auto.newpz.shop Open in urlscan Pro
2606:4700:3033::ac43:8038 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auto.newpz.shop/
Submission: On January 15 via api (January 15th 2024, 8:28:10 pm UTC) from US — Scanned from US

Summary HTTP 104 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 20 domains to perform 104 HTTP transactions. The main IP is 2606:4700:3033::ac43:8038, located in United States and belongs to CLOUDFLARENET, US. The main domain is auto.newpz.shop.
TLS certificate: Issued by E1 on January 13th 2024. Valid for: 3 months.

This is the only time auto.newpz.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3033::ac43:8038	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2606:4700::68... 2606:4700::6812:aa54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.64.114 151.101.64.114	54113 (FASTLY) (FASTLY)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:220... 2600:9000:2209:c800:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:936c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2606:4700:303... 2606:4700:3030::ac43:a4e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	108.139.47.55 108.139.47.55	16509 (AMAZON-02) (AMAZON-02)
2	104.100.68.178 104.100.68.178	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
4	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
1	20.82.9.244 20.82.9.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.69.68.43 13.69.68.43	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	151.101.1.182 151.101.1.182	54113 (FASTLY) (FASTLY)
2	2600:9000:21e... 2600:9000:21ea:ac00:1d:40aa:1fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
104	25

7 2606:4700:3033::ac43:8038 (United States)

ASN13335 (CLOUDFLARENET, US)

auto.newpz.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6812:aa54 (United States)

ASN13335 (CLOUDFLARENET, US)

www.h-hotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.quicktext.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:c800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:936c (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3030::ac43:a4e2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onboard.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.139.47.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-55.jfk50.r.cloudfront.net

www.thehotelsnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.100.68.178 (Santa Clara, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-100-68-178.deploy.static.akamaitechnologies.com

www.wepowerconnections.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.82.9.244 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

geoip.quicktext.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.69.68.43 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

widget-api.quicktext.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o313875.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.182 (United States)

ASN54113 (FASTLY, US)

static-meta.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21ea:ac00:1d:40aa:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

p.relay-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	h-hotels.com www.h-hotels.com — Cisco Umbrella Rank: 806945	1 MB
15	quicktext.im cdn.quicktext.im — Cisco Umbrella Rank: 138142 geoip.quicktext.im — Cisco Umbrella Rank: 166675 widget-api.quicktext.im — Cisco Umbrella Rank: 145457	467 KB
10	triptease.io 1 redirects onboard.triptease.io — Cisco Umbrella Rank: 30243 static-meta.triptease.io — Cisco Umbrella Rank: 80800	146 KB
8	thehotelsnetwork.com www.thehotelsnetwork.com — Cisco Umbrella Rank: 34909	172 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 c.clarity.ms — Cisco Umbrella Rank: 1351 t.clarity.ms — Cisco Umbrella Rank: 6984	28 KB
7	newpz.shop auto.newpz.shop	30 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	734 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	5 KB
3	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 7519	11 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	265 KB
2	relay-t.io p.relay-t.io — Cisco Umbrella Rank: 40560	5 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 6149 browser.sentry-cdn.com — Cisco Umbrella Rank: 4957	25 KB
2	wepowerconnections.com www.wepowerconnections.com — Cisco Umbrella Rank: 45025	580 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	sentry.io o313875.ingest.sentry.io	364 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4433	13 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 247	761 B
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 3643	48 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	7 KB
0	evergage.com Failed hhotelsag.germany-2.evergage.com Failed
104	20

	Domain	Requested by
23	www.h-hotels.com	auto.newpz.shop www.h-hotels.com
13	cdn.quicktext.im	auto.newpz.shop cdn.quicktext.im
8	www.thehotelsnetwork.com	www.googletagmanager.com www.thehotelsnetwork.com
7	onboard.triptease.io	1 redirects onboard.triptease.io browser.sentry-cdn.com
7	auto.newpz.shop	auto.newpz.shop www.h-hotels.com static.cloudflareinsights.com
4	t.clarity.ms	www.clarity.ms browser.sentry-cdn.com
4	www.google.com
3	static-meta.triptease.io	onboard.triptease.io browser.sentry-cdn.com
3	cookie-cdn.cookiepro.com	www.googletagmanager.com cookie-cdn.cookiepro.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	www.googletagmanager.com	auto.newpz.shop static-meta.triptease.io www.googletagmanager.com
2	p.relay-t.io	static-meta.triptease.io browser.sentry-cdn.com
2	www.wepowerconnections.com	www.dwin1.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	cdn.quicktext.im www.clarity.ms
1	o313875.ingest.sentry.io	browser.sentry-cdn.com
1	browser.sentry-cdn.com	js.sentry-cdn.com
1	js.sentry-cdn.com	www.thehotelsnetwork.com
1	widget-api.quicktext.im	cdn.quicktext.im
1	geoip.quicktext.im	cdn.quicktext.im
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.dwin1.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	cdn.evgnet.com	auto.newpz.shop
1	static.cloudflareinsights.com	auto.newpz.shop
0	hhotelsag.germany-2.evergage.com Failed	cdn.evgnet.com
104	27

This site contains links to these domains. Also see Links.

Domain
blog.h-hotels.com
secure.h-hotels.com
www.h-hotels.jobs
www.h-hotels.com
www.facebook.com
www.instagram.com
de.linkedin.com
www.youtube.com
www.pinterest.de

Subject Issuer	Validity	Valid
newpz.shop E1	`2024-01-13` - `2024-04-12`	3 months	crt.sh
h-hotels.com Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.quicktext.im Sectigo RSA Domain Validation Secure Server CA	`2023-11-30` - `2024-12-29`	a year	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-03-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
*.thehotelsnetwork.com Amazon RSA 2048 M03	`2023-09-21` - `2024-10-19`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
onboard.triptease.io GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.triptease.io GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-01` - `2024-08-01`	a year	crt.sh
p.relay-t.io Amazon RSA 2048 M01	`2023-05-30` - `2024-06-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://auto.newpz.shop/
Frame ID: 4AE65CFB1586BF3D68B1A6C326079864
Requests: 109 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/v7260.93406/kernel-host.html?originHost=auto.newpz.shop
Frame ID: 8788905364CCE3B5641D71CBEC4202E4
Requests: 2 HTTP requests in this frame

Frame: https://www.thehotelsnetwork.com/widget/core/latest/hub/
Frame ID: FB7F1B68F9A14F6CD53B0EF61A3793A7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.quicktext.im/assets/css/fonts.css
Frame ID: 81C8CCC6F9D0E1E34F6A7C56B039B6C6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.quicktext.im/assets/css/fonts.css
Frame ID: 55C0B01827C974FAD01A071F4692D6DC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.quicktext.im/assets/css/fonts.css
Frame ID: 13EC6721DDFF0200A66F2A4FD7C0D512
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

H-Hotels.com - Offizielle Webseite HYPERION & H-Hotels

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

<script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Page Statistics

104
Requests

89 %
HTTPS

64 %
IPv6

20
Domains

27
Subdomains

25
IPs

2
Countries

2340 kB
Transfer

5918 kB
Size

20
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.h-hotels.com/
Title: Reiseblog

Search URL Search Domain Scan URL

URL: https://secure.h-hotels.com/de/reservation_page
Title: Reservierung

Search URL Search Domain Scan URL

URL: https://secure.h-hotels.com/de/hotel/15742
Title: » Jetzt buchen

Search URL Search Domain Scan URL

URL: https://secure.h-hotels.com/de/hotel/20011
Title: » Jetzt buchen

Search URL Search Domain Scan URL

URL: https://secure.h-hotels.com/de/hotel/15725/package/15725-24
Title: Angebot

Search URL Search Domain Scan URL

URL: https://www.h-hotels.jobs/
Title: » Zum Karriereportal

Search URL Search Domain Scan URL

URL: https://www.h-hotels.com/_Resources/Persistent/8/c/5/5/8c55bb21bfab9fc492fc9e537220c959edec44ea/h-hotels-magazin-2020-01.pdf
Title: Hotelmagazin

