www.theoriginalshotels.com Open in urlscan Pro
2606:4700::6811:b664 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.theoriginalshotels.com/
Submission: On February 28 via api (February 28th 2021, 9:34:44 am UTC) from BR

Summary HTTP 153 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 36 domains to perform 153 HTTP transactions. The main IP is 2606:4700::6811:b664, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.theoriginalshotels.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2020. Valid for: a year.

This is the only time www.theoriginalshotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
63	2606:4700::68... 2606:4700::6811:b664	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.244.31.25 195.244.31.25	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3 6	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	89.185.38.89 89.185.38.89	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 6	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1 2	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
1	51.15.145.116 51.15.145.116	12876 (Online SAS) (Online SAS)
2	95.131.137.7 95.131.137.7	47841 (OXALIDE) (OXALIDE)
1 3	18.193.31.194 18.193.31.194	16509 (AMAZON-02) (AMAZON-02)
4 6	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
2	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
1 2	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
2	151.80.200.208 151.80.200.208	16276 (OVH) (OVH)
2 8	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	51.158.28.83 51.158.28.83	12876 (Online SAS) (Online SAS)
6 6	52.28.120.199 52.28.120.199	16509 (AMAZON-02) (AMAZON-02)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 3	54.36.109.156 54.36.109.156	16276 (OVH) (OVH)
2 2	3.121.177.185 3.121.177.185	16509 (AMAZON-02) (AMAZON-02)
1 2	52.210.171.182 52.210.171.182	16509 (AMAZON-02) (AMAZON-02)
1	52.29.181.205 52.29.181.205	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5	23.210.249.113 23.210.249.113	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.208.188.183 52.208.188.183	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	152.199.20.219 152.199.20.219	15133 (EDGECAST) (EDGECAST)
1	151.80.200.209 151.80.200.209	16276 (OVH) (OVH)
1 7	85.17.192.104 85.17.192.104	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
153	43

63 2606:4700::6811:b664 (United States)

ASN13335 (CLOUDFLARENET, US)

www.theoriginalshotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net

www.travelclick-websolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.70 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

8741099.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10227764.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.185.38.89 (Paris, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

u.logbor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.134 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

10140364.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10150729.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.149 (Ketsch, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.145.116 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-116.rev.poneytelecom.eu

js.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.131.137.7 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net

vu.adschoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.31.194 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-31-194.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.237 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.219.174 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.80.200.208 (Roubaix, France)

ASN16276 (OVH, FR)

apicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.14 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu

sddan.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.28.120.199 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.36.109.156 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: p07.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.177.185 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-177-185.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.171.182 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.181.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-181-205.eu-central-1.compute.amazonaws.com

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.249.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-113.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.188.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-188-183.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.199.20.219 (United States)

ASN15133 (EDGECAST, US)

cdn.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.80.200.209 (Roubaix, France)

ASN16276 (OVH, FR)

tags.clickintext.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 85.17.192.104 (The Hague, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: tradelab.fr

its.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	theoriginalshotels.com www.theoriginalshotels.com	1 MB
31	galaxy.tf cdn.galaxy.tf	6 MB
16	doubleclick.net 9 redirects 8741099.fls.doubleclick.net 10140364.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net 5994599.fls.doubleclick.net ad.doubleclick.net 10227764.fls.doubleclick.net 10150729.fls.doubleclick.net	8 KB
12	tradelab.fr 1 redirects cdn.tradelab.fr its.tradelab.fr	18 KB
8	adnxs.com 2 redirects secure.adnxs.com ib.adnxs.com	8 KB
8	adform.net 4 redirects track.adform.net s2.adform.net	59 KB
8	google.com www.google.com adservice.google.com	3 KB
6	bidswitch.net 6 redirects x.bidswitch.net	3 KB
6	facebook.com www.facebook.com	850 B
5	mathtag.com pixel.mathtag.com	4 KB
5	google-analytics.com www.google-analytics.com	20 KB
4	facebook.net connect.facebook.net	232 KB
4	googleapis.com maps.googleapis.com	122 KB
3	id5-sync.com 2 redirects id5-sync.com	4 KB
3	creative-serving.com 1 redirects ads.creative-serving.com	2 KB
3	google.de www.google.de adservice.google.de	741 B
3	googletagmanager.com www.googletagmanager.com	127 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	360yield.com 2 redirects ice.360yield.com	1010 B
2	openx.net 1 redirects us-u.openx.net	483 B
2	apicit.net apicit.net	2 KB
2	ad-srv.net 1 redirects ad.ad-srv.net	1 KB
2	adschoom.com vu.adschoom.com	2 KB
2	redintelligence.net 1 redirects hal9000.redintelligence.net	2 KB
2	logbor.com u.logbor.com	5 KB
1	clickintext.net tags.clickintext.net	519 B
1	adsrvr.org insight.adsrvr.org	261 B
1	justpremium.com match.justpremium.com	325 B
1	contextweb.com bh.contextweb.com	406 B
1	pubmatic.com simage2.pubmatic.com	949 B
1	consensu.org sddan.mgr.consensu.org	109 B
1	sddan.com js.sddan.com	2 KB
1	googleadservices.com www.googleadservices.com	13 KB
1	gstatic.com www.gstatic.com	129 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	travelclick-websolutions.com www.travelclick-websolutions.com	47 KB
153	36

	Domain	Requested by
32	www.theoriginalshotels.com	www.theoriginalshotels.com
31	cdn.galaxy.tf	www.theoriginalshotels.com
7	its.tradelab.fr	1 redirects
7	secure.adnxs.com	1 redirects www.theoriginalshotels.com
6	x.bidswitch.net	6 redirects
6	www.facebook.com	www.theoriginalshotels.com
6	adservice.google.com	8741099.fls.doubleclick.net 10140364.fls.doubleclick.net ad.ad-srv.net 5994599.fls.doubleclick.net 10227764.fls.doubleclick.net 10150729.fls.doubleclick.net
6	track.adform.net	4 redirects www.theoriginalshotels.com hal9000.redintelligence.net
5	cdn.tradelab.fr	www.googletagmanager.com cdn.tradelab.fr
5	pixel.mathtag.com	hal9000.redintelligence.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	connect.facebook.net	www.theoriginalshotels.com connect.facebook.net
4	maps.googleapis.com	www.theoriginalshotels.com maps.googleapis.com
3	id5-sync.com	2 redirects www.theoriginalshotels.com
3	ads.creative-serving.com	1 redirects www.theoriginalshotels.com
3	www.googletagmanager.com	www.theoriginalshotels.com
2	10150729.fls.doubleclick.net	1 redirects www.theoriginalshotels.com
2	10227764.fls.doubleclick.net	1 redirects ad.ad-srv.net
2	ad.doubleclick.net	2 redirects
2	5994599.fls.doubleclick.net	1 redirects hal9000.redintelligence.net
2	cm.g.doubleclick.net	2 redirects
2	dpm.demdex.net	1 redirects www.theoriginalshotels.com
2	ice.360yield.com	2 redirects
2	us-u.openx.net	1 redirects www.theoriginalshotels.com
2	adservice.google.de	adservice.google.com
2	apicit.net	u.logbor.com apicit.net
2	ad.ad-srv.net	1 redirects u.logbor.com
2	s2.adform.net	www.theoriginalshotels.com hal9000.redintelligence.net
2	vu.adschoom.com	www.theoriginalshotels.com vu.adschoom.com
2	hal9000.redintelligence.net	1 redirects www.theoriginalshotels.com
2	10140364.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	u.logbor.com	www.theoriginalshotels.com u.logbor.com
2	8741099.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google.com	www.theoriginalshotels.com
1	ib.adnxs.com	1 redirects
1	tags.clickintext.net	apicit.net
1	insight.adsrvr.org	ad.ad-srv.net
1	match.justpremium.com	www.theoriginalshotels.com
1	bh.contextweb.com	www.theoriginalshotels.com
1	simage2.pubmatic.com	www.theoriginalshotels.com
1	sddan.mgr.consensu.org	js.sddan.com
1	js.sddan.com	www.theoriginalshotels.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.google.de	www.theoriginalshotels.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	www.theoriginalshotels.com
1	www.travelclick-websolutions.com	www.theoriginalshotels.com
153	49

This site contains links to these domains. Also see Links.

Domain
cdn.galaxy.tf
www.facebook.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.theoriginalshotels.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.www.travelclick-websolutions.com Gandi Standard SSL CA 2	`2020-06-23` - `2021-07-08`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
cdn.galaxy.tf Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.logbor.com R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
redintelligence.net R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
*.sddan.com RapidSSL RSA CA 2018	`2020-02-17` - `2022-05-18`	2 years	crt.sh
vu.adschoom.com R3	`2021-01-25` - `2021-04-25`	3 months	crt.sh
*.creative-serving.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-27` - `2021-04-02`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
ad-srv.net R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
rdc.apicit.net R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sddan.mgr.consensu.org R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.id5-sync.com R3	`2020-12-26` - `2021-03-26`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
tracking.justpremium.com Amazon	`2020-11-26` - `2021-12-25`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
crealab.cdn.tradelab-apps.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-27` - `2021-10-09`	8 months	crt.sh
*.clickintext.net R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
*.tradelab.fr Go Daddy Secure Certificate Authority - G2	`2019-07-30` - `2021-09-28`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://www.theoriginalshotels.com/
Frame ID: F82183A9DBD7DC7A426C353D943D12FC
Requests: 130 HTTP requests in this frame

Frame: https://8741099.fls.doubleclick.net/activityi;dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F
Frame ID: 2814F1F927C277C91301452A910286FB
Requests: 1 HTTP requests in this frame

Frame: https://10140364.fls.doubleclick.net/activityi;dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113
Frame ID: 81A39CDEE30A845CDD0EE792FABACE22
Requests: 1 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Frame ID: 70B8752BD6F012C714B27749B0741CBD
Requests: 8 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
Frame ID: 95901217637AB15A5967A3DC61DD1E78
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F
Frame ID: 6CB63900E2803260EF469FB001FD7EC4
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https://www.theoriginalshotels.com/
Frame ID: F4CA621B06966FD30BD3F204B664767B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F
Frame ID: 8BFF05C949F87726563A9159CDEE472D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https://www.theoriginalshotels.com/
Frame ID: D22EBEFA271DD8A319B12C79BB6F648B
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214
Frame ID: B6F889E58AE1653671CD964FC8988A91
Requests: 2 HTTP requests in this frame

Frame: https://10227764.fls.doubleclick.net/activityi;dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608
Frame ID: 4E2402A1D06B6AF62A7FB2E729F02D11
Requests: 2 HTTP requests in this frame

Frame: https://10150729.fls.doubleclick.net/activityi;dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20'
Frame ID: 0A6A8DAFFA99096A53E1E2270D1C33C0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i
script /adnxs\.(?:net|com)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

153
Requests

100 %
HTTPS

37 %
IPv6

36
Domains

49
Subdomains

43
IPs

8
Countries

8047 kB
Transfer

11051 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.galaxy.tf/uploads/applications/documents/001/568/877/guide-theoriginalshumanhotels-resorts.pdf
Title: Télécharger notre guide

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theoriginalshotels/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the_originals_hotels/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/theoriginalshotels
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://8741099.fls.doubleclick.net/activityi;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F HTTP 302
https://8741099.fls.doubleclick.net/activityi;dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F

Request Chain 69

https://10140364.fls.doubleclick.net/activityi;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113 HTTP 302
https://10140364.fls.doubleclick.net/activityi;dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113

Request Chain 81

https://hal9000.redintelligence.net/retarget?a=48575&version=1 HTTP 302
https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

Request Chain 84

https://ads.creative-serving.com/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home HTTP 302
https://ads.creative-serving.com/ul_cb/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home

Request Chain 85

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 86

https://ad.ad-srv.net/retarget?a=52995&version=1 HTTP 302
https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

Request Chain 88

https://secure.adnxs.com/seg?add=11906172&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11906172%26t%3D1

Request Chain 100

https://x.bidswitch.net/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=987 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=987 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e93dd6fa-fba4-4499-814e-81916522a062 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=e93dd6fa-fba4-4499-814e-81916522a062

Request Chain 101

https://x.bidswitch.net/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=292 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=292 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e93dd6fa-fba4-4499-814e-81916522a062&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 102

https://x.bidswitch.net/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=456 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=456 HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=e93dd6fa-fba4-4499-814e-81916522a062

Request Chain 103

https://id5-sync.com/s/101/463c0a12-8225-497d-972d-d4ef419d5f6f/1.gif HTTP 302
https://id5-sync.com/c/101/101/1/1.gif?puid=463c0a12-8225-497d-972d-d4ef419d5f6f&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOYTkReA75hut5Vn6hQXpZfMul5yQvu52RY3gbfg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOYTkReA75hut5Vn6hQXpZfMul5yQvu52RY3gbfg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/101/124/0/2.gif?puid=e1b005f6-3a12-4f42-b88a-a8da2b5ceace&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

Request Chain 104

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=463c0a12-8225-497d-972d-d4ef419d5f6f HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=463c0a12-8225-497d-972d-d4ef419d5f6f

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
https://ads.creative-serving.com/gcm?google_gid=CAESEAW4IDCXgdikjPO2maKA9oI&google_cver=1

Request Chain 110

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 111

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214

Request Chain 113

https://ad.doubleclick.net/ddm/activity/src=9293064;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3534252011182.4214 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9293064;dc_pre=CPPo9KejjO8CFdAaGAodw8YI7Q;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3534252011182.4214 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9293064;dc_pre=CPPo9KejjO8CFdAaGAodw8YI7Q;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3534252011182.4214

Request Chain 114

https://10227764.fls.doubleclick.net/activityi;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608 HTTP 302
https://10227764.fls.doubleclick.net/activityi;dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608

Request Chain 115

https://track.adform.net/Serving/TrackPoint/?pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=429259433533&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVyZT4iLCJpZCI6IjxpbnNlcnQgb3JkZXIgaWQgdmFsdWUgaGVyZT4ifQ&loc=https%3A%2F%2Fwww.theoriginalshotels.com%2F HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=429259433533&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVyZT4iLCJpZCI6IjxpbnNlcnQgb3JkZXIgaWQgdmFsdWUgaGVyZT4ifQ&loc=https%3A%2F%2Fwww.theoriginalshotels.com%2F

