com/	1970-01-20 06:09:44	Name: CMPS Value: 3236
.casalemedia.com/	1970-01-20 06:09:44	Name: CMPRO Value: 3236
.analytics.yahoo.com/	1970-01-20 12:45:44	Name: IDSYNC Value: 17ki~25mi
.zeotap.com/	1970-01-20 12:45:44	Name: zc Value: 8fa627d5-eaac-4e31-7cee-81328ae4a67c
.omnihotels.com/	1970-01-20 21:31:20	Name: smtrrmkr Value: 637916054740151017%5E018191cf-0adf-443e-a0b6-8d4b9accf451%5E018191cf-0adf-4fdb-a403-a32642a4faa9%5E0%5E193.27.14.37
www.trustedsite.com/	1970-01-20 04:10:13	Name: AWSALBCORS Value: +CfdTIl+03wBqAvEv23Iu1PBU256OCsFGL90e6k3+Q0o61fn1VFsi8gbHT9ve1AvYaCmP20jc98o6HfboocqYVco+Cg7pajbL23MtUCncnkneT3OgRN9aCMfcBH4
.krxd.net/	1970-01-20 08:19:20	Name: _kuid_ Value: O6nkZjnO
ads.stickyadstv.com/	1970-01-20 04:43:20	Name: UID Value: 1c649f3afc33b7aec47a905b2cfb3c88
ads.stickyadstv.com/	1970-01-20 04:20:18	Name: uid-bp-30833 Value: 1
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: cb73fb37d6bcfab408c9f2d77f7a9b3
.mookie1.com/	1970-01-20 13:28:56	Name: id Value: 10811805701247335035
.mookie1.com/	1970-01-20 13:28:56	Name: mdata Value: 1\|10811805701247335035\|1656008674345
.mookie1.com/	1970-01-20 13:28:56	Name: ov Value: 1ca9cb6b81011cc29265a29b0971ad9a
.doubleclick.net/	1970-01-20 13:21:44	Name: IDE Value: AHWqTUkHs6ls_eiECbiE5x23G6mQwdBszdhgEhm8Ymqh-fm_36wW-SsZtC7idnP8TMU
.spotxchange.com/	1970-01-20 12:45:48	Name: audience Value: bb526f78-f321-11ec-9c4a-1384e0ef0206
.adform.net/	1970-01-20 04:43:20	Name: C Value: 1
.demdex.net/	1970-01-20 08:19:20	Name: demdex Value: 66040214466713547501207086939224078070
.adform.net/	1970-01-20 05:26:32	Name: uid Value: 3325649579704077738
.dpm.demdex.net/	1970-01-20 08:19:20	Name: dpm Value: 66040214466713547501207086939224078070
.casalemedia.com/	1970-01-20 04:01:35	Name: CMST Value: YrSv4mK0r+IA
ads.samba.tv/	1970-01-20 13:28:56	Name: sambapxid Value: f91ad623bd16ae71
.ispot.tv/	1970-01-20 21:31:20	Name: pt Value: v2:6cccf84e5a678fb1cc6fd896dfdffe49b66eb5a1b05d3efd9edc8acafc7c5141\|0e9c2ffef431f89a8aff949759096cd07a421d697c9bafa5f7130b896388a9d8
.semasio.net/	1970-01-20 12:45:44	Name: SEUNCY Value: 453158C5EF04A763
.ninthdecimal.com/	1970-01-20 08:19:20	Name: ndat Value: LU+8vmK0r+KZP3q7BcbHAg==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2908977.fls.doubleclick.net
4f36e5fd-8df3-411b-bf83-4d9d958da17e.prmutv.co
514012238.collect.igodigital.com
8703439.fls.doubleclick.net
aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
adservice.google.de
amazon.partners.tremorhub.com
api.permutive.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.bttrack.com
cdn.permutive.com
cdn.ywxi.net
click.em.omnihotels.com
cm.g.doubleclick.net
cm.teads.tv
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
d1n00d49gkbray.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
getrockerbox.com
go.affec.tv
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
js.adsrvr.org
lciapi.ninthdecimal.com
loadus.exelator.com
map.go.affec.tv
mwzeom.zeotap.com
odr.mookie1.com
onsiteshq.smarterhq.io
p.teads.tv
pi.ispot.tv
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
px.ads.linkedin.com
px.surveywall-api.survata.com
px4.ads.linkedin.com
s.amazon-adsystem.com
s.pinimg.com
s.yimg.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure.adnxs.com
snap.licdn.com
sp.analytics.yahoo.com
ssl.omnihotels.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
t.teads.tv
tags.bluekai.com
token.rubiconproject.com
tr2.smarterhq.io