Search URL Search Domain Scan URL

URL: https://www.h-hotels.jobs/de/ausbildung
Title: Ausbildung

Search URL Search Domain Scan URL

URL: https://www.h-hotels.jobs/de/stellenangebote
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hhotelscom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/h_hotels_com/

Search URL Search Domain Scan URL

URL: https://de.linkedin.com/company/h-hotels-com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Hhotels_com

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/h_hotels/

Search URL Search Domain Scan URL

URL: https://secure.h-hotels.com/de
Title: Zur Buchung

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=946D543BAF7A4E729CAC16A5683D4A9A&RedC=c.clarity.ms&MXFR=1DC9BC92DE55684102E8A895DA55663C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=946D543BAF7A4E729CAC16A5683D4A9A&MUID=121E39D54B6A68EF2D4E2DD24A06698D

Request Chain 60

https://onboard.triptease.io/bootstrap.js?integrationId=01F7Y032KYE8569FY61NJWTPND HTTP 307
https://onboard.triptease.io/bootstrap/v7260.93406/bootstrap.js

104 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auto.newpz.shop/ 97 KB
20 KB 489ms
383ms Document
text/html 2606:4700:3033::ac43:8038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:8038 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef87ebe89e4f3c7599d3406e97adb7b86ebf204f050b2750f01cb980dd40dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 456356
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
cf-ray: 8460dcddccad9abf-MIA
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 15 Jan 2024 20:28:01 GMT
expires: Tue, 14 Jan 2025 20:28:01 GMT
last-modified: Fri, 05 Jan 2024 14:53:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaeK5AV7Kxg5Xq6cc8XFmtC2s6cw51KRtvyrx5GqzPJCXm692455cx0JuiJTYwxG0Y4lIhoG7PhlMuQ7Su3T%2FoCXXarz8oXcqn2c0kvTF46VVnRi4GMJAQ%2FYBEs40HRo1mkHjzQdzw8QCLmA%2F8k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-flow-powered: Flow/7.3 Neos/7.3
x-forwarded-for: 162.158.202.7
x-processed-by: www.h-hotels.com
x-remote-addr: 185.15.194.163

GET
H2 200 Main.css
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/ 294 KB
47 KB 176ms
63ms Stylesheet
text/css 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/Main.css?cb=ee3b08c8-153a-4816-ac19-7b053d87f8c1

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46985366c02484321957c6aee3455a3bc5dd5d7342594dacc5787ec79837437d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 11392
cf-polished: origSize=301722
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 20:58:55 GMT
server: cloudflare
etag: W/"2a0ad7-49a9a-60ce3227b3886"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8460dce1094a74c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 Tailwind.css
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/ 27 KB
6 KB 170ms
58ms Stylesheet
text/css 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/Tailwind.css?cb=ee3b08c8-153a-4816-ac19-7b053d87f8c1

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

828cf349c051bfa5aedcf73f487862c5c0a04ce1199f9d6541f02bc434e40cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 881721
cf-polished: status=cannot_optimize
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 20:59:01 GMT
server: cloudflare
etag: W/"2a0ad8-6dbb-60ce322d465ba"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8460dce1094574c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET MarselisWebPro.woff2
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/ 0
0

GET hhotels-icons.woff2
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/ 0
0

GET fontawesome-webfont.woff2
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/ 0
0

GET
H2 200 h-hotels-logo-header.svg
www.h-hotels.com/_Resources/Persistent/8/e/5/5/8e5507e752d9e6177cf8e77c7ef2b25e2b86010b/ 4 KB
2 KB 171ms
60ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/8/e/5/5/8e5507e752d9e6177cf8e77c7ef2b25e2b86010b/h-hotels-logo-header.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8b04c5832326994a174ea2b92baee7a9125f89db4b73f641ad73a122c3f0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 881721
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 04 Feb 2020 08:52:26 GMT
server: cloudflare
etag: W/"c06c5-e0c-59dbc28bd340c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce1094c74c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 flagge-deutschland.svg
www.h-hotels.com/_Resources/Persistent/d/c/3/e/dc3e34b433086386101f4185782c7ef56ccf1bbf/ 490 B
395 B 65ms
59ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/d/c/3/e/dc3e34b433086386101f4185782c7ef56ccf1bbf/flagge-deutschland.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85665020508de909a7508dc7919bbe84e446d779e4ed3025395a707d976ad198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 534438
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Nov 2017 13:32:53 GMT
server: cloudflare
etag: W/"da0a37-1ea-55ea67928d61c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce16a3274c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 flagge-oesterreich.svg
www.h-hotels.com/_Resources/Persistent/a/c/6/5/ac657c572669c6472129487966cc22e284590571/ 505 B
382 B 66ms
62ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/a/c/6/5/ac657c572669c6472129487966cc22e284590571/flagge-oesterreich.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35f1eaa1dfb800aea1bf4d612b826986c4f7ced0050f7e6829d2d099edc8f27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 513383
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Nov 2017 13:58:41 GMT
server: cloudflare
etag: W/"4622ee-1f9-55ea6d564ee42"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce16a3674c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 flagge-schweiz.svg
www.h-hotels.com/_Resources/Persistent/4/9/f/7/49f7a9b3d2a900944fb5ccc3e37e60ee9ccfcbc3/ 532 B
415 B 65ms
61ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/4/9/f/7/49f7a9b3d2a900944fb5ccc3e37e60ee9ccfcbc3/flagge-schweiz.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7f93377ddc7256235cfe1cf2112c42aef89bd8ae886c2af806fd5a191d798a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 881720
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Nov 2017 14:01:33 GMT
server: cloudflare
etag: W/"7e006d-214-55ea6dfa46cf9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce16a3874c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 flagge-ungarn.svg
www.h-hotels.com/_Resources/Persistent/4/9/a/7/49a7d0fc2571609ed5bea424c3eb430104b28303/ 497 B
385 B 57ms
54ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/4/9/a/7/49a7d0fc2571609ed5bea424c3eb430104b28303/flagge-ungarn.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf37bf9db426257646224b7a2f44c05f4c8c0f8ad2e310b5d75ad6a73642d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 881720
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Aug 2018 08:38:41 GMT
server: cloudflare
etag: W/"86011f-1f1-574162fa9ec2b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce16a3b74c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 flagge-frankreich.svg
www.h-hotels.com/_Resources/Persistent/6/0/c/5/60c5c6bdd731c0c890c9cc550f3ba25205789e4c/ 607 B
420 B 59ms
56ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/6/0/c/5/60c5c6bdd731c0c890c9cc550f3ba25205789e4c/flagge-frankreich.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d79ab50b13be1d8e676266c67b60e5c7e08f7239ff333fe840864d16f96b9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 513383
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Dec 2021 10:37:26 GMT
server: cloudflare
etag: W/"100702e-25f-5d2b43150c644"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce16a3c74c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 hotmiles-logo.svg
www.h-hotels.com/_Resources/Persistent/3/b/b/2/3bb2c197a0f825137de5024f14a694312c641ed7/ 3 KB
1 KB 72ms
69ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/3/b/b/2/3bb2c197a0f825137de5024f14a694312c641ed7/hotmiles-logo.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df654521d0366f859476fc7bbbe344194d381ab297564ba3b867d18c0aa30cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 881721
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Jul 2019 08:20:33 GMT
server: cloudflare
etag: W/"4fba1b-a83-58d6377b567c0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce16a3d74c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 mundm-logo.svg
www.h-hotels.com/_Resources/Persistent/c/6/7/6/c676d098916d549d90f52800b866301d58f59b61/ 3 KB
1 KB 58ms
55ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/c/6/7/6/c676d098916d549d90f52800b866301d58f59b61/mundm-logo.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d07f7e11a3a8b124282ce73051eabeb460577018c2ddaafe4426c9ec56922a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 881721
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Jul 2019 08:22:36 GMT
server: cloudflare
etag: W/"d024dc-a94-58d637f13e13e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce16a4074c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 payback-logo-website-20px.svg
www.h-hotels.com/_Resources/Persistent/f/4/2/d/f42d28dde1a5c6c6449c9939ebb49619fa2aead5/ 3 KB
1 KB 63ms
61ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/f/4/2/d/f42d28dde1a5c6c6449c9939ebb49619fa2aead5/payback-logo-website-20px.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e660fea2b5e4cafc2d1c4f08d4fe176649f79c5134c09130b54cad2ebb337ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 881720
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Mar 2023 08:59:29 GMT
server: cloudflare
etag: W/"640f2e-d8d-5f7ddf5f22471"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce16a4274c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 wyndham-logo-header-20px.svg
www.h-hotels.com/_Resources/Persistent/0/b/f/7/0bf7776e613b0dba28f5ee54cc44060de7daf3f0/ 3 KB
1 KB 54ms
51ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/0/b/f/7/0bf7776e613b0dba28f5ee54cc44060de7daf3f0/wyndham-logo-header-20px.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b92f1adc88e247ebd471140ecd476cb6b48466c1a0d23c995e98bd17b63063