Request Chain 116

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=886863213815&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotels.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D48575%26version%3D1%26redirected%3D1 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=886863213815&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotels.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D48575%26version%3D1%26redirected%3D1

Request Chain 131

https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync HTTP 302
https://its.tradelab.fr/?type=tlsync&uuid2=3687557771963540380&callback=tl_sync

Request Chain 134

https://10150729.fls.doubleclick.net/activityi;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20' HTTP 302
https://10150729.fls.doubleclick.net/activityi;dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20'

Request Chain 135

https://its.tradelab.fr/?type=tp&advid=4704033&uuid=3687557771963540380&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614504866%2C%22page_url%22%3A%22www.theoriginalshotels.com%2F%22%2C%22dm%22%3A%22theoriginalshotels.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614504866%2C%22prev_vis_ts%22%3A1614504866%2C%22curr_vis_ts%22%3A1614504866%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEG678ITFlLDeYWbktAMm1D0&google_cver=1

153 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.theoriginalshotels.com/ 253 KB
46 KB 71ms
27ms Document
text/html 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4df34d38bc7e72896e030a16ae7c7df895b9b56d1ca015858396f03d0bdffb37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.theoriginalshotels.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3339ff0d5afc89cfadc9767503f4d12f1614504863; expires=Tue, 30-Mar-21 09:34:23 GMT; path=/; domain=.www.theoriginalshotels.com; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 25 Feb 2021 08:27:14 GMT
etag: W/"0801d3e129b76c51da68d47842273820"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: YJ0kbEsNxTuq_iU_9mt-UhiTqXh18gtfAkhaesq9jffWoa6PoA2xYw==
age: 10554
cf-cache-status: HIT
expires: Sun, 28 Feb 2021 09:54:23 GMT
cache-control: public, max-age=1200
cf-request-id: 0889963df800002c4a6dac1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 628926432c2c2c4a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.css
www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/ 533 KB
75 KB 34ms
33ms Stylesheet
text/css 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e25384063a107d5beb3cdb1016f96d120ad5b0f6bf6b54feb94bfc3a7594c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963e1b00002c4a453c3000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"06946e3e528d3e11639d05869fc93d7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 628926435c7f2c4a-FRA
x-amz-cf-id: YVdqOFq1bkNh9eeOUfrg7d3hJjPFZI8Q1JzTUG60JTrryF8V0c4tJA==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H/1.1 200
OK gms.min.js Show response
www.travelclick-websolutions.com/asset-galaxy/js/ 145 KB
47 KB 655ms
166ms Script
application/javascript 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.travelclick-websolutions.com/asset-galaxy/js/gms.min.js?v9154c97b09449c767fd0200477ae36af

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

72e0249618cd8044382e94d89cf61cea27f1f41815b3d994e170cc13fa245f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 10:39:18 GMT
Server: Apache
ETag: "24384-5bc26c382f2cb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 47257
Expires: Sun, 07 Mar 2021 09:34:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8741099

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb48a30f1f7d48a6bff82fbac3df19b05b60dac198e7af36685db5f37afad719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39421
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 09:34:23 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 15ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1041974
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
cf-request-id: 0889963e1a00001752898a7000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Cu6qEpNmg2LrHvMYloOZkreB2HUxJi27ZI2U3KU1G7OhJSC9vCsxMYOhsppYQg7CByjQ%2FzAONZUcO6Hnne0AWDw3W5ZZIYju3IWtKWuW3YFJp9ci5bVP0K%2FbULV2EfYFg%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6289264358051752-FRA
expires: Fri, 18 Feb 2022 09:34:23 GMT

GET
H2 200 1608307107_5fdcd1a3aef5c-thumb.svg
cdn.galaxy.tf/thumb/sizeW200/uploads/s/cms_image/001/608/307/ 8 KB
3 KB 40ms
14ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW200/uploads/s/cms_image/001/608/307/1608307107_5fdcd1a3aef5c-thumb.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e1643fbbd726611ae85daa3796dfe933445cecff34d4fd149fb1ba42f22a44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1104019
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 62892644bb2d5363-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963ef3000053633f2fa000000001
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 icon-user-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 662 B
818 B 17ms
17ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/icon-user-white.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6d0c93f1f8d80347943722f2eadb08d1a33045b05058db74931ca0d3ea1f709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963f0300002c4a0aa49000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1639cde332b439d4dd184f888c82941f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 62892644de992c4a-FRA
x-amz-meta-md5chksum: FjnN4zK0OdTdGE+IjIKUHw==
x-amz-cf-id: -QUz3HIeGdj_Gj_XCrnNfQK56737PscEMekxtSD38s-2GkOt73K8Zw==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 ico-arrow-down-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 198 B
562 B 16ms
16ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/ico-arrow-down-white.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f561b7fe08af5afa017a87fdef48c4afa2c2220e48cc9f17b4bfb46d265809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963f1600002c4a15034000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a066c612fd4f5e8cf7ccfa2eca8f81e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 62892644eec52c4a-FRA
x-amz-meta-md5chksum: oGbGEv1PXoz3zPouyo+B5w==
x-amz-cf-id: 9f9FlIKG4oRVl7Z4z4YRyLr47jHVjlnny0uCuvHaAOFKwHHeY9KrRA==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 arrow-left-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 203 B
462 B 14ms
14ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/arrow-left-white.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

312e3949dc0d0ca10792535b1bf6a8d2ff5c0e69d78661a46b3a0ebdec700ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963f2700002c4a1d080000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d4a7ee76d1079e78877cfe744450c15e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 628926450ef32c4a-FRA
x-amz-meta-md5chksum: 1KfudtEHnniHfP50RFDBXg==
x-amz-cf-id: aXNy7Oyt9-X5AMhRUe-A4VupksPnHV6QddNxACJjWCnlWusSInOTKA==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 arrow-right-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 202 B
415 B 17ms
17ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/arrow-right-white.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64554b950459b990eb022dc55fce559cb248e7f466a06ea57f66e64b76e4901c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963f3600002c4a43946000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ee6c843d467f39092a19987cb9a8dbf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 628926452f0f2c4a-FRA
x-amz-meta-md5chksum: 7myEPUZ/OQkqGZh8uajb+Q==
x-amz-cf-id: f-gY8Ox6ndnKy36tIdlbcassX1M1e4zZF6dlA8HhY2aO4as0OqQ5ig==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 ico-close-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 303 B
466 B 19ms
19ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/ico-close-white.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2fd82e920988463d77ceeef8481175e86cc88342962ceeb0e983eaf6fa4063c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963f4900002c4a2985d000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"de2a2a334148f179c64e377889b210aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 628926454f4d2c4a-FRA
x-amz-meta-md5chksum: 3ioqM0FI8XnGTjd4ibIQqg==
x-amz-cf-id: N1wCa43U1Haa4qwQCcB8JuqUEojYill-JT32VUQSB70t34pNO1XZWQ==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 arrow-right-red.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 205 B
417 B 13ms
13ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/arrow-right-red.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b12ca4adaadf5bb8964ab3f32a79fbb0a1a8c4e47120bb448958fd29892645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963f5e00002c4a68a5f000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5b482c6c086f47eb5f426082034f93b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 628926456f8a2c4a-FRA
x-amz-meta-md5chksum: W0gsbAhvR+tfQmCCA0+Ttg==
x-amz-cf-id: pqsVzbANeLeOx0xNPAL-p7biuyU7NdLRcraRq16HD1dqB6j6zZZ5xg==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 location.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 774 B
845 B 14ms
14ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/location.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4496790355109e59d18432247f4ca567a7dbfbd8890495348c02e25ea958fc7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963f6f00002c4af48c4000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1fd628fa1443931373d97e97bf362695"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 628926457fae2c4a-FRA
x-amz-meta-md5chksum: H9Yo+hRDkxNz2X6XvzYmlQ==
x-amz-cf-id: odSag39Z6KOyvaXrBd62ysXhiaUIKunhPsTrcuVPIti6DGMm-HqYtw==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 1608215003_5fdb69db250f7-thumb.png
cdn.galaxy.tf/uploads/3s/cms_image/001/608/215/ 8 KB
9 KB 14ms
14ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/uploads/3s/cms_image/001/608/215/1608215003_5fdb69db250f7-thumb.png

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b77f93b1793ae5fd2b88b11f79acf48aacec70628adc749f4710313618c67c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
vary: Accept
cf-cache-status: HIT
age: 828979
cf-polished: origFmt=png, origSize=13635
content-disposition: inline; filename="1608215003_5fdb69db250f7-thumb.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8460
cf-request-id: 0889963f7c00005363d21eb000000001
last-modified: Thu, 17 Dec 2020 14:21:33 GMT
server: cloudflare
etag: "3543-5b6a9b579361a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/webp
expires: Mon, 28 Feb 2022 09:34:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628926459c955363-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1536756334_5b990a6e462c8-wide.jpg
cdn.galaxy.tf/unit-media/seh-unit/uploads/seh/hotel_photo/001/536/756/ 1 MB
1 MB 18ms
17ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/seh/hotel_photo/001/536/756/1536756334_5b990a6e462c8-wide.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b2dd11c666234dcffd5a9703bc5cbc54fd28d650807d82c7ddcd5c3793ad97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 79979
cf-polished: degrade=85, origSize=1603307, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1480389
cf-request-id: 0889963f8d00005363dc216000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62892645acbf5363-FRA
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 newbrand-3512-fr-saint-malo-hotel-2851-compressor-wide.jpg
cdn.galaxy.tf/unit-media/seh-unit/uploads/images/hotel_photo/001/565/778/ 418 KB
419 KB 14ms
14ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/images/hotel_photo/001/565/778/newbrand-3512-fr-saint-malo-hotel-2851-compressor-wide.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16650f75bc05aaa17b696d055ce2c2f08d8a2277369e7560a407fa63b0f7c0ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 79979
cf-polished: origSize=431218, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 428381
cf-request-id: 0889963fba00005363d085f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62892645fd355363-FRA
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 newbrand-9303-fr-tremblay-en-france-hotel-28-compressor-wide.jpg
cdn.galaxy.tf/unit-media/seh-unit/uploads/images/hotel_photo/001/562/762/ 992 KB
993 KB 20ms
20ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/images/hotel_photo/001/562/762/newbrand-9303-fr-tremblay-en-france-hotel-28-compressor-wide.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1768aad1a508c0427c3f80c87035acfb275d3479c3802ad92cfbfe72c2ab8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
vary: Accept
cf-cache-status: HIT
age: 160993
cf-polished: qual=85, origFmt=jpeg, origSize=1059488
content-disposition: inline; filename="newbrand-9303-fr-tremblay-en-france-hotel-28-compressor-wide.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1015342
cf-request-id: 0889963fcd00005363c23e1000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628926461d555363-FRA
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 newbrand-7614-fr-saint-martin-du-vivier-hotel-2501-compressor-wide.jpg
cdn.galaxy.tf/unit-media/seh-unit/uploads/images/hotel_photo/001/565/967/ 475 KB
475 KB 15ms
14ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/images/hotel_photo/001/565/967/newbrand-7614-fr-saint-martin-du-vivier-hotel-2501-compressor-wide.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5c927a0a0cdceb7d10a759a4a4ec2344dd7f2c14ee9042cbcd09f801862e60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 346291
cf-polished: origSize=489288, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 486198
cf-request-id: 0889963feb000053632391b000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628926464da35363-FRA
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 1536760128_5b9919400fd94-wide.jpg
cdn.galaxy.tf/unit-media/seh-unit/uploads/seh/hotel_photo/001/536/760/ 171 KB
171 KB 18ms
17ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/seh/hotel_photo/001/536/760/1536760128_5b9919400fd94-wide.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db8d9f89237b05dc214551dfd351324af28fed9cc6cf0b4fb28633ab253a7d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
vary: Accept
cf-cache-status: HIT
age: 260250
cf-polished: qual=85, origFmt=jpeg, origSize=225360
content-disposition: inline; filename="1536760128_5b9919400fd94-wide.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174726
cf-request-id: 0889963fff00005363f02cb000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628926466dd95363-FRA
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 newbrand-i039-it-montevarchi-exterieurs-9003-compressor-wide.jpg
cdn.galaxy.tf/unit-media/seh-unit/uploads/images/hotel_photo/001/564/045/ 588 KB
589 KB 20ms
20ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/images/hotel_photo/001/564/045/newbrand-i039-it-montevarchi-exterieurs-9003-compressor-wide.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

661d169c99229b3286fad3d385aa66f8849504e368075acaff9505e3cda24b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 346291
cf-polished: origSize=605127, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 602163
cf-request-id: 088996401400005363c703f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628926468e005363-FRA
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 arrow-up-thin-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 204 B
560 B 16ms
15ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/arrow-up-thin-white.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

794777a48f26375e8937e6e406b63b129592c604f6780d63b729da3e977d72b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088996402e00002c4a66074000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"589769780c08b9a2f4b62c602ae63cf1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 62892646b95f2c4a-FRA
x-amz-meta-md5chksum: WJdpeAwIuaL0tixgKuY88Q==
x-amz-cf-id: _ESanljGfTkj-x-Z0GXLwzu0WKLiNwo6pcYGiyUnECYlFRnmceTfLg==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 fb.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 285 B
506 B 11ms
11ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/fb.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