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imdb.com
www.linkedin.com
www.omnihotels.com
www.trustedsite.com
x.bidswitch.net
px.surveywall-api.survata.com
www.omnihotels.com
104.111.242.245
104.19.150.54
104.21.58.221
104.75.88.209
13.107.43.14
13.111.234.80
141.226.228.48
142.250.181.230
143.204.89.15
143.204.89.5
143.204.89.75
143.204.94.161
143.204.95.155
151.101.194.132
18.156.0.31
18.156.126.13
18.156.93.253
18.184.103.225
185.33.220.242
185.33.221.13
185.64.189.110
185.64.190.78
185.94.180.125
188.65.124.66
2.18.233.201
2.18.234.233
2.21.20.161
209.54.176.128
212.82.100.181
212.82.100.182
216.58.212.130
23.35.229.56
23.35.236.247
2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
2600:9000:2156:4a00:14:6bfc:5740:93a1
2600:9000:2156:7e00:9:7c30:be80:21
2606:4700:10::6816:1857
2620:1ec:22::14
2a00:1288:80:807::2
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:830::2004
2a00:1450:400c:c06::9b
2a02:26f0:3500:16::215:149b
2a02:26f0:6c00:28d::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.93.160.221
34.107.254.252
34.254.143.3
34.98.67.61
35.158.225.181
35.241.9.51
35.244.159.8
37.157.6.253
44.224.197.137
45.79.188.190
46.137.177.196
52.19.46.209
52.20.189.152
52.29.68.61
52.44.45.214
52.6.201.25
52.92.195.40
54.163.244.190
54.175.67.42
54.228.196.14
69.16.175.10
69.173.144.165
69.192.160.219
77.243.60.138
99.80.124.254
037007ec7765412b5078a8550c5f77c549a550c156be35a528ea68452ad3fd65
03c15344ce609b11e34605f4e4ebf5e5550ba81bc7e378c635fb217552422e69
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0830e7874cce1ec2b27978ca6f6927514643e3140b2ac90231e9f3c01d953b80
0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2
0aa424e8bfcc06d6e537e84a61f068b1b15b7cab48839eeb3075909a249a7020
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f3288fab3dec7ac6ab76678fd9dc5b2f343e888c96667b3ca44a4adcdc4d49b
0f623bc2f5b56e73f92a71d841f035bd16150027a8c37b2162f53edc7ee27116
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b530072d3cbe0662a11fdc9516d5c2b40e168eebeb314faf95393f879eb026f
1d6a33ad1ba88ce5a28637b82db9475f28d06d85de54b20348252479f44b4ecf
21c5a26a772d63ea53c2b4e4a0e19ffa6a64387ec4661b76d49c91d2a81d4dda
22ea9e8de73d9c75f388acb6be4db2e1dbe153bb39e248c6b9a2272387f92e50
23df57940e7fd130b08139c3446c3ba0d0a4e4d5ccdc92f039f257146419d678
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
25727a56f910b1b41d985d9d9663ac3b74f6392855940747bbc0e1bbb61ce011
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30cf61509fb1a5405caf7ed1a872068936c72f69bf0cf5d9ae50ae418552e3bf
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330268ca0872ec324d4e29aab6992cdeed9d8ea3e92c1be48ebe19b49b285e3f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37c4be258a68d8b392bce3a464145c52dc34bd8f0756e6b4fad007c09b36120e
3807b4325425a62583bae8a5f549cd23d78414d8e91505872355cdfb6716b9a7
38340c81a6abf327da0789e6e28c7d7692d0790d94a60108199264a0b9363237
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c53bd4fb46505b90b10e21b4c6e477a14abb0ed61eab0a7b44ee0c351de5b5a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec91d6d6b2b6fbe100ea2018f7c7acca7ae03559dcd8bcfa5c0417a7fb1ffde
4f86eec5dbec516431f6ff8c11596f1d6a0f878f2b40193fb82d7e401e0edac6
503b04691b06ad292b016be7db745ea2a2e8a477d1024fabda07f18300dbef78
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
56b2291eb207321604a10b0e2d999405e958978009e75e1a0b6ee248acaf6a0c
5815d432d80be9326fed83c4723e9aa4cbeb050b0060cc08d1e8d64a573e7c80