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 513383
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 09 Oct 2023 08:07:33 GMT
server: cloudflare
etag: W/"220bbe-dad-60744151a8ec8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce16a4474c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 paris-skyline-05-2400x1349-200x112.jpg
www.h-hotels.com/_Resources/Persistent/3/4/3/d/343d47785989465713b378a89d0f4c4fac2be38c/ 6 KB
7 KB 84ms
81ms Image
image/jpeg 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/3/4/3/d/343d47785989465713b378a89d0f4c4fac2be38c/paris-skyline-05-2400x1349-200x112.jpg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21892044c96c9d332a6b6a44ce5678b967e9d0897e7206cf8b3466cc5c47ca3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 860550
cf-polished: degrade=85, origSize=6615, status=webp_bigger
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
content-length: 6553
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Aug 2023 14:35:34 GMT
server: cloudflare
etag: "d0dc25-19d7-602f71775f147"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8460dce19aa774c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 hotmiles-frau-gelb-05-2400x1349-200x112.jpg
www.h-hotels.com/_Resources/Persistent/0/5/e/1/05e11821c1e0bb06cb1460653fdcfe6f6619c530/ 3 KB
3 KB 84ms
81ms Image
image/webp 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/0/5/e/1/05e11821c1e0bb06cb1460653fdcfe6f6619c530/hotmiles-frau-gelb-05-2400x1349-200x112.jpg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90304eeba8a5c54ee50f66f1c9f0c44e400453cd9db1bc4607c247154ce5bb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15145
cf-polished: qual=85, origFmt=jpeg, origSize=3594
x-forwarded-for: (null)
x-remote-addr: (null)
content-disposition: inline; filename="hotmiles-frau-gelb-05-2400x1349-200x112.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2996
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 12:09:14 GMT
server: cloudflare
etag: "126d6bb-e0a-60ad0b44f35d1"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8460dce19aa974c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 ScrollHint.svg
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Images/Global/ 574 B
489 B 85ms
83ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Images/Global/ScrollHint.svg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeef24de12dd7f5cb2478726eaa29d7e76260f240c7e6e785f8942639f8b4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 881721
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Dec 2023 20:58:21 GMT
server: cloudflare
etag: W/"2a0a57-23e-60ce3207436aa"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8460dce19aae74c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 rocket-loader.min.js Show response
auto.newpz.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 46ms
45ms Script
application/javascript 2606:4700:3033::ac43:8038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto.newpz.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:8038 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658bfe17-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsxOVzI%2BYywuvG009JL0sEwLldBf2OFKxIqkvDByoDNlPNWLwOjGQ5ZLrh3OkTjtB96v5BFvq1GMxucwii%2B1bz%2FazBdg%2FGSe%2FvXDxj5rPtzZyp2713TB%2Fn3Ywr0khrfnj3wOBCLESJyWOGNWjws%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8460dce068d39abf-MIA
expires: Wed, 17 Jan 2024 20:28:01 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 159ms
75ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: auto.newpz.shop
URL: https://auto.newpz.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://auto.newpz.shop/
Origin: https://auto.newpz.shop
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8460dce0e95a2239-MIA

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad7a88feb119b4bbb93a6f05c4099a7266d105d73c0280a7e1b3dc421fdd55cb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0b37e1546b6e82f61ddd26957aa81a0e1e7570565554c6b52bddfbc55534d90

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78cdaeabec994c30004a02b76c4c9de2216289c12df5466c506456a8370b49cd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 LastVisitedNode.js Show response
www.h-hotels.com/_Resources/Static/Packages/Neos.Neos/JavaScript/ 147 B
257 B 67ms
66ms Script
application/x-javascript 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/Neos.Neos/JavaScript/LastVisitedNode.js

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d232f1b6099ca4cd4a7fe5a32773ea44e2e4c61bed52bd7d3ffa8d58570b7f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 881721
cf-polished: origSize=183
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 13 Dec 2023 21:46:44 GMT
server: cloudflare
etag: W/"2a280c-b7-60c6b1a631900"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 8460dce19aaf74c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H2 200 widget.min.js Show response
cdn.quicktext.im/ 3 KB
2 KB 223ms
34ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/widget.min.js

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

83d881a5d37b5cce0c069966bdc4d59d89b5aa7d7844f970cd121c2e46866381

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 15 Jan 2024 13:50:39 GMT
etag: W/"65a5382f-d76"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202802Z-sgrydbe4212et9cgc6brq1396n000000031g0000000158vm
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/hhotelsag/engage/scripts/ 192 KB
48 KB 137ms
63ms Script
application/javascript 151.101.64.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/hhotelsag/engage/scripts/evergage.min.js
Requested by: Host: auto.newpz.shop
URL: https://auto.newpz.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfd16eca9f477542cd77e9330e211fa49e7adc604fa6e9394858421ba19f7732

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: 5xhvGxTRa6u.Wr1t5B488L1feKRTAMv7
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 15 Jan 2024 20:28:02 GMT
x-amz-request-id: S3NH2693Y7Z2MVGE
age: 98
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
content-length: 48248
x-amz-id-2: t5xJ0gVLJ2UU2O+Xsyzvys/1h5MePldn1/Ebe+s0p4eizw3zRU2VcNv8W5s+kDGCHUokc1n2NQo=
x-served-by: cache-iad-kjyo7100070-IAD, cache-mia-kmia1760026-MIA
x-amz-meta-evergage-sum: a583eceb2004c038680895ed88f1922b8282db06
last-modified: Wed, 10 Jan 2024 16:13:16 GMT
server: AmazonS3
x-timer: S1705350482.233993,VS0,VE27
etag: "6f7884088cd24d0343177d0364b46199"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 20144, 1

GET
H2 200 App.min.js Show response
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/ 1 MB
309 KB 86ms
85ms Script
application/x-javascript 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/App.min.js?cb=ee3b08c8-153a-4816-ac19-7b053d87f8c1

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baaee7908c5f7fefc3c15c3cf19df6c24540ee2eefc4a76b6c4e27ac3c416360