318c18bf81911f5bf528004448e0dfb39faeaa5a55ccc4638636180464fa69df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088996403e00002c4a6b3e3000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"554031989015a5d0a8924e4f5f342499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 62892646c9762c4a-FRA
x-amz-meta-md5chksum: VUAxmJAVpdCokk5PXzQkmQ==
x-amz-cf-id: xf1Nc20feRk6subN7uvvJjshOGauk_z4meqavYPSHL_68MAnQGLRfQ==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 instagram.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 2 KB
941 B 17ms
16ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/instagram.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c472576f4b565d32159c395fee6a3923b89b70d5041b95da1a3ee66504ccf837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 260250
x-cache: Hit from cloudfront
cf-request-id: 088996404a00002c4af1a59000000001
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"967c9dd061c8e39ceecaa4dc622cbe5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 62892646d9892c4a-FRA
x-amz-meta-md5chksum: lnyd0GHI45zuyqTcYiy+Xg==
x-amz-cf-id: YmBVs4Z4SCscg9eas01ovIBgQf78yieJEQITFLNgfhV8UrUQRCWzvg==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 linkedin.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 647 B
645 B 12ms
11ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/linkedin.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a68de406188ab6e9cacf06d04ac1a379009da99d4cfd2bf59e136ab0efbaad0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088996405d00002c4af48cf000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"af82f460ada1c8e65b58cda94fc051eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 62892646f9a82c4a-FRA
x-amz-meta-md5chksum: r4L0YK2hyOZbWM2pT8BR6w==
x-amz-cf-id: JwAzTRUagbmFPHK-YaPIQAFLbzOaTeswzCNLUcLdpEoogu_lkjYJyg==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 galaxy-helpers.js Show response
www.theoriginalshotels.com/frontend/galaxy-helpers/public/ 56 KB
19 KB 16ms
16ms Script
application/javascript 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-fa7e1600-70ce-4247-97af-042edbce1fca

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c745d97eb264883133b07b7dcce7239d932c98aa45ef199cf6f0abf2f3072ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963e4300002c4a533e7000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"06dbeef1eaea89ca2679d471485e4a13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 628926439cdb2c4a-FRA
x-amz-meta-md5chksum: Btvu8erqicomedRxSF5KEw==
x-amz-cf-id: b340A7GbielKwMeu0rrtEefKLDtW99sPXkaG8E96ENDPesdBy6nlUg==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 123 KB
40 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyA5kF3IVVjrwMwf2MOdHl1JBdbdBOgDas4

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

28ccb96eaaff5a2fc0ea7dfa45efbac11e5ac0fde9ff110fdce47ef10b4c54ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=11
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41201
x-xss-protection: 0
expires: Sun, 28 Feb 2021 10:04:23 GMT

GET
H2 200 lazysizes.min.js Show response
www.theoriginalshotels.com/integration/seh/public/js/ 7 KB
3 KB 17ms
17ms Script
application/javascript 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/lazysizes.min.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

469e10df142a5884e59c7a93596294a29a0c1f5e57c830c0470647dcbeee334a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 260250
x-cache: Hit from cloudfront
cf-request-id: 0889963e7800002c4a6b3c8000000001
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b25c550fe0d639b4049687bf16ec9193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 62892643fd422c4a-FRA
x-amz-meta-md5chksum: slxVD+DWObQEloe/FuyRkw==
x-amz-cf-id: dk_2M3eaQl83YTCT1_mtV8-i0Wl8bKkbz-daaSz0h4nhTFTTKGXoxA==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/ 629 KB
168 KB 39ms
39ms Script
application/javascript 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9154c97b09449c767fd0200477ae36af

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73f8ed2959711e2d5e209885c2c337a0a75329de89e93193b828132c750f3da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0889963e8a00002c4a39bb8000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"132773134cf243642249b278b959bfc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 628926441d692c4a-FRA
x-amz-meta-md5chksum: EydzE0zyQ2QiSbJ4uVm/yQ==
x-amz-cf-id: eGw8PXkNeRrv-UanHSwP9mvtaBK_zc4FpgmeZtDvHpfmzRlMoBQPvQ==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 906 B
701 B 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onLoadCaptcha

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

46e9603c4ad1b706147d801d1388611cdae6a0aeee2811b756f82fd01c8264c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 574
x-xss-protection: 1; mode=block
expires: Sun, 28 Feb 2021 09:34:23 GMT

GET
H2 200 bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/shared-galaxy-components/js/ 54 KB
17 KB 15ms
14ms Script
application/javascript 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/shared-galaxy-components/js/bundle.js?v9154c97b09449c767fd0200477ae36af

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799b56eab7270dfc6b1208944afd06c7a7c4f9f85ac0f842737efce2f293f033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:23 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08899640f400002c4a1d09b000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"70f4148a69c157168fc8a6c290879d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 62892647eac82c4a-FRA
x-amz-meta-md5chksum: cPQUimnBVxaPyKbCkIedKA==
x-amz-cf-id: PJbHHqp9C7J9rbcwYbkPJzxgD5sZCIf0N00eHwUSKKaDIQNiFfn4Gg==
expires: Mon, 28 Feb 2022 09:34:23 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 131 KB
41 KB 41ms
25ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30d9d21875166dbb1f22133a829f9aecd31bda2098541579f2ada95f51f945ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41935
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 09:34:24 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
47 KB 42ms
26ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e6007968d4610541e567e270109d40dca0c07f5b4fa89b22d48470963d13e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48437
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 09:34:24 GMT

GET
H2 200 TruenoRg.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 14 KB
14 KB 24ms
23ms Font
application/octet-stream 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/TruenoRg.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29e056a988f874565b954c03f119955657ed0a369cb975a4645c79731914f9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 258633
x-cache: Hit from cloudfront
cf-request-id: 08899641ef00002c4a3c335000000001
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14088
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "584302e25fd9988ca4b4c8e1e63a0818"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 628926497cb52c4a-FRA
x-amz-meta-md5chksum: WEMC4l/ZmIyktMjh5joIGA==
x-amz-cf-id: yL5n-0PM3VMxxC9sAAWVq-f_i9jOwu4FIn9WBd0PrctBsSX4Ij3EsQ==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 TruenoSBd.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 18 KB
18 KB 15ms
15ms Font
application/octet-stream 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/TruenoSBd.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1d8362a60d16cfca89c19e6e6697eb0fbc1b3724192cb4f0e41bd58dfa4094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 258633
x-cache: Hit from cloudfront
cf-request-id: 08899641f500002c4a32309000000001
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18080
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f0ddd57ee93a6bf7d71d2ed4e9f61c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 628926498cc52c4a-FRA
x-amz-meta-md5chksum: Xw3dV+6Tpr99cdLtTp9hww==
x-amz-cf-id: igWZJJ0Qn_hLg2AO9vXr6hQpdowbCZ_Bb8SpuYnyyCWVunbZvi7UJw==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 popin.png
www.theoriginalshotels.com/integration/seh/public/images/ 2 KB
2 KB 18ms
17ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/popin.png

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b22f2953eca122aeb88385ff1076e6b4775f232e78aaa84c7454b0910bd3218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 260250
cf-polished: origFmt=png, origSize=2862
x-cache: Hit from cloudfront
content-disposition: inline; filename="popin.webp"
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1972
cf-request-id: 088996424200002c4af39ed000000001
referrer-policy: no-referrer-when-downgrade
expires: Mon, 28 Feb 2022 09:34:24 GMT
last-modified: Thu, 25 Feb 2021 08:26:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7d1ef90dd29f9db486910039efa62f0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 6289264a0d662c4a-FRA
x-amz-meta-md5chksum: fR75DdKfnbSGkQA576YvDw==
x-amz-cf-id: M60HqXdM5NDLCutVsWy2CS0g0J-C7W_ikhkvn_I3Fw_XCvbuOBuWNA==
cf-bgj: imgq:100,h2pri

GET
H2 200 1612347548_601a789cf0503-thumb.jpg
cdn.galaxy.tf/uploads/2s/cms_image/001/612/347/ 77 KB
77 KB 30ms
29ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/uploads/2s/cms_image/001/612/347/1612347548_601a789cf0503-thumb.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bee0eff9984ce8773bae4e5c09c89f1295fadbd799f903199cd627c6a88c94be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
vary: Accept
cf-cache-status: HIT
age: 160994
cf-polished: qual=85, origFmt=jpeg, origSize=243164
content-disposition: inline; filename="1612347548_601a789cf0503-thumb.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78938
cf-request-id: 088996424200005363c2006000000001
last-modified: Wed, 03 Feb 2021 10:17:11 GMT
server: cloudflare
etag: "3b5dc-5ba6be3e177f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/webp
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0af15363-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1589279766_5eba7c161346d-thumb.jpg
cdn.galaxy.tf/uploads/2s/cms_image/001/589/279/ 223 KB
223 KB 16ms
15ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/uploads/2s/cms_image/001/589/279/1589279766_5eba7c161346d-thumb.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfd16da19a03ae3bfc8d414e7f0215003b4ae3cb340aafebb4dfd051dffdfa34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
vary: Accept
cf-cache-status: HIT
age: 1010490
cf-polished: qual=85, origFmt=jpeg, origSize=322540
content-disposition: inline; filename="1589279766_5eba7c161346d-thumb.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 228000
cf-request-id: 088996424200005363d1b20000000001
last-modified: Tue, 12 May 2020 10:34:54 GMT
server: cloudflare
etag: "4ebec-5a57103a2c548"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/webp
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0af65363-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1602598402_5f85b602d7d0e-thumb.jpg
cdn.galaxy.tf/uploads/2s/cms_image/001/602/598/ 250 KB
251 KB 34ms
33ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/uploads/2s/cms_image/001/602/598/1602598402_5f85b602d7d0e-thumb.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416e4fbb39bc70c695b89e41d4c6818eba743a4e8c19f43b137df4b3fc4af972

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
vary: Accept
cf-cache-status: HIT
age: 160994
cf-polished: qual=85, origFmt=jpeg, origSize=728678
content-disposition: inline; filename="1602598402_5f85b602d7d0e-thumb.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 256196
cf-request-id: 0889964243000053632609d000000001
last-modified: Tue, 13 Oct 2020 14:11:45 GMT
server: cloudflare
etag: "b1e66-5b18dfeb4659b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/webp
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0afa5363-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1602510911_5f84603f64933-thumb.jpg
cdn.galaxy.tf/uploads/2s/cms_image/001/602/510/ 3 KB
3 KB 12ms
11ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/uploads/2s/cms_image/001/602/510/1602510911_5f84603f64933-thumb.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