5a964a8d4d0a80feda96413b3332966fea98bf48dd6019979bd5a3d7ebb2e126
5bfc8bf9713f6ff38443b76d7da5deed214d9461128ecd11319ee804e4c68326
5e253f3fe59706d941b1543978d621ccfdc3d73d2dd9ce4e6fe8b7f314cc9bfc
62ee3c241e91084569fec1e6644b357e88cdacbc4918bf5dfc5b0204d2467e33
65d1463c45255ff182b9ac12abcbf638d81713bcad608d27ec5a682d3b22098e
730d219f570bf42425ba1d5839fbfd7c553c4d09a82afc361b58f8b678b70aeb
748533f53846b130f62213b847ce93de7581faa93c3b886958fbc1537957e46f
76f8a0ca4e8fc3afc651dc5241e373e49acdbec76cd58c497dafe1da17af9e4e
778ccf0b26ad8c975d5729d81c8958f60488e65148c09eb5dbe99a4bc68904c4
78b7266eb34e40d909715f1ed382a3381cc768ca58a50c83b90c96b777c1870e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b32c59725175b8f92cbbaf27ff1554c6a906a7ac99ff5965ed48f8926c7d29a
7fc4e7e24bdfb9955a95e4ff4904f160455ff3ff48fd88aead4bad5153ba0a67
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3fdc99f4073ef5961efa056d69c34702d0bffbfdfa4598f66036a1e9f1c6d9c
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
a4af9b910551aa2f3cde6481f9b7da64cc490c659e9df343148f7add7f582b64
a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822
a9a3a6658977f235dfe54903a7e612462bab2401be3d08d16fcb6dfddfd25852
aa726b02d3080d0e7ce8b799bd3f95ff80467457e190b05d2561cc8c6fa8f6b8
ac95caf6f49e32fbce0d0fb95056dfd49691830fe768df25051d13cc8a7372ed
ada98a81565e7ffcb1dc1340ed0651bc7efcd4936fd23ebb97a89590d437fbc0
ae70997090041f2e7ac3cb19c7aa71d0ae3e5b6c0811ba90d7bbac5b2a9652fa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b376828bc31d01c21207ce9e299f1d1ca4bb7b5bcb2ead0b1c0fd519a4947cb1
b60760bdfcc23fea8d502e82b920d55680acdeaa229cf290791efab974b923eb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c80bbd7c9dc2df5f59c5a5e3d23e83e1c38bb225fe74209b8206e70b5f48fff0
c8e0b472171087f9a8f8d7c36a84500ff6ac1300bf4026dd36f364e9217a6edb
cb9d427092ab51585eb2729cce8407a274daeacf82496b514e095a9b9e7203c9
cca1972bbb2ff90e0188221c50a24f44a13a246088f1f82516ee7ead7fb8fad3
cededece3b690e20fd3d01dafd4684e3690cc510583f476fedc7dd509e31c07a
cfc0ccdf866ee5b0d01a5e224c253142fb3f1162a65a56b10212e32924a6216e
d2c0e1aebf907b85c8790c7910529e00521037df698079cef17489cd7ff37a97
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d62611ebf06cf82add515782a4299be09718556bef094120a5253b1d2e7186c6
dbf877e58bb3aeffa3a8d343858194b8830c743f2f69876b38bbb8d487a69ce0
dd602dc5ccdcea07c0fb5688be167ffb0d451708b02d5cab532a7b2f226c2c8f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df2484a3c0a9b38125cdce7e5a8aa756e00cd676c1c1e49181b05619a43f2b6d
e2c93a043df298057c329b4a1b58c2215c14f8ad6325a1dfb157f4fa6f09f83f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e925fe3f66634a87c42bf2461d64fcbda50327a963087c52f657817fe4ea3edb
eda439ff213c7bc22c13d3a1c74db46d55bd9d16aeb725ee37a9a27c24c0fdfa
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f20a3917eb3aabaac6696b91b209379aa80937ccbc5346fa8bf68be407c09222
f7817b1b319bff0940b21ce3ca187c54027386b508044a7057e7bed8c2b261b5

ssl.omnihotels.com Open in urlscan Pro 143.204.89.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

76 %HTTPS

23 %IPv6

59 Domains

81 Subdomains

51 IPs

9 Countries

1212 kBTransfer

3035 kBSize

73 Cookies

19 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ssl.omnihotels.com Open in urlscan Pro
143.204.89.15 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

76 %
HTTPS

23 %
IPv6

59
Domains

81
Subdomains

51
IPs

9
Countries

1212 kB
Transfer

3035 kB
Size

73
Cookies

154 HTTP transactions
0 data transactions