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 881721
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Dec 2023 20:59:39 GMT
server: cloudflare
etag: W/"2a0ad2-111dbd-60ce32515733d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 8460dce19ab174c2-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H3 200 sport-winter-35-1601x1600-428x428.jpg
www.h-hotels.com/_Resources/Persistent/3/d/4/e/3d4e7b7a8a45792d58296078a9e4e28015739b0b/ 32 KB
32 KB 238ms
237ms Image
image/jpeg 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/3/d/4/e/3d4e7b7a8a45792d58296078a9e4e28015739b0b/sport-winter-35-1601x1600-428x428.jpg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab3a6d367bd40afa6733bafd9ebb3ebd89cb3afcc6b6eb4da43e3ad749e77a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 11:22:56 GMT
server: cloudflare
etag: W/"c1018-7e3e-60e3111ddfa63"
vary: Accept-Encoding
x-forwarded-for: (null)
content-type: image/jpeg
x-remote-addr: (null)
cache-control: public, max-age=31536000
cf-ray: 8460dce1f82fb3e6-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H3 200 paris-skyline-05-1601x1600-428x428.jpg
www.h-hotels.com/_Resources/Persistent/1/5/0/1/1501af94bf49fa8f4982923a7b38953489af63ce/ 50 KB
50 KB 360ms
360ms Image
image/jpeg 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/1/5/0/1/1501af94bf49fa8f4982923a7b38953489af63ce/paris-skyline-05-1601x1600-428x428.jpg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95da835e2ed0c30c157ea999fe74516c1272b257a6c12b0816938c0fcba76ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 15 Aug 2023 14:36:59 GMT
server: cloudflare
etag: W/"3026c2-c650-602f71c8b5586"
vary: Accept-Encoding
x-forwarded-for: (null)
content-type: image/jpeg
x-remote-addr: (null)
cache-control: public, max-age=31536000
cf-ray: 8460dce1f833b3e6-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H3 200 hotmiles-frau-gelb-05-1531x1530-428x428.jpg
www.h-hotels.com/_Resources/Persistent/7/e/5/c/7e5ce549bf666064bd49f2c39d802f55344e1bbf/ 19 KB
20 KB 103ms
102ms Image
image/webp 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/7/e/5/c/7e5ce549bf666064bd49f2c39d802f55344e1bbf/hotmiles-frau-gelb-05-1531x1530-428x428.jpg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82b3d2391aa20b68a66bc8fc51a4f90c40edd61b38bfcb81f0ebfb8e6b5c51ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 220107
cf-polished: qual=85, origFmt=jpeg, origSize=24040
x-forwarded-for: (null)
x-remote-addr: (null)
content-disposition: inline; filename="hotmiles-frau-gelb-05-1531x1530-428x428.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19692
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 12:09:15 GMT
server: cloudflare
etag: "220bd6-5de8-60ad0b4523371"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8460dce1f836b3e6-MIA
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET
H3 200 sport-winter-35-1680x1120.jpg
www.h-hotels.com/_Resources/Persistent/0/3/8/3/03835cfdf4cd7a62d950c90e5360691374360d8f/ 213 KB
213 KB 292ms
291ms Image
image/jpeg 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/0/3/8/3/03835cfdf4cd7a62d950c90e5360691374360d8f/sport-winter-35-1680x1120.jpg

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b15eed7924b330d8ec47008a10079485a1e2322723d8462fd1eca97865319e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 11:22:05 GMT
server: cloudflare
etag: W/"b43ea2-3549b-60e310ed9f1c0"
vary: Accept-Encoding
x-forwarded-for: (null)
content-type: image/jpeg
x-remote-addr: (null)
cache-control: public, max-age=31536000
cf-ray: 8460dce1f837b3e6-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 20:28:02 GMT

GET hhotels-icons.woff
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/ 0
0

GET MarselisWebPro.woff
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/ 0
0

GET fontawesome-webfont.woff
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/ 0
0

GET fontawesome-webfont.ttf
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 415 KB
123 KB 245ms
109ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37

Requested by

Host: auto.newpz.shop
URL: https://auto.newpz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8c7acf146891fbf935263beed8037fe8bd1d591eb572c3051b494b2ec0d5e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125378
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jan 2024 20:28:03 GMT

GET
H2 200 iz2fetpx2m Show response
www.clarity.ms/tag/ 650 B
1014 B 178ms
62ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/iz2fetpx2m
Requested by: Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/widget.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 65135b5ba71c81ca85e6ceaf02321ba78bc9f271d4d03c7502caa50375b8b591

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: -1
date: Mon, 15 Jan 2024 20:28:03 GMT
x-azure-ref: 20240115T202803Z-vpc26k547d04dcmzyzpx15tszn000000040000000001s2wd
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 main.93d769ad.js Show response
cdn.quicktext.im/static/js/ 676 KB
258 KB 76ms
75ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/static/js/main.93d769ad.js

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/widget.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6e44e3b0232921957e78aee8d2538637360c4345b68a22bcca0d14c820606e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 15 Jan 2024 13:50:39 GMT
etag: W/"65a5382f-a8f02"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202803Z-sgrydbe4212et9cgc6brq1396n000000031g0000000158ze
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 userdata.html Show response
auto.newpz.shop/hotmiles/ 2 B
634 B 1320ms
1319ms Fetch
text/html 2606:4700:3033::ac43:8038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto.newpz.shop/hotmiles/userdata.html

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/App.min.js?cb=ee3b08c8-153a-4816-ac19-7b053d87f8c1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8038 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jan 2024 20:28:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-forwarded-for: 2001:550:1d05:1::4,5.78.77.124
x-remote-addr: 185.15.194.163
x-processed-by: www.h-hotels.com
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGTXI5AikfPoGdhfl8enBXSXknl6fAIXg8iXF3iy3zlI0xWXYIIahubUPgkM4nPvvswqKuU28HBGaz3IAmbGvVg6o8Ro%2B8MY0a1GET%2FoauoTFVnABKkunoGrj14xuHdkGpdKG%2Bq%2FumbT4Gl%2BUZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
x-flow-powered: Flow/7.3 Neos/7.3
cf-ray: 8460dce7e8e46da9-MIA

GET
H3 200 citysynonymslist Show response
auto.newpz.shop/hotel-search-api/api/ 7 KB
2 KB 323ms
322ms XHR
text/html 2606:4700:3033::ac43:8038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto.newpz.shop/hotel-search-api/api/citysynonymslist

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/App.min.js?cb=ee3b08c8-153a-4816-ac19-7b053d87f8c1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8038 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b4b04aec4f16c1e800c81bef56ca5163f51424410f378bdf364ed752d357c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Cache-Control: no-cache
Referer: https://auto.newpz.shop/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451164
content-encoding: br
x-forwarded-for: 108.162.245.141
x-remote-addr: 185.15.194.163
x-processed-by: www.h-hotels.com
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 05 Jan 2024 16:49:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=369cggaoXl9KvLyC%2BjbtonacY5N4ktBWpurkd6W94m47iYkgMuVF8o8UqaDmk4Eshf3Nl4Vw34XEPTYdSt0aj9xVWcxqiXouTECWgtQTpP5dxZAtYIdCmGvoY56iceu%2FLv%2BhaUti5ijsB8wTcVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: public, max-age=31536000
x-flow-powered: Flow/7.3 Neos/7.3
cf-ray: 8460dce809296da9-MIA
expires: Tue, 14 Jan 2025 20:28:03 GMT

GET
H3 200 citylist Show response
auto.newpz.shop/hotel-search-api/api/ 379 B
767 B 315ms
314ms XHR
text/html 2606:4700:3033::ac43:8038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto.newpz.shop/hotel-search-api/api/citylist

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/App.min.js?cb=ee3b08c8-153a-4816-ac19-7b053d87f8c1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8038 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b23f50282d3f7bea86158c748d7478574eb8636cffc7b6579eb90fe5c9f14dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Cache-Control: no-cache
Referer: https://auto.newpz.shop/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 250014
content-encoding: br
x-forwarded-for: 162.158.202.105
x-remote-addr: 185.15.194.163
x-processed-by: www.h-hotels.com
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 19:44:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oouC0bj6%2F2qrW3kj6E1vnoVmwt%2BmMmLe1rZqPnD86b2o5SCp6dRtTP%2FkBuEFSfwk6w6Dl7rpMjsFTGRsmbUq5NXJ7h%2BBIlpeEam3llCmd9dMckEaXpOkVNUjWSa%2FkVoHTyrf3zwxt4eAAbxbjAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: public, max-age=31536000
x-flow-powered: Flow/7.3 Neos/7.3
cf-ray: 8460dce8092d6da9-MIA
expires: Tue, 14 Jan 2025 20:28:03 GMT

GET
H3 200 hotellist Show response
auto.newpz.shop/hotel-search-api/api/ 9 KB
2 KB 319ms
318ms XHR
text/html 2606:4700:3033::ac43:8038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto.newpz.shop/hotel-search-api/api/hotellist?workspaceName=live&dimensions%5Blanguage%5D%5B0%5D=de