208b2fdf5093cbd11b0a41b88f17699def2939c5e846692bb312dc855c9bc752

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
vary: Accept
cf-cache-status: HIT
age: 160994
cf-polished: qual=85, origFmt=jpeg, origSize=11449
content-disposition: inline; filename="1602510911_5f84603f64933-thumb.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3102
cf-request-id: 088996424300005363c705e000000001
last-modified: Mon, 12 Oct 2020 13:53:34 GMT
server: cloudflare
etag: "2cb9-5b1799fd1807f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/webp
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0afc5363-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 offer-evasion-portrait.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/607/506/ 165 KB
166 KB 37ms
35ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/607/506/offer-evasion-portrait.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46f9b1b76f587567e21268b7076e08c0251271f5b8f59c496aea338fa73853b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
cf-cache-status: HIT
age: 79977
x-cache-key: _src78f6d8e97507d2893c42db7bf2d75e8b_par237d445c8d27feab1d878df395793c7f.jpeg
cf-polished: origSize=171344, status=webp_bigger
content-disposition: inline; filename="offer-evasion-portrait.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 169456
cf-request-id: 088996424500005363c2a9d000000001
last-modified: Wed, 09 Dec 2020 17:02:16 GMT
server: cloudflare
etag: "9093a92c65ac17cf53535c81d23c44b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0b055363-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 massimiliano-morosinotto-ujihavqfjxg-unsplash-portrait.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/607/507/ 86 KB
86 KB 28ms
26ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/607/507/massimiliano-morosinotto-ujihavqfjxg-unsplash-portrait.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d1551c4b33cbbcd88d0bce3ecc6a37583a2c83cc560db6755b309e1bd640b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
cf-cache-status: HIT
age: 160994
x-cache-key: _srca9e026644e14a9507ff8f8e548936e03_par237d445c8d27feab1d878df395793c7f.jpeg
cf-polished: origSize=89141, status=webp_bigger
content-disposition: inline; filename="massimiliano-morosinotto-ujihavqfjxg-unsplash-portrait.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87897
cf-request-id: 088996424600005363cbbd3000000001
last-modified: Wed, 09 Dec 2020 17:02:37 GMT
server: cloudflare
etag: "c89e7dbe0fb5e6da0ec79438b4678df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0b065363-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 offre-liberte-portrait.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/612/346/ 45 KB
45 KB 35ms
34ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/612/346/offre-liberte-portrait.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d96be9c95226c3f20c07bbfef2182a18ec334292832a6b7d700a37729f99d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
cf-cache-status: HIT
age: 160994
x-cache-key: _src8dc64e07e87e63e6bf02e4079e6c5917_par237d445c8d27feab1d878df395793c7f.jpeg
cf-polished: qual=85, origFmt=jpeg, origSize=65719
content-disposition: inline; filename="offre-liberte-portrait.webp"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45986
cf-request-id: 0889964247000053631b29e000000001
last-modified: Wed, 03 Feb 2021 10:09:20 GMT
server: cloudflare
etag: "15729225088c8ea08c6599d56838eabe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0b095363-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 offre-souplesse-portrait.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/607/506/ 66 KB
67 KB 37ms
36ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/607/506/offre-souplesse-portrait.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0c69b457fbead1ff55064e397255b73fe5a3cf334d24faaaef72bdf71ae8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
cf-cache-status: HIT
age: 160994
x-cache-key: _srce1e702cdaa5e4eb210f08d260a158d59_par237d445c8d27feab1d878df395793c7f.jpeg
cf-polished: qual=85, origFmt=jpeg, origSize=90482
content-disposition: inline; filename="offre-souplesse-portrait.webp"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67922
cf-request-id: 08899642470000536320b9c000000001
last-modified: Wed, 09 Dec 2020 17:02:16 GMT
server: cloudflare
etag: "425fdc733e344a27b672bf40e67ccdfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0b0a5363-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 offre-se-curite-portrait.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/607/506/ 39 KB
40 KB 38ms
37ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/607/506/offre-se-curite-portrait.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe0ef857cfe83bdae0119de815e6e5414a13e41f528e7e48ba6c08141bd64be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
cf-cache-status: HIT
age: 160994
x-cache-key: _srcedc3ab4e006d0f6b71a4cc1b0f67cb95_par237d445c8d27feab1d878df395793c7f.jpeg
cf-polished: qual=85, origFmt=jpeg, origSize=65188
content-disposition: inline; filename="offre-se-curite-portrait.webp"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40372
cf-request-id: 08899642470000536310206000000001
last-modified: Wed, 09 Dec 2020 17:02:16 GMT
server: cloudflare
etag: "65dda2f1def9ae7ecd911d7ffda56cb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0b0b5363-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 adeolu-eletu-unrkg2jh1j0-unsplash-portrait.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/607/506/ 83 KB
84 KB 39ms
38ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/607/506/adeolu-eletu-unrkg2jh1j0-unsplash-portrait.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc458cce2eca280f725fa198fdf216a99a1e6485374ffc7fa0471959c997c4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
cf-cache-status: HIT
age: 160994
x-cache-key: _srcc8bbba4e367becc3393c71925a5f1c94_par237d445c8d27feab1d878df395793c7f.jpeg
cf-polished: qual=85, origFmt=jpeg, origSize=87118
content-disposition: inline; filename="adeolu-eletu-unrkg2jh1j0-unsplash-portrait.webp"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85176
cf-request-id: 088996424800005363231b5000000001
last-modified: Wed, 09 Dec 2020 17:02:37 GMT
server: cloudflare
etag: "0a4edb0574191e93390244a977f6918c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0b0d5363-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 loyalty_check.svg
www.theoriginalshotels.com/integration/seh/public/images/ 592 B
543 B 16ms
15ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/loyalty_check.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05fba251c877682eed86be46f6befb46eb797ffd4a59ad53be2f8aa5b8c53bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088996424700002c4afa26d000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9caa1d29bb395f02f68c7578e042f725"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 6289264a0d772c4a-FRA
x-amz-meta-md5chksum: nKodKbs5XwL2jHV44EL3JQ==
x-amz-cf-id: t23TXJNMsBD4ebqvVUn35I0fE7U4lsPWhwSDDgghMbOOXVjA2dEVEw==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 1608563442_5fe0baf21fe46-thumb.jpg
cdn.galaxy.tf/uploads/2s/cms_image/001/608/563/ 202 KB
202 KB 39ms
39ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/uploads/2s/cms_image/001/608/563/1608563442_5fe0baf21fe46-thumb.jpg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c167febb47d65ab8cc512ff84426e130600f5d5fe9b7c486a332b77c387f5c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
vary: Accept
cf-cache-status: HIT
age: 260250
cf-polished: qual=85, origFmt=jpeg, origSize=427714
content-disposition: inline; filename="1608563442_5fe0baf21fe46-thumb.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 206712
cf-request-id: 088996424800005363ff849000000001
last-modified: Mon, 21 Dec 2020 15:08:52 GMT
server: cloudflare
etag: "686c2-5b6fad60352d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/webp
expires: Mon, 28 Feb 2022 09:34:24 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6289264a0b0e5363-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 cormorant-semibolditalic.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 138 KB
138 KB 26ms
26ms Font
application/octet-stream 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/cormorant-semibolditalic.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61f27543ef174918ddeb03adf11517492257721732f5e6180b131ddb1335d6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 258633
x-cache: Hit from cloudfront
cf-request-id: 088996424800002c4a082e6000000001
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140836
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ab3dc4d1f8845448c33e9bcdf5ce99c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 6289264a0d7b2c4a-FRA
x-amz-meta-md5chksum: qz3E0fiEVEjDPpvN9c6ZxA==
x-amz-cf-id: e8Df1lnrDMNHL8sgxsq9dTr77WsiBGHFGgNK0GV1Gu_xKtkQOf8SoA==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 cormorant-italic.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 137 KB
137 KB 18ms
17ms Font
application/octet-stream 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/cormorant-italic.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008eedf237f732c94b135c5893db4af1a8ea8d547ffa4eab8a414cde17a8c561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 258633
x-cache: Hit from cloudfront
cf-request-id: 088996424900002c4a3230e000000001
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140096
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "55b24217fab7b192b8fef0a071ee1945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 6289264a0d7d2c4a-FRA
x-amz-meta-md5chksum: VbJCF/q3sZK4/vCgce4ZRQ==
x-amz-cf-id: e_bHv9zCRKcvldP5Dg-UQpZ38ABP-EbWREJid5u10bCKl8k0uweDMA==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 TruenoBlk.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 13 KB
14 KB 31ms
30ms Font
application/octet-stream 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/TruenoBlk.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389d9b1c8619cf7582d3a948e52734230352a55c4dd8b039a5b3c52095a0f448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 258633
x-cache: Hit from cloudfront
cf-request-id: 088996424a00002c4a17b88000000001
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13156
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8ef233ce3c8626265dcf9c1381567b11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 6289264a0d7f2c4a-FRA
x-amz-meta-md5chksum: jvIzzjyGJiZdz5wTgVZ7EQ==
x-amz-cf-id: MZqC4JpAHMQf6phiEDkYN6f6vXNxm7wIiVMkpGfwOBdOzBo2c7xeYQ==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 cormorant-regular.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 188 KB
189 KB 22ms
21ms Font
application/octet-stream 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/cormorant-regular.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a7c1752d0e51a9884db4c9e02880989c2711e45a4dfe0f962ad6d55431ae0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 258633
x-cache: Hit from cloudfront
cf-request-id: 088996424a00002c4a15063000000001
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 192644
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "04c8ea6199a3fd5da4d9f4bfb218113e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 6289264a0d812c4a-FRA
x-amz-meta-md5chksum: BMjqYZmj/V2k2fS/shgRPg==
x-amz-cf-id: AOGqL7lvLburX0drR8HQfL1JC87-UEbq5zjMVvxex0lds1QSmV_-uw==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 northwell-webfont.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 140 KB
140 KB 25ms
25ms Font
application/octet-stream 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/northwell-webfont.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e893fd1ca74befca33bf6de97595dc74422fb855810a0551b8ba9421747822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 129337
x-cache: Hit from cloudfront
cf-request-id: 088996424a00002c4a29882000000001
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 143196
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "56cc38a58fe9f8280d6ada6f406062d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 6289264a0d822c4a-FRA
x-amz-meta-md5chksum: Vsw4pY/p+CgNatpvQGBi0Q==
x-amz-cf-id: mrnNZz3QYzMTRc7kzu9Lt04SOZ3TN0PrMZfTiki0h4KusxwQzRTMDA==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 TruenoBd.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 14 KB
14 KB 20ms
20ms Font
application/octet-stream 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/TruenoBd.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b99d411bd16e842ca2482a4559a2f61d66f1bf7852a08e7185c1417c543a997d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89515
x-cache: Hit from cloudfront
cf-request-id: 088996424b00002c4af1a74000000001
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14108
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d2640845b9b74a7a6cfb1fb94c92d050"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 6289264a1d852c4a-FRA
x-amz-meta-md5chksum: 0mQIRbm3Snps+x+5TJLQUA==
x-amz-cf-id: 2_BJLtTtsAnChyzG48lKJm8Sj6e5OtGQYkpvJD72HZ8c44HGYVLJYA==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 cormorant-semibold.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 189 KB
189 KB 24ms
24ms Font
application/octet-stream 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/cormorant-semibold.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd82cf0ab21c7dbb540e83b216e6eda1e93fa34113a7ab5d976d590c26ca012d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 258633
x-cache: Hit from cloudfront
cf-request-id: 088996424b00002c4af2870000000001
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193276
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "bf3204f891e533e960a6ae590360e39f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 6289264a1d862c4a-FRA
x-amz-meta-md5chksum: vzIE+JHlM+lgpq5ZA2Djnw==
x-amz-cf-id: zSb602i0TkHJnY6V1sBZMb9gdbHbMme81POJMqjPluNz0ggsvTKykA==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 hotels-booking-mask Show response
www.theoriginalshotels.com/json/search/5/2/ 79 KB
11 KB 22ms
22ms XHR
application/json 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/json/search/5/2/hotels-booking-mask

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-fa7e1600-70ce-4247-97af-042edbce1fca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a035c4583c1aadccdeba7d24ec17d6b1cc6f26aff57af70f3e5e4109db09d445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 79982
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088996439900002c4a2d3b5000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f49c2d21d330b938f733a479e0dde67e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/json
vary: Accept-Encoding
cache-control: public, max-age=1200
x-amz-cf-pop: FRA2-C2
cf-ray: 6289264c28b82c4a-FRA
x-amz-cf-id: FINa-NtYECkKNdbwJrUU-S9AmaRwivcnvSlQBZg6SWduc2Vkw77jmQ==
expires: Sun, 28 Feb 2021 09:54:24 GMT

GET
H2 200 initPersonalization.bundle.js Show response
www.theoriginalshotels.com/frontend/galaxy-helpers/public/ 25 KB
8 KB 16ms
15ms Script
application/javascript 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/initPersonalization.bundle.js?ver=e94d09eeeafe3b264f1c

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-fa7e1600-70ce-4247-97af-042edbce1fca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9d1912f6f27a3f93a99029929f63889e012db80ec69a8cf1b667591ec7249f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088996439a00002c4a5daf0000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cb626d071e758c6cc45a1a8d2a4fa9ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 6289264c28ba2c4a-FRA
x-amz-meta-md5chksum: y2JtBx51jGzEWhqNKk+p7g==
x-amz-cf-id: zxSqepfxcjEqr36To1yhMIyH0d690X6KSiB74ZEtyL605FQSuOXzDA==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 1572365821_5db865fd01452-thumb.svg
cdn.galaxy.tf/uploads/s/cms_image/001/572/365/ 546 KB
401 KB 21ms
19ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/uploads/s/cms_image/001/572/365/1572365821_5db865fd01452-thumb.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6112e7adf8516eae338af74195ea55cc8c1d749816374cd3a640dde7562fe29a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 346291
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08899643c700005363e8144000000001
last-modified: Tue, 29 Oct 2019 16:16:22 GMT
server: cloudflare
etag: W/"88608-5960eeff03aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 6289264c7e855363-FRA
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 theoriginalsaccessfooter.svg
cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/536/171/ 12 KB
4 KB 14ms
12ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/536/171/theoriginalsaccessfooter.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc6c5883a703c893b487a48f2b13ae9f58d3a62cb954e2c65961d3b377aeb555

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 269812
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 6289264c7e865363-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08899643c800005363d222a000000001
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 theoriginalscityfooter.svg
cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/536/171/ 10 KB
4 KB 17ms
16ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/536/171/theoriginalscityfooter.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56ae1b93900a72535ae08bbc8a32e7ea06c594f20579b7bbb91fe9dd52ea73b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 653804
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 6289264c7e875363-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08899643c900005363f0303000000001
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 theoriginalsboutiquefooter.svg
cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/536/171/ 12 KB
4 KB 15ms
13ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/536/171/theoriginalsboutiquefooter.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b8a2a1dc95d30c81eb7ccf4b4e5944423abc504f7a97376b36ea27748b1537a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 415044
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 6289264c7e8a5363-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08899643c800005363cbbea000000001
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 theoriginalsresidencefooter.svg
cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/540/391/ 12 KB
4 KB 21ms
19ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/540/391/theoriginalsresidencefooter.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a6c4ad693c3c5e5c44d0ae8b2a878c08082387385a1edccb85a822f5f44ff70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 269812
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 6289264c7e8b5363-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08899643c800005363c2022000000001
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 logo-relais.svg
cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/588/075/ 10 KB
4 KB 16ms
14ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/588/075/logo-relais.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

974133bde5f74dcd1b2c19e233e27c1dd861aa22516575eea95827305ab819a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 608648
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 6289264c7e8c5363-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08899643c80000536320bb3000000001
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 theoriginalscollection.svg
cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/536/231/ 10 KB
4 KB 16ms
15ms Image
image/svg+xml 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/unit-media/seh-unit/uploads/images/brand/001/536/231/theoriginalscollection.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d5f2431e64e1df06d324c57d46915a4a505491e2609558bf779ccc255aa2b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 608648
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 6289264c7e8d5363-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08899643c800005363c9a2d000000001
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 o-letter-alt.png
www.theoriginalshotels.com/integration/seh/public/images/ 16 KB
16 KB 17ms
16ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/o-letter-alt.png

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

994a1aea3e4babc911024c4c3638c0dee918d4e482117752663836599d52e193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 79979
cf-polished: origFmt=png, origSize=18429
x-cache: Miss from cloudfront
cf-request-id: 08899643c800002c4a00bdb000000001
content-disposition: inline; filename="o-letter-alt.webp"
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15934
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1365d0125037b5a4cc8885ad829d70bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cf-bgj: imgq:100,h2pri
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 6289264c79272c4a-FRA
x-amz-meta-md5chksum: E2XQElA3taTMiIWtgp1wvA==
x-amz-cf-id: FREqYhxEFagksfBBR84QHDt2e-t_5yckb7OZtuEcN6plu2wj9TpPxA==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 loader.gif
www.theoriginalshotels.com/integration/seh/public/images/ 2 KB
2 KB 11ms
10ms Image
image/gif 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/loader.gif

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f09759d7dde484b7a51cb76c60a1929711993e3e2642b03284c12e38a40dad0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/css/custom/257-378007e9c09946c0b1cc4e869af9943a/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 260250
cf-polished: origSize=3208, status=webp_bigger
x-cache: Hit from cloudfront
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1819
cf-request-id: 08899643c800002c4afa285000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 08:26:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d3812b26de0e9068f7a1bde147ccb890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/gif
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 6289264c79282c4a-FRA
x-amz-meta-md5chksum: 04ErJt4OkGj3ob3hR8y4kA==
x-amz-cf-id: 7VDvnU3VKk2mFdqMxdMIxQW7Ob2QJQDyp-msPuC-fqWCG_03mGS5fw==
expires: Mon, 28 Feb 2022 09:34:24 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ 331 KB
129 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadCaptcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 09:30:06 GMT

GET
H3-Q050

200

activityi;dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.c... Show response
8741099.fls.doubleclick.net/ Frame 2814
Redirect Chain

https://8741099.fls.doubleclick.net/activityi;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels...
https://8741099.fls.doubleclick.net/activityi;dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=ht...