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/App.min.js?cb=ee3b08c8-153a-4816-ac19-7b053d87f8c1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8038 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a6bfa3864d85ef378f07708456ef9dcbc03f13d715d67fceea5904d9abfaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Cache-Control: no-cache
Referer: https://auto.newpz.shop/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86510
content-encoding: br
x-forwarded-for: 162.158.203.127
x-remote-addr: 185.15.194.163
x-processed-by: www.h-hotels.com
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 14 Jan 2024 20:26:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHoO6IEZ31WWP1KRbv0hWE0HLOQYlrBtSKENggEmluWVwN2L%2BjMVfmNsq9ArQGfcELFvERQR7pr7wOZ9E54a0Al4qGrnaljvCHelkXQIdKMZMSJh4aaOacvq0u1BW%2BLXo2s0MRCWL6GBYDiD7TU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: public, max-age=31536000
x-flow-powered: Flow/7.3 Neos/7.3
cf-ray: 8460dce8092e6da9-MIA
expires: Tue, 14 Jan 2025 20:28:03 GMT

POST
H3 200 rum Show response
auto.newpz.shop/cdn-cgi/ 0
108 B 38ms
37ms XHR
text/plain 2606:4700:3033::ac43:8038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto.newpz.shop/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8038 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Mon, 15 Jan 2024 20:28:03 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8460dce8195c6da9-MIA
x-frame-options: DENY

GET
DATA 200
OK truncated
/ 199 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79a486a94eee24c83e86940bfd0a6f5c3f8bd4f035c46fc6dce795c5ccede58d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 528 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70d62e3bff65be7f290bbb24afebab865c207efc463781868bf6c80ba872d7a1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 168 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34caa9782480a25668f40eead52873b6261530cf1887d17e9fc811e040c7508c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39f96edb0a030c2455e37c2a404650845e728078d0b01c8afeba1b08f29ade87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a0f5aaabd55992a1582eaa371291cff90f34a1f59e838c040eac377fa35f81d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5d0ca174174d3495824ca9c661ba0a7abc6ae7ab393f4743c859e2eef4d2177

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 398936a3ce23ff445338bb6c7bf5bdfbbdfa076de75212c3a15583fb7052cdf1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85436dbd9e2d34b2151ddef42e8af89df2e61129523710f335d941cbd6663b12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 app-h-hotels-02-2400x1349-800x533.jpg
www.h-hotels.com/_Resources/Persistent/7/a/0/0/7a0063ef1ed1f39a6ae4360309f7f2638c7d08e6/ 47 KB
47 KB 231ms
230ms Image
image/jpeg 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/7/a/0/0/7a0063ef1ed1f39a6ae4360309f7f2638c7d08e6/app-h-hotels-02-2400x1349-800x533.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f97f8f7ab9b2a37926f07101f59674697a774e8b1e13b109644ba30b9d7bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 13 Mar 2023 12:13:42 GMT
server: cloudflare
etag: W/"1006b1-bc4e-5f6c70abce3b5"
vary: Accept-Encoding
x-forwarded-for: (null)
content-type: image/jpeg
x-remote-addr: (null)
cache-control: public, max-age=31536000
cf-ray: 8460dce94831b3e6-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 20:28:03 GMT

GET engage
hhotelsag.germany-2.evergage.com/api2/event/ 0
0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 67ms
66ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/iz2fetpx2m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:03 GMT
content-encoding: br
last-modified: Sun, 14 Jan 2024 14:45:32 GMT
etag: W/"0x8DC150F761A7FFF"
vary: Accept-Encoding
x-azure-ref: 20240115T202803Z-vpc26k547d04dcmzyzpx15tszn000000040000000001s2x8
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1fa7b730-801e-0077-6d00-47fb4f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=946D543BAF7A4E729CAC16A5683D4A9A&RedC=c.clarity.ms&MXFR=1DC9BC92DE55684102E8A895DA55663C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=946D543BAF7A4E729CAC16A5683D4A9A&MUID=121E39D54B6A68EF2D4E2DD24A06698D

42 B
442 B

56ms
55ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=946D543BAF7A4E729CAC16A5683D4A9A&MUID=121E39D54B6A68EF2D4E2DD24A06698D
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:28:03 GMT
last-modified: Wed, 10 Jan 2024 01:59:15 GMT
server: Microsoft-IIS/10.0
etag: "c5fcfc9c6843da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:28:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 454E0A94F434406AB1089ADF1DB11E52 Ref B: MIAEDGE2906 Ref C: 2024-01-15T20:28:04Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=946D543BAF7A4E729CAC16A5683D4A9A&MUID=121E39D54B6A68EF2D4E2DD24A06698D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 352ms
62ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 19:51:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2174
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 15 Jan 2024 21:51:49 GMT

GET
H2 200 11601.js Show response
www.dwin1.com/ 52 KB
13 KB 364ms
75ms Script
application/javascript 2600:9000:2209:c800:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/11601.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:c800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2490ff3dd602ddd217a5f8618d61423d52703aa4f1285a6ce6bd9438d0913a9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: uws73FGD6bqBSDf3TdmC2vCYPVco45wb
content-encoding: gzip
via: 1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
date: Mon, 15 Jan 2024 20:20:04 GMT
x-amz-cf-pop: EWR53-P1
age: 480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 05 Jan 2024 12:44:01 GMT
server: AmazonS3
etag: W/"177cf14cac14deddf8448ed167c2c6c8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: eoab9CXjsaXfaUOqMph73OEdN1Nsf-cBC85Qefk4IPcSyYXW18Y0tg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11070009483/ 2 KB
2 KB 365ms
80ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11070009483/?random=1705350483584&cv=11&fst=1705350483584&bg=ffffff&guid=ON&async=1&gtm=45He41a0v71170230&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauto.newpz.shop%2F&hn=www.googleadservices.com&frm=0&tiba=H-Hotels.com%20-%20Offizielle%20Webseite%20HYPERION%20%26%20H-Hotels&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4b2b7680920fe4ca2dd120654bda77b09827a9abf1694e723bce0bad1451993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1256
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OtAutoBlock.js Show response
cookie-cdn.cookiepro.com/consent/e51cbafe-d885-4f66-8ff7-7d5b9a621dc1/ 10 KB
3 KB 347ms
65ms Script
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e51cbafe-d885-4f66-8ff7-7d5b9a621dc1/OtAutoBlock.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618b3821590525a5dec1e0936e5068ae3eac2d29564f1ff6d0dda755bc2fbbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 Jan 2024 20:28:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: KTUW8TySaZRjW0LXVNSx1Q==
age: 52402
x-ms-lease-status: unlocked
last-modified: Tue, 21 Nov 2023 13:25:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b29c56c6-601e-0092-207e-1cbc9b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8460dcec5bf4da2b-MIA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1031705705/ 2 KB
1 KB 358ms
84ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1031705705/?random=1705350483597&cv=11&fst=1705350483597&bg=ffffff&guid=ON&async=1&gtm=45He41a0v71170230&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauto.newpz.shop%2F&label=8JuACJHptwQQ6aj66wM&hn=www.googleadservices.com&frm=0&tiba=H-Hotels.com%20-%20Offizielle%20Webseite%20HYPERION%20%26%20H-Hotels&auid=423744222.1705350484&uamb=0&uaw=0&data=hotel_pagetype%3Ddefault&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b1f68fe719dd30cdc6d970ef3bd744a15d2f282ebc8aae9c7a25b041cd96686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1323
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bootstrap.js Show response
onboard.triptease.io/bootstrap/v7260.93406/
Redirect Chain

https://onboard.triptease.io/bootstrap.js?integrationId=01F7Y032KYE8569FY61NJWTPND
https://onboard.triptease.io/bootstrap/v7260.93406/bootstrap.js

121 KB
37 KB

58ms
56ms

Script
application/javascript

2606:4700:3030::ac43:a4e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/bootstrap/v7260.93406/bootstrap.js

Protocol

Server

2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6abc76111bb324cb2f37fde8c418a77b7be7af4fdc5d673513443ec11970932e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:03 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
x-goog-meta-git-hash: 373c091c6fdcdbc392bebb4218cf2f6b09db008c
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26419
x-guploader-uploadid: ABPtcPretkrOHGqDg5YjkedjGSnTbslsERBoCTjffnvB0GS73Xs0SA3UY4CqrcnDWko0IwcbrV6sB-Rk_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 7260.93406
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 13:03:16 GMT
server: cloudflare
etag: W/"dbcec2369b088453fae2b2f4e4fc1a94"
vary: Accept-Encoding
x-goog-generation: 1705323796322327
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=VYMNfg==, md5=287CNpsIhFP64rL05PwalA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2B8V8xNC3%2BWlb6%2B2pbwIT996UHFq7NQlp5l0IBwd2HRw4uSowofvvuBfHQ1d2hx8G9tVKtxNr40VOfCXL5kXjZd1snru3qk4dLjESSddOYPsqj7Da1nWJEekDT6F9wFRF5dDMH1PFLL7aFwVBE3c2RBNmw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 123820
cf-ray: 8460dcecce77da3f-MIA
expires: Tue, 14 Jan 2025 13:07:41 GMT

Redirect headers

date: Mon, 15 Jan 2024 20:28:03 GMT
strict-transport-security: max-age=15552000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuM0YlR83Bhtng%2BKOJRgI5a3f5mGh%2BmnBFWF5W7GHGq4GJjjcGY21lkSLCWP%2BJtNNGBLmTb7n2Bb5gfHFwv2oXPsutlE2k5R3ypevTkrqPgO1vNI0hzdXvF2RuUQvuMZIopHMKJEHdPojuWzuYbJUC2BOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
location: https://onboard.triptease.io/bootstrap/v7260.93406/bootstrap.js
access-control-allow-origin: *
cache-control: public, max-age=600
cf-ray: 8460dcec5d9eda3f-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 63
alt-svc: h3=":443"; ma=86400

GET
H2 200 hotel_price_widget.js Show response
www.thehotelsnetwork.com/js/ 17 KB
17 KB 425ms
163ms Script
application/javascript 108.139.47.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/js/hotel_price_widget.js?account_key=494F99A289B0EC7E99803C52EF467539

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-55.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

41931a1c11d708c1ad5d998be5dc8a95ff22b1d57a2815e828b3abf00b575ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ed4584f7c263c11cf4adf75ba3a25764.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2024 14:25:14 GMT
server: nginx
x-amz-cf-pop: JFK50-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://auto.newpz.shop
cache-control: max-age=7200
access-control-allow-credentials: true
x-amz-cf-id: RbwC5_7nbXw6fWhvG1MHxvveAvq5iFRqRAR-aeedp1Ny7ckQ3sT2Aw==

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 50ms
50ms Script
application/javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 Jan 2024 20:28:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: FWT01iLvZ++xUAz3aesSug==
age: 31767
x-ms-lease-status: unlocked
last-modified: Mon, 08 Jan 2024 02:29:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2b7a1bc1-701e-0045-1099-42edae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8460dcecdcdcda2b-MIA
expires: Tue, 16 Jan 2024 20:28:03 GMT

POST
H/1.1 204
No Content dbg
www.wepowerconnections.com/ 0
290 B 541ms
271ms Ping
text/plain 104.100.68.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wepowerconnections.com/dbg
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/11601.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.100.68.178 Santa Clara, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-100-68-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://auto.newpz.shop
Date: Mon, 15 Jan 2024 20:28:04 GMT
Access-Control-Allow-Credentials: true
Awin-Akamai-Rule-Set: default
Connection: keep-alive
ETag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
Access-Control-Allow-Methods: POST

POST
H/1.1 204
No Content dbg
www.wepowerconnections.com/ 0
290 B 530ms
275ms Ping
text/plain 104.100.68.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wepowerconnections.com/dbg
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/11601.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.100.68.178 Santa Clara, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-100-68-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://auto.newpz.shop
Date: Mon, 15 Jan 2024 20:28:04 GMT
Access-Control-Allow-Credentials: true
Awin-Akamai-Rule-Set: default
Connection: keep-alive
ETag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
Access-Control-Allow-Methods: POST

GET
H2 200 /
www.google.com/pagead/1p-user-list/11070009483/ 42 B
108 B 222ms
85ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11070009483/?random=1705350483584&cv=11&fst=1705348800000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v71170230&u_w=1600&u_h=1200&url=https%3A%2F%2Fauto.newpz.shop%2F&frm=0&tiba=H-Hotels.com%20-%20Offizielle%20Webseite%20HYPERION%20%26%20H-Hotels&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Z8vDQHyKNoMOxtiVjClJgdxHISJwKw&random=35794440&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:28:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1031705705/ 42 B
455 B 219ms
84ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1031705705/?random=1705350483597&cv=11&fst=1705348800000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v71170230&u_w=1600&u_h=1200&url=https%3A%2F%2Fauto.newpz.shop%2F&label=8JuACJHptwQQ6aj66wM&frm=0&tiba=H-Hotels.com%20-%20Offizielle%20Webseite%20HYPERION%20%26%20H-Hotels&data=hotel_pagetype%3Ddefault&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_kWzh1grRCfzbSBNwebyMLeOeF5uwJQ&random=2979997155&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:28:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 76ms
76ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=630747456&t=pageview&_s=1&dl=https%3A%2F%2Fauto.newpz.shop%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=H-Hotels.com%20-%20Offizielle%20Webseite%20HYPERION%20%26%20H-Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAFK~&jid=645747651&gjid=971149172&cid=1806881592.1705350484&tid=UA-7626586-3&_gid=1847829802.1705350484&_r=1&_slc=1&gtm=45He41a0n71PF8D37v71170230&cd1=h-hotels20170804&cd2=default&cd3=empty&cd4=emtpy&cd10=1661190179-346821311&cd11=&cd14=https%3A%2F%2Fauto.newpz.shop%2F&cd15=&gcd=11l1l1l1l1&dma=0&cd8=1806881592.1705350484&cd9=pageview&z=1279988928

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:28:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auto.newpz.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
295 B 197ms
61ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://auto.newpz.shop
Date: Mon, 15 Jan 2024 20:28:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 404 0.json Show response
cookie-cdn.cookiepro.com/consent/0/ 215 B
490 B 291ms
222ms XHR
application/xml 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/0/0.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8ec94aece2adf68d3be4ab23df92b5cd8097eb40cb8b57eecb333ee1d86862f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 0ae60960-301e-0054-0dce-47771a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8460dcedbbfd0979-MIA

GET
H3 200 kernel-host.html Show response
onboard.triptease.io/kernel/v7260.93406/ Frame 8788 61 KB
20 KB 169ms
169ms Document
text/html 2606:4700:3030::ac43:a4e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v7260.93406/kernel-host.html?originHost=auto.newpz.shop

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01F7Y032KYE8569FY61NJWTPND

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87195d40c5fae06e7abcae774d1895786d834742cfa961802fdca0b53d04d447

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://auto.newpz.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: MISS
cf-ray: 8460dced7ca64c2c-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 15 Jan 2024 20:28:04 GMT
expires: Tue, 14 Jan 2025 20:28:04 GMT
last-modified: Mon, 15 Jan 2024 13:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynhucXkR6slRDBFT4Oh0HlT42SOeDGpwlUYKr2qVydzPQX8SRPScJ2E5VuoZhRwYmifID5VMmDhc7B2cNzSAls7aRn9xq4LNSHZcGKdXzHXsjeGK4s1PP5qC0hU%2FUow1RFg2BQ9lXf5L38uli3JdIcXWRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-goog-generation: 1705323774523679
x-goog-hash: crc32c=BrMeHw== md5=qf9d0t7Rhmo9+iRYtow1QQ==
x-goog-meta-build-version: 7260.93406
x-goog-meta-git-hash: 373c091c6fdcdbc392bebb4218cf2f6b09db008c
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62377
x-guploader-uploadid: ABPtcPrjwMYd0eRxPGfGkjbQCU4OFTDlYryOUEuB9nctPYg-oSbn6aqo7A1p6er6bL0jTrV-vhrqYHf-yg

GET
H2 200 get_loader_data Show response
www.thehotelsnetwork.com/ 8 KB
8 KB 140ms
139ms Fetch
application/json 108.139.47.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/get_loader_data?account_key=494F99A289B0EC7E99803C52EF467539

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?account_key=494F99A289B0EC7E99803C52EF467539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-55.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