507 B
1001 B

105ms
66ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8741099.fls.doubleclick.net/activityi;dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

2d9c80761355437178e0782caeafad6de4c55a9de00a4eac77a077f2af3d08c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8741099.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theoriginalshotels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 400
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 28-Feb-2021 09:49:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8741099.fls.doubleclick.net/activityi;dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 31 KB
13 KB 101ms
37ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12348
x-xss-protection: 0
server: cafe
etag: 7672817363517198860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 09:34:24 GMT

GET
H/1.1 200
OK / Show response
u.logbor.com/p/ 6 KB
3 KB 98ms
31ms Script
text/javascript 89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/p/?i=2631&n=__dot

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx/1.14.0 /

Resource Hash

464e1b405dc25d57a8fad36f7f8683f950b7507ab9a5001670aad386bca0691a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.14.0
ETag: W/"181e-Ly7C/LVNEdFYTHlF4ItXUxgW1zw"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: MKqFw2aw5KHA16XJqE+4Yo8jFh9upF0PqevyGsT0f5Y13rBFlYvzfWkHmmWRpotboMMhKgkYiFEmg2PgiukOtA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 28 Feb 2021 09:34:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050

200

activityi;dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113 Show response
10140364.fls.doubleclick.net/ Frame 81A3
Redirect Chain

https://10140364.fls.doubleclick.net/activityi;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113?
https://10140364.fls.doubleclick.net/activityi;dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588....

511 B
990 B

104ms
67ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10140364.fls.doubleclick.net/activityi;dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

6ff4738e468f035852f9d09c06aebec500370e6d3a6cf7cab2bdf890bd22d873

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10140364.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theoriginalshotels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.theoriginalshotels.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 388
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 28-Feb-2021 09:49:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10140364.fls.doubleclick.net/activityi;dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6427
date: Sun, 28 Feb 2021 07:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 28 Feb 2021 09:47:17 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:33:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 58
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Sun, 28 Feb 2021 10:33:27 GMT

GET
H2 200 385128758895809 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 50ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/385128758895809?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae6b3c7a624555f111a0ad50cd99ef1622a3542633631af7308ed792694a564a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: ajY+27dO2m0vwxm0gGxQZkYnB4ijCYode7k4c3CkSJcsPka1rzl1jwdGkEo0PZvclmVneMi/mMheymbZHUaofw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 28 Feb 2021 09:34:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tcs Show response
u.logbor.com/ 12 KB
2 KB 33ms
32ms Script
text/javascript 89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/tcs?cxid=2631&cu=https%3A%2F%2Fwww.theoriginalshotels.com%2F&d_productID=undefined&d_cartProductsID=

Requested by

Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2631&n=__dot

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx/1.14.0 /

Resource Hash

77d9542d19d4f85e7e7cdc6abb8acd75c68284eb745a38a5705473ed48f63f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.14.0
ETag: W/"3087-5MOvB9t7IbXp2LpZAHMw9BtaBQo"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/798183250/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/798183250/?random=1614504865022&cv=9&fst=1614504865022&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2h0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theoriginalshotels.com%2F&tiba=Accueil%20%7C%20The%20Originals%20Hotels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7fe0116425ec0149d297f8b864e6f71469c172c6f0959ed6b05fd9dde183fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1010
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
73 B 13ms
12ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=1865912314&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&ul=en-us&de=UTF-8&dt=Accueil%20%7C%20The%20Originals%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEALAAAAAC~&jid=941886613&gjid=1115084659&cid=506389444.1614504865&tid=UA-129815972-1&_gid=213244552.1614504865&_r=1&gtm=2wg2h0MQBH8T4&cg1=group_page-homepage&cd1=not_set&cd2=group_page-homepage&cd3=homepage&cd4=acquisition&cd5=https%3A%2F%2Fwww.theoriginalshotels.com%2F&cd15=no&z=778364610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=1865912314&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&ul=en-us&de=UTF-8&dt=Accueil%20%7C%20The%20Originals%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEALBAAAAC~&jid=69137355&gjid=315168965&cid=506389444.1614504865&tid=UA-162681275-1&_gid=213244552.1614504865&_r=1&gtm=2wg2h0TL2MM4B&cg1=web&cd13=custom&cg2=group_page-homepage&cd19=tvs_yes&cd24=2&cd25=fr&cd26=web&cd27=group_page-homepage&cd28=homepage&cd29=acquisition&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.theoriginalshotels.com%2F&cd39=not_applicable&cd40=theoriginalshotels.com&cd41=GTM-TL2MM4B&cd42=19&z=1328213080

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=1865912314&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&ul=en-us&de=UTF-8&dt=Accueil%20%7C%20The%20Originals%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=errors%20tracking&ea=datalayer%20tool%20error%3A%20TypeError%3A%20Cannot%20read%20property%20%27tc_863971%27%20of%20null&el=www.theoriginalshotels.com&_u=aGDACEALBAAAAC~&jid=461855764&gjid=1100989089&cid=506389444.1614504865&tid=UA-162681275-3&_gid=213244552.1614504865&_r=1&gtm=2wg2h0TL2MM4B&cg1=web&cd13=custom&cg2=group_page-homepage&cd19=tvs_yes&cd24=2&cd25=fr&cd26=web&cd27=group_page-homepage&cd28=homepage&cd29=acquisition&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.theoriginalshotels.com%2F&cd39=not_applicable&cd40=theoriginalshotels.com&cd41=GTM-TL2MM4B&cd42=19&z=1057253336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/798183250/ 42 B
305 B 23ms
22ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/798183250/?random=1614504865022&cv=9&fst=1614502800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2h0&sendb=1&frm=0&url=https%3A%2F%2Fwww.theoriginalshotels.com%2F&tiba=Accueil%20%7C%20The%20Originals%20Hotels&async=1&fmt=3&is_vtc=1&random=1649426620&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/798183250/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/798183250/?random=1614504865022&cv=9&fst=1614502800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2h0&sendb=1&frm=0&url=https%3A%2F%2Fwww.theoriginalshotels.com%2F&tiba=Accueil%20%7C%20The%20Originals%20Hotels&async=1&fmt=3&is_vtc=1&random=1649426620&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
92 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-129815972-1&cid=506389444.1614504865&jid=941886613&gjid=1115084659&_gid=213244552.1614504865&_u=aGBAAEAKAAAAAC~&z=353969886

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Feb 2021 09:34:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set retarget Show response
hal9000.redintelligence.net/ Frame 70B8
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=48575&version=1
https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

2 KB
1 KB

122ms
49ms

Document
text/html

138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 94955790a00509e56d6b914dd8a65f7fc430ddd73804938ef60b07c3ab6c3f3a

Request headers

Host: hal9000.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theoriginalshotels.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=3b580067c6927b72
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.theoriginalshotels.com/

Response headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=3b580067c6927b72; expires=Sat, 29-May-2021 09:34:25 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 783
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=3b580067c6927b72; expires=Sat, 29-May-2021 09:34:25 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: ?a=48575&version=1&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 LAL.d Show response
js.sddan.com/ 3 KB
2 KB 99ms
36ms Script
text/javascript 51.15.145.116
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sddan.com/LAL.d?pa=22425&u=https%3A%2F%2Fwww.theoriginalshotels.com%2F&r=&cat_name=CATEGORY_NAME

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.116 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-15-145-116.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

47c0b240f44cfa3fe47a21ed5d36d3c69a987251040c86a868ac31f93e0b4c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
content-encoding: gzip
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-type: text/javascript
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK retar.php Show response
vu.adschoom.com/trafic/ 961 B
1013 B 173ms
51ms Script
text/javascript 95.131.137.7
OXALIDE

General

Check archive.org

Show headers Download Go to

Full URL: https://vu.adschoom.com/trafic/retar.php?boutique={1883}&type=HOME&topfr=https://www.theoriginalshotels.com/&topfr2=
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.137.7 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: not.updated.oxalide.net
Software: nginx /
Resource Hash: 6d3c9446ea12497ec7d965c368058c1a33f823623c2b0cdacf812ca7accbfb31

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:25 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 18 Feb 2021 10:34:25 GMT

GET
H/1.1

200
OK

pixel Show response
ads.creative-serving.com/ul_cb/
Redirect Chain

https://ads.creative-serving.com/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home
https://ads.creative-serving.com/ul_cb/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home

870 B
1 KB

34ms
34ms

Script
text/javascript

18.193.31.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.creative-serving.com/ul_cb/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.31.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-31-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6e11b378633dfbaee25e9f973b3480d5e5c27251426269328cc88ec7843ed30c

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 870
Content-Type: text/javascript

Redirect headers

Location: https://ads.creative-serving.com/ul_cb/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home
Date: Sun, 28 Feb 2021 09:34:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

128ms
42ms

Script
application/x-javascript

37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 11:55:12 GMT
server: nginx
etag: W/"60057720-13dce"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Sun, 28 Feb 2021 09:34:25 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H/1.1

200
OK

Cookie set retarget Show response
ad.ad-srv.net/ Frame 9590
Redirect Chain

https://ad.ad-srv.net/retarget?a=52995&version=1
https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

1 KB
979 B

129ms
54ms

Document
text/html

88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
Requested by: Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2631&n=__dot
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 1e783da1add83bab30bc947f653fb93afba0b1b1d9f1fba31b0bb3ae71fa9ba3

Request headers

Host: ad.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theoriginalshotels.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: kdb0xdq3ls8m_uid=2682bdb1c3c76e21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.theoriginalshotels.com/

Response headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: kdb0xdq3ls8m_uid=2682bdb1c3c76e21; expires=Sat, 29-May-2021 09:34:25 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 459
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: kdb0xdq3ls8m_uid=2682bdb1c3c76e21; expires=Sat, 29-May-2021 09:34:25 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Location: ?a=52995&version=1&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
apicit.net/target/ 4 KB
2 KB 137ms
39ms Script
application/x-javascript 151.80.200.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://apicit.net/target/
Requested by: Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2631&n=__dot
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.200.208 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 499a9ecc99aea91ace906958fca31ea80ad67b4cbeea41cb859d75d2c80b83d9

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
cache-control: max-age=31536000
content-type: application/x-javascript
last-modified: Mon, 25 Aug 2014 14:40:45 GMT
server: nginx
content-encoding: gzip
expires: Mon, 28 Feb 2022 09:34:25 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=11906172&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11906172%26t%3D1

0
1 KB

39ms
39ms

Script
application/javascript

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11906172%26t%3D1

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:25 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.148:80
AN-X-Request-Uuid: 632127d1-38a9-4c90-b357-cdf7a99dd94f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:25 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: 10d450a8-f06f-46db-9d03-12fda2c0cea8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11906172%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 6CB6 506 B
613 B 41ms
41ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F

Requested by

Host: 8741099.fls.doubleclick.net
URL: https://8741099.fls.doubleclick.net/activityi;dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49c8e6550bce32873be16078dee8898012699af77d984d33983d701e2f3e9854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8741099.fls.doubleclick.net/activityi;dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F?
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://8741099.fls.doubleclick.net/activityi;dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F?

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 400
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 636014493475340 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 50ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/636014493475340?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c004c42d54b03392207197631d184933bf934878e7aac92c669d1f6ffa1634b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: qUuPNyTPL2VGtVjZY6vAVgJfBPowTJtavQ95Vp6LG2rlv0HDTeRIWyFomn1C0qkYx8urVGy4z3yoiooBGGrVPQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 28 Feb 2021 09:34:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
335 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=385128758895809&ev=PageView&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&rl=&if=false&ts=1614504865121&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1614504865119.552980197&it=1614504865014&coo=false&rqm=GET

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 28 Feb 2021 09:34:25 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https... Frame F4CA 510 B
459 B 42ms
42ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https://www.theoriginalshotels.com/

Requested by

Host: 10140364.fls.doubleclick.net
URL: https://10140364.fls.doubleclick.net/activityi;dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc29bb0fb02b21b79025d278d6b10e555c1dff304a7b08fda0aec9c75fefed25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https://www.theoriginalshotels.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10140364.fls.doubleclick.net/activityi;dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113?
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://10140364.fls.doubleclick.net/activityi;dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113?

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 389
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame 8BFF 194 B
391 B 43ms
43ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/ddm/fls/i/dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://adservice.google.com/ddm/fls/i/dc_pre=COrU2KejjO8CFUfF7Qodf2QCNA;src=8741099;type=websi971;cat=sehho123;ord=1;num=4917384028485;gtm=2wg2h0;auiddc=399174494.1614504864;u9=%2F;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:25 GMT
expires: Sun, 28 Feb 2021 09:34:25 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https:... Frame D22E 194 B
242 B 46ms
45ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https://www.theoriginalshotels.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https://www.theoriginalshotels.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https://www.theoriginalshotels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://adservice.google.com/ddm/fls/i/dc_pre=CKbz2aejjO8CFSWqcQod1IIEMg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3550775566588.1113;~oref=https://www.theoriginalshotels.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:25 GMT
expires: Sun, 28 Feb 2021 09:34:25 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1441323799393005 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 46ms
45ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1441323799393005?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28d18d2ba2af09165113d4388f163a8f4e6c1e04d1458791e305883411312d7b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: qxy96l4ZhfXUu24fWJVYLGBwrJp62+kTn+WCxSLkch9rIqQ5p0WAA5qaBTneTo1ROiLCznSA5I+p5XSyNGr6nA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 28 Feb 2021 09:34:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
103 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=636014493475340&ev=PageView&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&rl=&if=false&ts=1614504865186&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1614504865119.552980197&it=1614504865014&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 28 Feb 2021 09:34:25 GMT

GET
H2 200 get-consent Show response
sddan.mgr.consensu.org/api/v1/public/ 0
109 B 94ms
30ms Script
text/plain 51.158.28.83
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://sddan.mgr.consensu.org/api/v1/public/get-consent?redirect=https%3A%2F%2Fjs.sddan.com%2FLAL.d%3Fcat_name%3DCATEGORY_NAME%26pa%3D22425%26r%3D%26u%3Dhttps%253A%252F%252Fwww.theoriginalshotels.com%252F&vendor_ids=53,916&user_id=YWQ5Zjc4YTE1MjhjYWI5YjczYjQ5NGM4YlyMKx%2BKIfdkJ1c1JNfk0M4RnptW6z2fO5CWmIRtCMEhKHstw%2FAI%2FT3laQKHfBiec7l5543RkWH9

Requested by

Host: js.sddan.com
URL: https://js.sddan.com/LAL.d?pa=22425&u=https%3A%2F%2Fwww.theoriginalshotels.com%2F&r=&cat_name=CATEGORY_NAME

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-83.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
server: nginx/1.11.3
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains; preload

GET
H2 200 /
www.facebook.com/tr/ 44 B
103 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1441323799393005&ev=PageView&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&rl=&if=false&ts=1614504865249&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614504865119.552980197&it=1614504865014&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 28 Feb 2021 09:34:25 GMT

GET
H/1.1 200
OK retar_js.php Show response
vu.adschoom.com/trafic/ 8 B
550 B 156ms
54ms Script
text/javascript 95.131.137.7
OXALIDE

General

Check archive.org

Show headers Download Go to

Full URL: https://vu.adschoom.com/trafic/retar_js.php?type=HOME&boutique={1883}&categorie_id=&produit_id=&data=&transaction_id=0&transaction_amount=0&valid=1&rid_tt=&refer=https%3A//www.theoriginalshotels.com/&refer2=&shopf=false&random=372210526
Requested by: Host: vu.adschoom.com
URL: https://vu.adschoom.com/trafic/retar.php?boutique={1883}&type=HOME&topfr=https://www.theoriginalshotels.com/&topfr2=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.137.7 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: not.updated.oxalide.net
Software: nginx /
Resource Hash: 45336bf2c27960347588ebaedc466e533d74cb661ed98b7d8b45c27a54e0e596

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:25 GMT
Server: nginx
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 8
Expires: Thu, 18 Feb 2021 10:34:25 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=987
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=987
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e93dd6fa-fba4-4499-814e-81916522a062
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=e93dd6fa-fba4-4499-814e-81916522a062

43 B
180 B

27ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=e93dd6fa-fba4-4499-814e-81916522a062
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=e93dd6fa-fba4-4499-814e-81916522a062
date: Sun, 28 Feb 2021 09:34:25 GMT
via: 1.1 google
server: OXGW/16.202.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=292
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=292
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e93dd6fa-fba4-4499-814e-81916522a062&gdpr=&gdpr_consent=&gdpr_pd=

1 B
949 B

86ms
27ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e93dd6fa-fba4-4499-814e-81916522a062&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:23 GMT
X-lat: Pug23039:0:313
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e93dd6fa-fba4-4499-814e-81916522a062&gdpr=&gdpr_consent=&gdpr_pd=
date: Sun, 28 Feb 2021 09:34:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtset
bh.contextweb.com/bh/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=456
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=463c0a12-8225-497d-972d-d4ef419d5f6f&ssp=&expires=30&user_group=2&cb=456
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=e93dd6fa-fba4-4499-814e-81916522a062

49 B
406 B

313ms
104ms

Image
image/gif

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=e93dd6fa-fba4-4499-814e-81916522a062

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-75d6d6d469-cr7h4
expires: -1

Redirect headers

location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=e93dd6fa-fba4-4499-814e-81916522a062
date: Sun, 28 Feb 2021 09:34:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

2.gif
id5-sync.com/cq/101/124/0/
Redirect Chain

https://id5-sync.com/s/101/463c0a12-8225-497d-972d-d4ef419d5f6f/1.gif
https://id5-sync.com/c/101/101/1/1.gif?puid=463c0a12-8225-497d-972d-d4ef419d5f6f&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOYTkReA75hut5Vn6hQXpZfMul5yQvu52RY3gbfg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOYTkReA75hut5Vn6hQXpZfMul5yQvu52RY3gbfg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fp...
https://id5-sync.com/cq/101/124/0/2.gif?puid=e1b005f6-3a12-4f42-b88a-a8da2b5ceace&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

43 B
1 KB

30ms
29ms

Image
image/gif

54.36.109.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/101/124/0/2.gif?puid=e1b005f6-3a12-4f42-b88a-a8da2b5ceace&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.156 , France, ASN16276 (OVH, FR),

Reverse DNS

p07.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/101/124/0/2.gif?puid=e1b005f6-3a12-4f42-b88a-a8da2b5ceace&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
date: Sun, 28 Feb 2021 09:34:25 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=463c0a12-8225-497d-972d-d4ef419d5f6f
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=463c0a12-8225-497d-972d-d4ef419d5f6f

42 B
915 B

40ms
40ms

Image
image/gif

52.210.171.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=463c0a12-8225-497d-972d-d4ef419d5f6f

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.171.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-08c30b5af.edge-irl1.demdex.com 5.80.6.20210202104731 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: q1JrAF50Rwg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: L8eXQ1ucR4s=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=463c0a12-8225-497d-972d-d4ef419d5f6f
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p161
match.justpremium.com/match/ 43 B
325 B 110ms
34ms Image
image/gif 52.29.181.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/p161?ex_uid=463c0a12-8225-497d-972d-d4ef419d5f6f
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.181.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-181-205.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

gcm
ads.creative-serving.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc
https://ads.creative-serving.com/gcm?google_gid=CAESEAW4IDCXgdikjPO2maKA9oI&google_cver=1

43 B
220 B

34ms
33ms

Image
image/gif

18.193.31.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/gcm?google_gid=CAESEAW4IDCXgdikjPO2maKA9oI&google_cver=1
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.31.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-31-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.creative-serving.com/gcm?google_gid=CAESEAW4IDCXgdikjPO2maKA9oI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 70B8 597 B
1 KB 101ms
43ms Script
text/javascript 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406673&mt_adid=222959&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 3518 2f03077 master cdg-pixel-x27 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Sun, 28 Feb 2021 09:34:24 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 70B8 597 B
1 KB 115ms
48ms Script
text/javascript 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406315&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 3518 2f03077 master cdg-pixel-x27 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Sun, 28 Feb 2021 09:34:24 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 70B8 597 B
1 KB 113ms
47ms Script
text/javascript 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 3518 2f03077 master cdg-pixel-x31 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Sun, 28 Feb 2021 09:34:24 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 70B8
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

51ms
51ms

Script
application/x-javascript

37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2

Request headers

Referer: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 11:55:12 GMT
server: nginx
etag: W/"60057720-13dce"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Sun, 28 Feb 2021 09:34:25 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3-Q050

200

activityi;dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214 Show response
5994599.fls.doubleclick.net/ Frame B6F8
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214?

391 B
389 B

57ms
57ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

359b23b64a3edd02b01aa2aed41fe89ac3fbd435d3d64fae5dcf665d73d9b006

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmFCw3WEvecdNhOJYnGyVoVeb3lUOKkj3GasFPLv65pj-s0S8Qscv-T2NXYtCc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:25 GMT
expires: Sun, 28 Feb 2021 09:34:25 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 324
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 9590 70 B
261 B 114ms
38ms Image
image/gif 52.208.188.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=1c14q3c&ct=0:qxxu0mu&fmt=4&gdpr=&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.188.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-188-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050

200

src=9293064;dc_pre=CPPo9KejjO8CFdAaGAodw8YI7Q;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3534252011182.4214
adservice.google.com/ddm/fls/z/ Frame 9590
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9293064;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3534252011182.4214?
https://ad.doubleclick.net/ddm/activity/src=9293064;dc_pre=CPPo9KejjO8CFdAaGAodw8YI7Q;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3534252011182.4214?
https://adservice.google.com/ddm/fls/z/src=9293064;dc_pre=CPPo9KejjO8CFdAaGAodw8YI7Q;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3534252011182.4214

42 B
65 B

42ms
42ms

Image
image/gif

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9293064;dc_pre=CPPo9KejjO8CFdAaGAodw8YI7Q;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3534252011182.4214

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9293064;dc_pre=CPPo9KejjO8CFdAaGAodw8YI7Q;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3534252011182.4214
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

activityi;dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608 Show response
10227764.fls.doubleclick.net/ Frame 4E24
Redirect Chain

https://10227764.fls.doubleclick.net/activityi;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608?
https://10227764.fls.doubleclick.net/activityi;dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_conse...

421 B
367 B

58ms
57ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10227764.fls.doubleclick.net/activityi;dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608?

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

db8ca2f3269aa36cc72fd52feb982926f662d0bd170c93e292517e2ecebd8795

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10227764.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmFCw3WEvecdNhOJYnGyVoVeb3lUOKkj3GasFPLv65pj-s0S8Qscv-T2NXYtCc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:25 GMT
expires: Sun, 28 Feb 2021 09:34:25 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 339
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10227764.fls.doubleclick.net/activityi;dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=429259433533&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVy...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=429259433533&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWU...

104 B
586 B

44ms
43ms

Script
text/javascript

37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=429259433533&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVyZT4iLCJpZCI6IjxpbnNlcnQgb3JkZXIgaWQgdmFsdWUgaGVyZT4ifQ&loc=https%3A%2F%2Fwww.theoriginalshotels.com%2F

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

093554855150e5e313e6d83dff1cbfc374b2842efefce4679064e09fc184dfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 179
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=429259433533&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVyZT4iLCJpZCI6IjxpbnNlcnQgb3JkZXIgaWQgdmFsdWUgaGVyZT4ifQ&loc=https%3A%2F%2Fwww.theoriginalshotels.com%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame 70B8
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=886863213815&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotels.com...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=886863213815&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotel...

111 B
593 B

499ms
499ms

Script
text/javascript

37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=886863213815&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotels.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D48575%26version%3D1%26redirected%3D1

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=886863213815&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotels.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D48575%26version%3D1%26redirected%3D1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 70B8 43 B
479 B 41ms
41ms Image
image/gif 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 3518 2f03077 master cdg-pixel-x5 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:25 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Feb 2021 09:34:24 GMT

GET
H3-Q050 200 dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214
adservice.google.com/ddm/fls/z/ Frame B6F8 42 B
476 B 62ms
48ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/activityi;dc_pre=CImA9KejjO8CFQjR7QodOcED2A;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6602217894713.214?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608
adservice.google.com/ddm/fls/z/ Frame 4E24 42 B
65 B 56ms
51ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608

Requested by

Host: 10227764.fls.doubleclick.net
URL: https://10227764.fls.doubleclick.net/activityi;dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10227764.fls.doubleclick.net/activityi;dc_pre=CKO99KejjO8CFdjL7Qod35UMKA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=7406016671802.608?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
103 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=385128758895809&ev=Microdata&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&rl=&if=false&ts=1614504865624&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Accueil%20%7C%20The%20Originals%20Hotels%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22The%20Originals%20Hotels%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2F%22%2C%22og%3Atitle%22%3A%22Accueil%20%7C%20The%20Originals%20Hotels%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Alocale%22%3A%22fr_FR%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2F%22%2C%22name%22%3A%22accueil%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1614504865119.552980197&it=1614504865014&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 28 Feb 2021 09:34:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
103 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=636014493475340&ev=Microdata&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&rl=&if=false&ts=1614504865688&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Accueil%20%7C%20The%20Originals%20Hotels%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22The%20Originals%20Hotels%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2F%22%2C%22og%3Atitle%22%3A%22Accueil%20%7C%20The%20Originals%20Hotels%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Alocale%22%3A%22fr_FR%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2F%22%2C%22name%22%3A%22accueil%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1614504865119.552980197&it=1614504865014&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 28 Feb 2021 09:34:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
103 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1441323799393005&ev=Microdata&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&rl=&if=false&ts=1614504865752&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Accueil%20%7C%20The%20Originals%20Hotels%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22The%20Originals%20Hotels%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2F%22%2C%22og%3Atitle%22%3A%22Accueil%20%7C%20The%20Originals%20Hotels%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Alocale%22%3A%22fr_FR%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2F%22%2C%22name%22%3A%22accueil%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614504865119.552980197&it=1614504865014&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 28 Feb 2021 09:34:25 GMT

GET
H2 200 ping.php Show response
apicit.net/target/ 453 B
790 B 39ms
39ms Script
application/javascript 151.80.200.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://apicit.net/target/ping.php?ref=https%3A//www.theoriginalshotels.com/&apicitsrc=&fromtimeout=0
Requested by: Host: apicit.net
URL: https://apicit.net/target/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.200.208 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/5.3.3-7+squeeze25
Resource Hash: ab6dd48f72747fdcdcbda63d9854e6a99710570d18da3efa69d8faffc1854520

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:26 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.3.3-7+squeeze25
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: application/javascript
content-length: 318
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 e3407cb8d4.js Show response
cdn.tradelab.fr/tag/ 11 KB
4 KB 123ms
30ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/tag/e3407cb8d4.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/789E) /
Resource Hash: cacf5d0f6d04b3aa6bc2b0bebdb54ce2d4df2d05f511b6460e51bd0e3f4a396e

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:26 GMT
content-encoding: gzip
last-modified: Sat, 20 Jun 2020 09:53:54 GMT
server: ECAcc (lhc/789E)
age: 166
etag: "2c55-5a880fcd9bf1b-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 4101
expires: Sun, 28 Feb 2021 10:04:26 GMT

GET
H2 200 amoureux-standard.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/570/021/ 42 KB
43 KB 522ms
520ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/570/021/amoureux-standard.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a706ffbeeeea516b3671480ca35db4e7c726e8560d68a5f703b8564726232e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:26 GMT
cf-cache-status: MISS
x-cache-key: _srcdfbec4ba377c1df078443e08abe33d78_par237d445c8d27feab1d878df395793c7f.jpeg
content-disposition: inline; filename="amoureux-standard.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43222
cf-request-id: 08899648f900005363e6930000000001
last-modified: Sun, 22 Nov 2020 15:49:21 GMT
server: cloudflare
etag: "69716364366079fcf96398f59e78e399"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62892654cbd75363-FRA
x-local-cache: HIT
expires: Mon, 28 Feb 2022 09:34:26 GMT