9e4aec8d5dbe2b8e477f2d03d8864f4e05b754137b8173cd993baa09dba00704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ed4584f7c263c11cf4adf75ba3a25764.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: JFK50-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://auto.newpz.shop
access-control-allow-credentials: true
x-amz-cf-id: wyL6axxKCGgvdO0ShH2aqirOrT_OA3Xmyb2HSmSN00Ye32aa41AP8Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
347 B 207ms
65ms XHR
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7626586-3&cid=1806881592.1705350484&jid=645747651&gjid=971149172&_gid=1847829802.1705350484&_u=YGBACEAABAAAACAFK~&z=2128473794

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 15 Jan 2024 20:28:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auto.newpz.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
295 B 229ms
183ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://auto.newpz.shop
Date: Mon, 15 Jan 2024 20:28:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 index.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 324 KB
72 KB 193ms
69ms Script
application/javascript 108.139.47.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=e25c93eb

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?account_key=494F99A289B0EC7E99803C52EF467539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-55.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

5c6ce5e371f0423371135325745d32bbc904c5785f88c10cd7fd91e963b22eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auto.newpz.shop/
Origin: https://auto.newpz.shop
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:28:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
via: 1.1 b9fa5c33e059fb3ed603bd8fcb9d4aea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 3559
x-cache: Hit from cloudfront
last-modified: Mon, 15 Jan 2024 14:25:14 GMT
server: nginx
etag: W/"65a5404a-50f4c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: IKhjngePj_QJ9ux9Bh1Elr8RgthsNthBtzWbHBWJQlRNC_d5sn0zXQ==
expires: Tue, 14 Jan 2025 19:28:45 GMT

GET paris-skyline-05-2400x1349-200x112.jpg
www.h-hotels.com/_Resources/Persistent/3/4/3/d/343d47785989465713b378a89d0f4c4fac2be38c/ 0
0

GET
H3 200 paris-skyline-05-2400x1349-1680x944.jpg
www.h-hotels.com/_Resources/Persistent/7/2/8/1/7281fc28a6dd9880d18d0dd9eab8ebf25bc9cc71/ 353 KB
353 KB 236ms
231ms Image
image/jpeg 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/7/2/8/1/7281fc28a6dd9880d18d0dd9eab8ebf25bc9cc71/paris-skyline-05-2400x1349-1680x944.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7be934f08ecff4eacb95498a8bdbac0e6b1d16ef87b7ba73a33cb616987978d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 15 Aug 2023 14:36:42 GMT
server: cloudflare
etag: W/"340b1b-582e0-602f71b86a726"
vary: Accept-Encoding
x-forwarded-for: (null)
content-type: image/jpeg
x-remote-addr: (null)
cache-control: public, max-age=31536000
cf-ray: 8460dcee9a60b3e6-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 20:28:04 GMT

GET
H3 200 kernel.js
onboard.triptease.io/kernel/v7260.93406/ Frame 8788 68 KB
22 KB 54ms
53ms Other
application/javascript 2606:4700:3030::ac43:a4e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v7260.93406/kernel.js?

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e000dc29147b02aaa77381e5792c53baace322f184fc631701d15b31e56af5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onboard.triptease.io/kernel/v7260.93406/kernel-host.html?originHost=auto.newpz.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:04 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
x-goog-meta-git-hash: 373c091c6fdcdbc392bebb4218cf2f6b09db008c
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26419
x-guploader-uploadid: ABPtcPpiTGe-ENDhS5GnG62k4MINPdEePqnmmGUYkDtdbh8sKv-VP6YiMeZQudv-kazz6HBVanc_HgSw7Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 7260.93406
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 13:02:54 GMT
server: cloudflare
etag: W/"51573e0d7c9072a3f4cd8091a9d4cfb8"
vary: Accept-Encoding
x-goog-generation: 1705323774504262
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=OyxwKg==, md5=UVc+DXyQcqP0zYCRqdTPuA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uI1DzoCUeD8FLnA7BKFgA141XD9D1lB9znRozt8rjgTUD4F57EUqBa5mk1Mur%2BKeOrhM02EYwtYvtqXdS2euYLFKKpJA%2Br59hn%2Fuqr6C6BOwt1NiV%2BkmATQqAKLbVrndq9HKZSU%2BGVFuBRJp%2BYKokO9sTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 69694
cf-ray: 8460dceecf094c2c-MIA
expires: Tue, 14 Jan 2025 13:07:45 GMT

GET
H2 200 8082.a2079e2d.chunk.js Show response
cdn.quicktext.im/static/js/ 17 KB
5 KB 34ms
33ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/static/js/8082.a2079e2d.chunk.js

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/main.93d769ad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9a6af8b550d6c8dba73f41ebb6d5a1d314d1ae1bed1fe992fabab094b60cfaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 15 Jan 2024 13:50:38 GMT
etag: W/"65a5382e-433d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202804Z-sgrydbe4212et9cgc6brq1396n000000031g000000015940
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 85ms
84ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7626586-3&cid=1806881592.1705350484&jid=645747651&_u=YGBACEAABAAAACAFK~&z=1073021937

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:28:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 locate Show response
geoip.quicktext.im/ip/ 214 B
1 KB 461ms
145ms XHR
application/json 20.82.9.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip.quicktext.im/ip/locate

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/main.93d769ad.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.9.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce4c717510e805b65d6e99d854a42d3c47b7735f8c50819c1f722e57c89da99b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:04 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 214
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"d6-fHij7Twmj4o7suaYloNzmncnBno"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK get.json Show response
widget-api.quicktext.im/api/public/widget-settings/8Vcku-10RH/en/auto.newpz.shop/54e717cb0e0c-4c1e-8657-9dc54296b70e/false/ 2 KB
2 KB 765ms
260ms XHR
application/json 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-api.quicktext.im/api/public/widget-settings/8Vcku-10RH/en/auto.newpz.shop/54e717cb0e0c-4c1e-8657-9dc54296b70e/false/get.json
Requested by: Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/main.93d769ad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: cb954b05e5d4ce768341c96e4495b031668695bbdda7b21c68588674940ab8c5

Request headers

Accept: application/json, text/plain, */*
Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Jan 2024 20:28:05 GMT
Content-Type: application/json; charset=utf-8
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:20542aa0-b933-4fb4-8dd8-7aaf3868b25c

GET
H2 200 9cc85f2a.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 172 KB
45 KB 81ms
81ms Script
application/javascript 108.139.47.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/9cc85f2a.min.js?h=e25c93eb

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=e25c93eb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-55.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

ecdd6703ef909836a7c4e849a4d6a6f77d7f7ed40001abaacfafe4b3a9c9c505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auto.newpz.shop/
Origin: https://auto.newpz.shop
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:28:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
via: 1.1 b9fa5c33e059fb3ed603bd8fcb9d4aea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 3558
x-cache: Hit from cloudfront
last-modified: Mon, 15 Jan 2024 14:25:14 GMT
server: nginx
etag: W/"65a5404a-2aead"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: OnyLu1ozI9eRV8Sl6Gt906pXIPf6V7hE_ack-DOp-FIgn1C08OSebA==
expires: Tue, 14 Jan 2025 19:28:46 GMT

GET
H2 200 / Show response
www.thehotelsnetwork.com/widget/core/latest/hub/ Frame FB7F 5 KB
2 KB 63ms
62ms Document
text/html 108.139.47.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/latest/hub/

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/9cc85f2a.min.js?h=e25c93eb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-55.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

3e13c330273b6785395117d6bee07bb6485fcf16db45c12fa06c33abcb276f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auto.newpz.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 226
cache-control: max-age=7200 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 15 Jan 2024 20:24:18 GMT
etag: W/"65a5410a-12b5"
expires: Mon, 15 Jan 2024 22:24:18 GMT
last-modified: Mon, 15 Jan 2024 14:28:26 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ed4584f7c263c11cf4adf75ba3a25764.cloudfront.net (CloudFront)
x-amz-cf-id: u1XKguyN4G3i3VQAxXvul1o3JEVBMyVVudMbQb-ZHaSWWOz556LrYQ==
x-amz-cf-pop: JFK50-P1
x-cache: Hit from cloudfront

GET
H2 200 ec6c1c5195eb457d8b2cba6b15191d30.min.js Show response
js.sentry-cdn.com// 2 KB
2 KB 106ms
33ms Script
text/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com//ec6c1c5195eb457d8b2cba6b15191d30.min.js