GET
H2 200 assiettes-relais-du-silence-le-jardin-des-plumes-giverny-4horiz-1-standard.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/570/085/ 40 KB
41 KB 520ms
519ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/570/085/assiettes-relais-du-silence-le-jardin-des-plumes-giverny-4horiz-1-standard.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b342b6ae14dfa59965c90b1d9cde5770d8919a4f0436945b1ca36e682a49bd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:26 GMT
cf-cache-status: MISS
x-cache-key: _srca94ce90a93ec3ab51f9a83f5546a9a17_par237d445c8d27feab1d878df395793c7f.jpeg
content-disposition: inline; filename="assiettes-relais-du-silence-le-jardin-des-plumes-giverny-4horiz-1-standard.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41181
cf-request-id: 08899648f900005363f72a3000000001
last-modified: Wed, 25 Nov 2020 06:49:12 GMT
server: cloudflare
etag: "080b1e688cd13bfbb3b16c1d479e046a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62892654cbd95363-FRA
x-local-cache: HIT
expires: Mon, 28 Feb 2022 09:34:26 GMT

GET
H2 200 culture-et-nature-standard.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/583/154/ 40 KB
41 KB 12ms
11ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/583/154/culture-et-nature-standard.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3df213cf7187b8502de8170f42827e7b51e7c8c07d6a6d2a9aa4e87275bef59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:26 GMT
cf-cache-status: HIT
age: 260250
x-cache-key: _src4b60d565651fc62d38b24a63212bb3e8_par237d445c8d27feab1d878df395793c7f.jpeg
cf-polished: degrade=85, origSize=46302, status=webp_bigger
content-disposition: inline; filename="culture-et-nature-standard.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41187
cf-request-id: 08899648fa00005363239a7000000001
last-modified: Wed, 25 Nov 2020 06:49:12 GMT
server: cloudflare
etag: "73564661876542c37ef4f4db9ac7d5c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 09:34:26 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62892654cbda5363-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 restaurant-relais-du-silence-le-jardin-des-plumes-giverny-3-hor-1-standard.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/570/022/ 88 KB
88 KB 17ms
16ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/570/022/restaurant-relais-du-silence-le-jardin-des-plumes-giverny-3-hor-1-standard.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54163c790f0d23db01c4af2a3aa06607062177d70be6c961c071fde6e6826677

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:26 GMT
cf-cache-status: HIT
age: 63029
x-cache-key: _src80cecc16adfa866b6e9b6d8d7200f33c_par237d445c8d27feab1d878df395793c7f.jpeg
cf-polished: degrade=85, origSize=95448, status=webp_bigger
content-disposition: inline; filename="restaurant-relais-du-silence-le-jardin-des-plumes-giverny-3-hor-1-standard.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 90034
cf-request-id: 08899648fa00005363c4080000000001
last-modified: Sun, 22 Nov 2020 15:49:41 GMT
server: cloudflare
etag: "14e9b69420edf07d4e0f4378badee5e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 09:34:26 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62892654cbdb5363-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 wine-standard.jpg
cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/542/278/ 22 KB
22 KB 16ms
15ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW800/unit-media/seh-unit/uploads/images/offer_photo/001/542/278/wine-standard.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99d29b3d94760f2410f1726a813d4ba281e71366ab524c8d62b54b4e77933541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:26 GMT
cf-cache-status: HIT
age: 160992
x-cache-key: _src631f647bede0919e321360a34cdc55c3_par237d445c8d27feab1d878df395793c7f.jpeg
cf-polished: qual=85, origFmt=jpeg, origSize=27498
content-disposition: inline; filename="wine-standard.webp"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22576
cf-request-id: 08899648fa00005363fab6d000000001
last-modified: Sun, 22 Nov 2020 15:49:33 GMT
server: cloudflare
etag: "f63a900bf7db7c6c5daa9a4a24f9e67f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 09:34:26 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62892654cbdc5363-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 / Show response
tags.clickintext.net/replicate.log/ 32 B
519 B 210ms
124ms Script
text/html 151.80.200.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickintext.net/replicate.log/?ishttps=1&ee=&apicitIdPAPXTime=70bff59e73f53500ba26afc039bda7fe&apicitIdPAPXTimeMore=
Requested by: Host: apicit.net
URL: https://apicit.net/target/ping.php?ref=https%3A//www.theoriginalshotels.com/&apicitsrc=&fromtimeout=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/5.6.26
Resource Hash: 85d9445c772dc2ef75515b0432eaf5760212118aaeef9aa6c9fca5f0b7a651b0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:26 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.6.26
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=ISO-8859-1
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

/ Show response
its.tradelab.fr/
Redirect Chain

https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
https://its.tradelab.fr/?type=tlsync&uuid2=3687557771963540380&callback=tl_sync

53 B
686 B

106ms
33ms

Script
application/javascript

85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://its.tradelab.fr/?type=tlsync&uuid2=3687557771963540380&callback=tl_sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 /
Resource Hash: 361ee0ad3c90dae46ef310702b945f8e5f49312cc197c617a9099d783f2dcfef

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:26 GMT
Server: nginx/1.17.6
Transfer-Encoding: chunked
P3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: application/javascript

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:26 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.236:80
AN-X-Request-Uuid: b034a35b-c3a3-480c-947b-f92033bcec77
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: //its.tradelab.fr/?type=tlsync&uuid2=3687557771963540380&callback=tl_sync
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 124ms
124ms Image
image/gif 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=2491894:80&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:26 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.47:80
AN-X-Request-Uuid: 4b2ec83b-6f5b-41f5-9d4c-2c12773b90da
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 4485.js Show response
cdn.tradelab.fr/fseg/ 7 KB
3 KB 29ms
29ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/fseg/4485.js?add=22356130
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/e3407cb8d4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/7953) /
Resource Hash: 57e1dc753eb095096e9d6fc65d943798afe24ec497bca16d4a3847d11469219e

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:26 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 09:18:31 GMT
server: ECAcc (lhc/7953)
age: 164
etag: "1bc0-5a83006e69121-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2595
expires: Sun, 28 Feb 2021 10:04:26 GMT

GET
H3-Q050

200

activityi;dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20' Show response
10150729.fls.doubleclick.net/ Frame 0A6A
Redirect Chain

https://10150729.fls.doubleclick.net/activityi;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20'?
https://10150729.fls.doubleclick.net/activityi;dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20...

409 B
420 B

261ms
261ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10150729.fls.doubleclick.net/activityi;dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20'?

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

854f7e84faf4b67e89f5d9e1d057d3c4f8443899c53ab2c299e900497b78577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10150729.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20'?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theoriginalshotels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmFCw3WEvecdNhOJYnGyVoVeb3lUOKkj3GasFPLv65pj-s0S8Qscv-T2NXYtCc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.theoriginalshotels.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:26 GMT
expires: Sun, 28 Feb 2021 09:34:26 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 332
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Feb 2021 09:34:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10150729.fls.doubleclick.net/activityi;dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20'?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

/
its.tradelab.fr/
Redirect Chain

https://its.tradelab.fr/?type=tp&advid=4704033&uuid=3687557771963540380&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614504866%2C%22page_url%22%3A%22www.theoriginalshotels.com%2F%...
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEG678ITFlLDeYWbktAMm1D0&google_cver=1

43 B
578 B

31ms
30ms

Image
image/gif

85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEG678ITFlLDeYWbktAMm1D0&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node1.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:26 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node1.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEG678ITFlLDeYWbktAMm1D0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1271023.js Show response
cdn.tradelab.fr/conv/ 5 KB
2 KB 29ms
29ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/conv/1271023.js
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/4485.js?add=22356130
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/7937) /
Resource Hash: 2dc1da35ab722794bc0157ab7417f5d174174614d3e23ee985d2d9d703fc74c8

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:26 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 10:07:01 GMT
server: ECAcc (lhc/7937)
age: 163
etag: "1296-5a830b45a68d1-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 1629
expires: Sun, 28 Feb 2021 10:04:26 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ 43 B
569 B 33ms
33ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1271023%2C%22l%22%3A%5B%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=4704033&xur=www.theoriginalshotels.com%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614504866%2C%22page_url%22%3A%22www.theoriginalshotels.com%2F%22%2C%22dm%22%3A%22theoriginalshotels.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614504866%2C%22prev_vis_ts%22%3A1614504866%2C%22curr_vis_ts%22%3A1614504866%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D&uuid=3687557771963540380
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:26 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node4.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK px
secure.adnxs.com/ 43 B
968 B 93ms
35ms Image
image/gif 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1271023&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:26 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid: b9b6206e-fb9c-4295-a88e-4ba56cce8402
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 112ms
55ms Image
image/gif 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=22356130&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:26 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.165:80
AN-X-Request-Uuid: 4307f231-c6ae-4c5c-bf92-8418652ad727
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ 43 B
1019 B 68ms
35ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=fseg&uuid2=3687557771963540380&sid=22356130&val=undefined&fun=4485&step=1&siev=22356127&fp=0&advid=4704033&isregen=0&ua=Mozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F83.0.4103.61%2520Safari%252F537.36&ur=https%253A%252F%252Fwww.theoriginalshotels.com%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614504866%2C%22page_url%22%3A%22www.theoriginalshotels.com%2F%22%2C%22dm%22%3A%22theoriginalshotels.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614504866%2C%22prev_vis_ts%22%3A1614504866%2C%22curr_vis_ts%22%3A1614504866%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D&uuid=3687557771963540380
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node1.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:26 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node1.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H3-Q050 200 dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20'
adservice.google.com/ddm/fls/z/ Frame 0A6A 42 B
88 B 42ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20'

Requested by

Host: 10150729.fls.doubleclick.net
URL: https://10150729.fls.doubleclick.net/activityi;dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20'?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10150729.fls.doubleclick.net/activityi;dc_pre=CKO4s6ijjO8CFa5qFQgdPzcPfA;src=10150729;type=invmedia;cat=visit0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord='%20+%20a%20+%20'?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/43/8a/ 75 KB
28 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/43/8a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyA5kF3IVVjrwMwf2MOdHl1JBdbdBOgDas4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae5237b82b0b640822d5aa6c3ac444e3713971530f89664e4ff876275b3af569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 02:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 00:35:07 GMT
server: sffe
age: 199445
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28107
x-xss-protection: 0
expires: Sat, 26 Feb 2022 02:10:24 GMT

GET
H3-Q050 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/43/8a/ 145 KB
54 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/43/8a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyA5kF3IVVjrwMwf2MOdHl1JBdbdBOgDas4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c2a3c7b4de6a6ef709ce7b013148bb56839367b56605d8e0c028790b7be153b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 02:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 00:35:07 GMT
server: sffe
age: 199445
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54980
x-xss-protection: 0
expires: Sat, 26 Feb 2022 02:10:24 GMT

GET
H3-Q050 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
125 B 31ms
30ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.theoriginalshotels.com%2F&4sAIzaSyA5kF3IVVjrwMwf2MOdHl1JBdbdBOgDas4&callback=_xdc_._w0pgw9&key=AIzaSyA5kF3IVVjrwMwf2MOdHl1JBdbdBOgDas4&token=98663

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/43/8a/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

aa3f9bb57bbdd81801ef1f7e64853f5ff745f4f4bce16a09454bcf52cf8dce56

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 09:34:29 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=17
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4485.js Show response
cdn.tradelab.fr/fseg/ 7 KB
3 KB 28ms
27ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/fseg/4485.js?add=22356131
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/e3407cb8d4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/7953) /
Resource Hash: 57e1dc753eb095096e9d6fc65d943798afe24ec497bca16d4a3847d11469219e

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:31 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 09:18:31 GMT
server: ECAcc (lhc/7953)
age: 169
etag: "1bc0-5a83006e69121-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2595
expires: Sun, 28 Feb 2021 10:04:31 GMT

GET
H2 200 1271024.js Show response
cdn.tradelab.fr/conv/ 5 KB
2 KB 30ms
30ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/conv/1271024.js
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/4485.js?add=22356131
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/790F) /
Resource Hash: bd76f5921e8b6ff341c745fda529526a945cac3d8381eb004b5055046a3098d9

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:34:31 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 10:07:02 GMT
server: ECAcc (lhc/790F)
age: 162
etag: "1296-5a830b4667e8b-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 1629
expires: Sun, 28 Feb 2021 10:04:31 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ 43 B
569 B 94ms
32ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1271024%2C%22l%22%3A%5B%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=4704033&xur=www.theoriginalshotels.com%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614504866%2C%22page_url%22%3A%22www.theoriginalshotels.com%2F%22%2C%22dm%22%3A%22theoriginalshotels.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614504866%2C%22prev_vis_ts%22%3A1614504866%2C%22curr_vis_ts%22%3A1614504866%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D&uuid=3687557771963540380
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node3.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:31 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node3.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK px
secure.adnxs.com/ 43 B
967 B 43ms
42ms Image
image/gif 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1271024&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:31 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid: 22c2e477-6d8e-4dde-9f96-175b40f24bd2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 29ms
28ms Image
image/gif 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=22356131&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:31 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid: 2787bf70-d6a7-4b5c-b566-5141b9e2efca
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ 43 B
1023 B 93ms
33ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=fseg&uuid2=3687557771963540380&sid=22356131&val=undefined&fun=4485&step=2&siev=22356128&fp=0&advid=4704033&isregen=0&ua=Mozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F83.0.4103.61%2520Safari%252F537.36&ur=https%253A%252F%252Fwww.theoriginalshotels.com%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614504866%2C%22page_url%22%3A%22www.theoriginalshotels.com%2F%22%2C%22dm%22%3A%22theoriginalshotels.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614504866%2C%22prev_vis_ts%22%3A1614504866%2C%22curr_vis_ts%22%3A1614504866%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D&uuid=3687557771963540380
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node2.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 09:34:31 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node2.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 70B8 43 B
489 B 44ms
43ms Image
image/gif 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 3518 2f03077 master cdg-pixel-x26 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 09:34:35 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Feb 2021 09:35:20 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad-srv.net/	1970-01-19 18:38:00	Name: kdb0xdq3ls8m_uid Value: 2682bdb1c3c76e21
.redintelligence.net/	1970-01-19 18:38:00	Name: 8lcfmzhxc8d6_uid Value: 3b580067c6927b72
.theoriginalshotels.com/	1970-01-19 18:38:00	Name: _fbp Value: fb.1.1614504865119.552980197
.theoriginalshotels.com/	1970-01-19 16:28:24	Name: _gat_tct Value: 1
.theoriginalshotels.com/	1970-01-19 16:28:24	Name: _gat_OGH_ga Value: 1
.doubleclick.net/	1970-01-20 01:50:00	Name: IDE Value: AHWqTUmFCw3WEvecdNhOJYnGyVoVeb3lUOKkj3GasFPLv65pj-s0S8Qscv-T2NXYtCc
.theoriginalshotels.com/	1970-01-19 18:38:00	Name: _gcl_au Value: 1.1.399174494.1614504864
www.theoriginalshotels.com/	1970-01-19 16:28:26	Name: galaxy-session-cookie-fr Value: true
.theoriginalshotels.com/	1970-01-19 16:28:24	Name: _gat_UA-162681275-3 Value: 1
.theoriginalshotels.com/	1970-01-19 16:29:51	Name: _gid Value: GA1.2.213244552.1614504865
.www.theoriginalshotels.com/	1970-01-19 17:11:36	Name: __cfduid Value: d3339ff0d5afc89cfadc9767503f4d12f1614504863
www.theoriginalshotels.com/	1969-12-31 23:59:59	Name: loginpromo Value: appeared
.theoriginalshotels.com/	1970-01-20 09:59:36	Name: _ga Value: GA1.2.506389444.1614504865
www.theoriginalshotels.com/	1970-01-19 17:11:36	Name: galaxy-has-visited Value: 1
www.theoriginalshotels.com/	1969-12-31 23:59:59	Name: __tcet Value: 1614504864

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9154c97b09449c767fd0200477ae36af(Line 80) Message: [object Object]
console-api	log	URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9154c97b09449c767fd0200477ae36af(Line 80) Message: pushed!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10140364.fls.doubleclick.net
10150729.fls.doubleclick.net
10227764.fls.doubleclick.net
5994599.fls.doubleclick.net
8741099.fls.doubleclick.net
ad.ad-srv.net
ad.doubleclick.net
ads.creative-serving.com
adservice.google.com
adservice.google.de
apicit.net
bh.contextweb.com
cdn.galaxy.tf
cdn.tradelab.fr
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
ib.adnxs.com
ice.360yield.com
id5-sync.com
insight.adsrvr.org
its.tradelab.fr
js.sddan.com
maps.googleapis.com
match.justpremium.com
pixel.mathtag.com
s2.adform.net
sddan.mgr.consensu.org
secure.adnxs.com
simage2.pubmatic.com
stats.g.doubleclick.net
tags.clickintext.net
track.adform.net
u.logbor.com
us-u.openx.net
vu.adschoom.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.theoriginalshotels.com
www.travelclick-websolutions.com
x.bidswitch.net
138.201.63.149
142.250.185.194
142.250.185.70
142.250.186.66
151.80.200.208
151.80.200.209
152.199.20.219
172.217.16.134
18.193.31.194
185.33.221.14
185.64.190.80
195.244.31.25
198.148.27.139
23.210.249.113
2606:4700::6810:125e
2606:4700::6811:b664
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.177.185
35.244.159.8
37.157.2.237
37.157.5.71
51.15.145.116
51.158.28.83
52.208.188.183
52.210.171.182
52.28.120.199
52.29.181.205
54.36.109.156
85.17.192.104
88.99.219.174
89.185.38.89
95.131.137.7
008eedf237f732c94b135c5893db4af1a8ea8d547ffa4eab8a414cde17a8c561
01d96be9c95226c3f20c07bbfef2182a18ec334292832a6b7d700a37729f99d9
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05fba251c877682eed86be46f6befb46eb797ffd4a59ad53be2f8aa5b8c53bb1
093554855150e5e313e6d83dff1cbfc374b2842efefce4679064e09fc184dfd1
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d1551c4b33cbbcd88d0bce3ecc6a37583a2c83cc560db6755b309e1bd640b5
16650f75bc05aaa17b696d055ce2c2f08d8a2277369e7560a407fa63b0f7c0ae
19e25384063a107d5beb3cdb1016f96d120ad5b0f6bf6b54feb94bfc3a7594c1
1c004c42d54b03392207197631d184933bf934878e7aac92c669d1f6ffa1634b
1d5f2431e64e1df06d324c57d46915a4a505491e2609558bf779ccc255aa2b1c
1e6007968d4610541e567e270109d40dca0c07f5b4fa89b22d48470963d13e30
1e783da1add83bab30bc947f653fb93afba0b1b1d9f1fba31b0bb3ae71fa9ba3
208b2fdf5093cbd11b0a41b88f17699def2939c5e846692bb312dc855c9bc752
28ccb96eaaff5a2fc0ea7dfa45efbac11e5ac0fde9ff110fdce47ef10b4c54ae
28d18d2ba2af09165113d4388f163a8f4e6c1e04d1458791e305883411312d7b
29e056a988f874565b954c03f119955657ed0a369cb975a4645c79731914f9ef
2a6c4ad693c3c5e5c44d0ae8b2a878c08082387385a1edccb85a822f5f44ff70
2d9c80761355437178e0782caeafad6de4c55a9de00a4eac77a077f2af3d08c1
2dc1da35ab722794bc0157ab7417f5d174174614d3e23ee985d2d9d703fc74c8
30d9d21875166dbb1f22133a829f9aecd31bda2098541579f2ada95f51f945ec
312e3949dc0d0ca10792535b1bf6a8d2ff5c0e69d78661a46b3a0ebdec700ae0
318c18bf81911f5bf528004448e0dfb39faeaa5a55ccc4638636180464fa69df
359b23b64a3edd02b01aa2aed41fe89ac3fbd435d3d64fae5dcf665d73d9b006
361ee0ad3c90dae46ef310702b945f8e5f49312cc197c617a9099d783f2dcfef
389d9b1c8619cf7582d3a948e52734230352a55c4dd8b039a5b3c52095a0f448
416e4fbb39bc70c695b89e41d4c6818eba743a4e8c19f43b137df4b3fc4af972
41b2dd11c666234dcffd5a9703bc5cbc54fd28d650807d82c7ddcd5c3793ad97
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4496790355109e59d18432247f4ca567a7dbfbd8890495348c02e25ea958fc7c
45336bf2c27960347588ebaedc466e533d74cb661ed98b7d8b45c27a54e0e596
45f561b7fe08af5afa017a87fdef48c4afa2c2220e48cc9f17b4bfb46d265809
464e1b405dc25d57a8fad36f7f8683f950b7507ab9a5001670aad386bca0691a
469e10df142a5884e59c7a93596294a29a0c1f5e57c830c0470647dcbeee334a
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
46e9603c4ad1b706147d801d1388611cdae6a0aeee2811b756f82fd01c8264c8
46f9b1b76f587567e21268b7076e08c0251271f5b8f59c496aea338fa73853b5
47c0b240f44cfa3fe47a21ed5d36d3c69a987251040c86a868ac31f93e0b4c5a
499a9ecc99aea91ace906958fca31ea80ad67b4cbeea41cb859d75d2c80b83d9
49c8e6550bce32873be16078dee8898012699af77d984d33983d701e2f3e9854
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df34d38bc7e72896e030a16ae7c7df895b9b56d1ca015858396f03d0bdffb37
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54163c790f0d23db01c4af2a3aa06607062177d70be6c961c071fde6e6826677
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56ae1b93900a72535ae08bbc8a32e7ea06c594f20579b7bbb91fe9dd52ea73b3
57e1dc753eb095096e9d6fc65d943798afe24ec497bca16d4a3847d11469219e
59e893fd1ca74befca33bf6de97595dc74422fb855810a0551b8ba9421747822
5a7c1752d0e51a9884db4c9e02880989c2711e45a4dfe0f962ad6d55431ae0d2
6112e7adf8516eae338af74195ea55cc8c1d749816374cd3a640dde7562fe29a
61f27543ef174918ddeb03adf11517492257721732f5e6180b131ddb1335d6b2
64554b950459b990eb022dc55fce559cb248e7f466a06ea57f66e64b76e4901c
661d169c99229b3286fad3d385aa66f8849504e368075acaff9505e3cda24b6f
6a706ffbeeeea516b3671480ca35db4e7c726e8560d68a5f703b8564726232e1
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3c9446ea12497ec7d965c368058c1a33f823623c2b0cdacf812ca7accbfb31
6e11b378633dfbaee25e9f973b3480d5e5c27251426269328cc88ec7843ed30c
6ff4738e468f035852f9d09c06aebec500370e6d3a6cf7cab2bdf890bd22d873
72e0249618cd8044382e94d89cf61cea27f1f41815b3d994e170cc13fa245f5e
73f8ed2959711e2d5e209885c2c337a0a75329de89e93193b828132c750f3da8
77d9542d19d4f85e7e7cdc6abb8acd75c68284eb745a38a5705473ed48f63f2a
794777a48f26375e8937e6e406b63b129592c604f6780d63b729da3e977d72b6
799b56eab7270dfc6b1208944afd06c7a7c4f9f85ac0f842737efce2f293f033
7b8a2a1dc95d30c81eb7ccf4b4e5944423abc504f7a97376b36ea27748b1537a
7c2a3c7b4de6a6ef709ce7b013148bb56839367b56605d8e0c028790b7be153b
7e0c69b457fbead1ff55064e397255b73fe5a3cf334d24faaaef72bdf71ae8ea
854f7e84faf4b67e89f5d9e1d057d3c4f8443899c53ab2c299e900497b78577b
85d9445c772dc2ef75515b0432eaf5760212118aaeef9aa6c9fca5f0b7a651b0
8b22f2953eca122aeb88385ff1076e6b4775f232e78aaa84c7454b0910bd3218
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94955790a00509e56d6b914dd8a65f7fc430ddd73804938ef60b07c3ab6c3f3a
974133bde5f74dcd1b2c19e233e27c1dd861aa22516575eea95827305ab819a2
994a1aea3e4babc911024c4c3638c0dee918d4e482117752663836599d52e193
99d29b3d94760f2410f1726a813d4ba281e71366ab524c8d62b54b4e77933541
9e1643fbbd726611ae85daa3796dfe933445cecff34d4fd149fb1ba42f22a44a
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a035c4583c1aadccdeba7d24ec17d6b1cc6f26aff57af70f3e5e4109db09d445
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a68de406188ab6e9cacf06d04ac1a379009da99d4cfd2bf59e136ab0efbaad0a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa3f9bb57bbdd81801ef1f7e64853f5ff745f4f4bce16a09454bcf52cf8dce56
ab6dd48f72747fdcdcbda63d9854e6a99710570d18da3efa69d8faffc1854520
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
ae5237b82b0b640822d5aa6c3ac444e3713971530f89664e4ff876275b3af569
ae6b3c7a624555f111a0ad50cd99ef1622a3542633631af7308ed792694a564a
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
afe0ef857cfe83bdae0119de815e6e5414a13e41f528e7e48ba6c08141bd64be
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2fd82e920988463d77ceeef8481175e86cc88342962ceeb0e983eaf6fa4063c
b342b6ae14dfa59965c90b1d9cde5770d8919a4f0436945b1ca36e682a49bd99
b3df213cf7187b8502de8170f42827e7b51e7c8c07d6a6d2a9aa4e87275bef59
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
b6d0c93f1f8d80347943722f2eadb08d1a33045b05058db74931ca0d3ea1f709
b77f93b1793ae5fd2b88b11f79acf48aacec70628adc749f4710313618c67c24
b99d411bd16e842ca2482a4559a2f61d66f1bf7852a08e7185c1417c543a997d
bb48a30f1f7d48a6bff82fbac3df19b05b60dac198e7af36685db5f37afad719
bd76f5921e8b6ff341c745fda529526a945cac3d8381eb004b5055046a3098d9
bd82cf0ab21c7dbb540e83b216e6eda1e93fa34113a7ab5d976d590c26ca012d
bee0eff9984ce8773bae4e5c09c89f1295fadbd799f903199cd627c6a88c94be
c167febb47d65ab8cc512ff84426e130600f5d5fe9b7c486a332b77c387f5c3d
c1768aad1a508c0427c3f80c87035acfb275d3479c3802ad92cfbfe72c2ab8c5
c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2
c472576f4b565d32159c395fee6a3923b89b70d5041b95da1a3ee66504ccf837
c745d97eb264883133b07b7dcce7239d932c98aa45ef199cf6f0abf2f3072ab0
cacf5d0f6d04b3aa6bc2b0bebdb54ce2d4df2d05f511b6460e51bd0e3f4a396e
cc29bb0fb02b21b79025d278d6b10e555c1dff304a7b08fda0aec9c75fefed25
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d9d1912f6f27a3f93a99029929f63889e012db80ec69a8cf1b667591ec7249f5
db8ca2f3269aa36cc72fd52feb982926f662d0bd170c93e292517e2ecebd8795
db8d9f89237b05dc214551dfd351324af28fed9cc6cf0b4fb28633ab253a7d22
dc458cce2eca280f725fa198fdf216a99a1e6485374ffc7fa0471959c997c4e9
dc6c5883a703c893b487a48f2b13ae9f58d3a62cb954e2c65961d3b377aeb555
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfd16da19a03ae3bfc8d414e7f0215003b4ae3cb340aafebb4dfd051dffdfa34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b12ca4adaadf5bb8964ab3f32a79fbb0a1a8c4e47120bb448958fd29892645
e5c927a0a0cdceb7d10a759a4a4ec2344dd7f2c14ee9042cbcd09f801862e60c
ed1d8362a60d16cfca89c19e6e6697eb0fbc1b3724192cb4f0e41bd58dfa4094
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09759d7dde484b7a51cb76c60a1929711993e3e2642b03284c12e38a40dad0c
f7fe0116425ec0149d297f8b864e6f71469c172c6f0959ed6b05fd9dde183fff

www.theoriginalshotels.com Open in urlscan Pro 2606:4700::6811:b664 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

153 Requests

100 %HTTPS

37 %IPv6

36 Domains

49 Subdomains

43 IPs

8 Countries

8047 kBTransfer

11051 kBSize

15 Cookies

4 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theoriginalshotels.com Open in urlscan Pro
2606:4700::6811:b664 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

100 %
HTTPS

37 %
IPv6

36
Domains

49
Subdomains

43
IPs

8
Countries

8047 kB
Transfer

11051 kB
Size

15
Cookies

153 HTTP transactions
0 data transactions