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/9cc85f2a.min.js?h=e25c93eb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f0358c2ba9c47b7789fd2970ccc15b9d421918448dedd4a4bba9d6b571e896ee

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; frame-ancestors 'self' .sentry.io; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; font-src data:; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; object-src 'self'; style-src 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; default-src 'none'; img-src blob: data: ; media-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=475d9ef77eda88630a6977f914f25448ca3ff337
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: base-uri 'none'; frame-ancestors 'self' *.sentry.io; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; font-src * data:; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; object-src 'self'; style-src 'unsafe-inline' *; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; default-src 'none'; img-src blob: data: *; media-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=475d9ef77eda88630a6977f914f25448ca3ff337
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 20:28:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 43
x-envoy-upstream-service-time: 26
content-length: 1212
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-595769b94c-2cwvj, cache-chi-kigq8000060-CHI, cache-mia-kmia1760056-MIA
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 99268eb3.min.js Show response
www.thehotelsnetwork.com/widget/core/4.0/dist/main/ 91 KB
26 KB 73ms
69ms Script
application/javascript 108.139.47.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/99268eb3.min.js?h=e25c93eb

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=e25c93eb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-55.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

d55ba7f080c5051b6d9c47e23ad5caf6489bf59a48e7fa482c1e7a20cec894f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auto.newpz.shop/
Origin: https://auto.newpz.shop
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:28:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
via: 1.1 b9fa5c33e059fb3ed603bd8fcb9d4aea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 3557
x-cache: Hit from cloudfront
last-modified: Mon, 15 Jan 2024 14:25:14 GMT
server: nginx
etag: W/"65a5404a-16dd1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: ZysWyGA9F-HVBQvJcIcW020FvM4IaoL8qBsDGsudY0vMwb9Kkq0c0g==
expires: Tue, 14 Jan 2025 19:28:47 GMT

GET
H2 200 fonts.css
cdn.quicktext.im/assets/css/ Frame 81C8 4 KB
1 KB 34ms
33ms Stylesheet
text/css 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/assets/css/fonts.css

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/8082.a2079e2d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f7772e27aaa19d9d079c946778ac623627c060f44520a3aea092a139b614c9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Tue, 09 Jan 2024 13:40:18 GMT
etag: W/"659d4cc2-10ec"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202805Z-sgrydbe4212et9cgc6brq1396n000000031g000000015982
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 fonts.css
cdn.quicktext.im/assets/css/ Frame 55C0 4 KB
1 KB 34ms
34ms Stylesheet
text/css 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/assets/css/fonts.css

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/8082.a2079e2d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f7772e27aaa19d9d079c946778ac623627c060f44520a3aea092a139b614c9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Tue, 09 Jan 2024 13:40:18 GMT
etag: W/"659d4cc2-10ec"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202805Z-sgrydbe4212et9cgc6brq1396n000000031g000000015983
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 fonts.css
cdn.quicktext.im/assets/css/ Frame 13EC 4 KB
1 KB 34ms
34ms Stylesheet
text/css 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/assets/css/fonts.css

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/8082.a2079e2d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f7772e27aaa19d9d079c946778ac623627c060f44520a3aea092a139b614c9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Tue, 09 Jan 2024 13:40:18 GMT
etag: W/"659d4cc2-10ec"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202805Z-sgrydbe4212et9cgc6brq1396n000000031g000000015984
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 313.8f0ded60.chunk.js Show response
cdn.quicktext.im/static/js/ 2 KB
1 KB 34ms
33ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/static/js/313.8f0ded60.chunk.js

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/main.93d769ad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7395f3346927a6163ae4a3184d86c9f20e9cf980785273126b3ddd316dbbf79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 15 Jan 2024 13:50:38 GMT
etag: W/"65a5382e-973"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202805Z-sgrydbe4212et9cgc6brq1396n000000031g000000015987
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 2023.f20da7f2.chunk.js Show response
cdn.quicktext.im/static/js/ 94 KB
36 KB 67ms
66ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/static/js/2023.f20da7f2.chunk.js

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/main.93d769ad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fc8067e0e01d102158e7fd51b59df347b1f0255d45841934fda861a02f945302

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 15 Jan 2024 13:50:39 GMT
etag: W/"65a5382f-17842"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202805Z-sgrydbe4212et9cgc6brq1396n000000031g000000015994
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 9559.fb7f5165.chunk.js Show response
cdn.quicktext.im/static/js/ 298 KB
106 KB 67ms
67ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/static/js/9559.fb7f5165.chunk.js

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/main.93d769ad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

86c696e412162acfe947cd9217011dd9386a31672daeceba8ed6e8064bdce640

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 15 Jan 2024 13:50:39 GMT
etag: W/"65a5382f-4a646"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202805Z-sgrydbe4212et9cgc6brq1396n000000031g000000015995
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 7596.8b27f3d0.chunk.js Show response
cdn.quicktext.im/static/js/ 142 KB
42 KB 67ms
66ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/static/js/7596.8b27f3d0.chunk.js

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/main.93d769ad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

48fdb60ca97920e5fcf700dc3721f77547bf5dc7924746db6ef753d6772cd5af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 15 Jan 2024 13:50:38 GMT
etag: W/"65a5382e-23784"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202805Z-sgrydbe4212et9cgc6brq1396n000000031g000000015996
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 4767.99297c86.chunk.js Show response
cdn.quicktext.im/static/js/ 9 KB
4 KB 134ms
134ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/static/js/4767.99297c86.chunk.js

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/main.93d769ad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6b0326564c6d9eaa6e3bb9d13d136cee2ca5f15ce4a0cc93eb0c0d0f62733069

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 15 Jan 2024 13:50:38 GMT
etag: W/"65a5382e-232e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202805Z-sgrydbe4212et9cgc6brq1396n000000031g000000015997
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 2403.464c1748.chunk.js Show response
cdn.quicktext.im/static/js/ 4 KB
2 KB 134ms
134ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/static/js/2403.464c1748.chunk.js

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/main.93d769ad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7285200ee2d98b5fa9f8c767902e5686a05acfe520cad533c5aeb4132a06207b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 15 Jan 2024 13:50:38 GMT
etag: W/"65a5382e-f6f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202805Z-sgrydbe4212et9cgc6brq1396n000000031g000000015998
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 6008.8722066e.chunk.js Show response
cdn.quicktext.im/static/js/ 6 KB
3 KB 133ms
133ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quicktext.im/static/js/6008.8722066e.chunk.js

Requested by

Host: cdn.quicktext.im
URL: https://cdn.quicktext.im/static/js/main.93d769ad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

856b01a0a8a691f0790f4e17198d2c9cd237ec161b067070d16e6cfa3ef2fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 15 Jan 2024 13:50:38 GMT
etag: W/"65a5382e-19db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
access-control-expose-headers: Content-Length,Content-Range
x-azure-ref: 20240115T202805Z-sgrydbe4212et9cgc6brq1396n000000031g000000015999
x-robots-tag: noindex, nofollow
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

POST
H2 200 init Show response
www.thehotelsnetwork.com/agent/ 696 B
1 KB 165ms
165ms Fetch
application/json 108.139.47.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/agent/init

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=e25c93eb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-55.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

e943674448c1d2da8134dc317edcab41c3f3d1eff89f61638490aae31baf2e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ed4584f7c263c11cf4adf75ba3a25764.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: JFK50-P1
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://auto.newpz.shop
access-control-allow-credentials: true
content-length: 696
x-amz-cf-id: lCiQxwBhcCWO5FGk8j0lCeYt_dbulEWuvOQs4H5SudUb3y8qCUIc6g==

GET
H3 200 default.js Show response
onboard.triptease.io/integrations/v7260.93406/ 163 KB
52 KB 173ms
87ms Script
application/javascript 2606:4700:3030::ac43:a4e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/integrations/v7260.93406/default.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01F7Y032KYE8569FY61NJWTPND

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc0a8186f99cf5f6d3eb145376ce505d074ce5c011ac12d49dd50e3c2e8dce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://auto.newpz.shop/
Origin: https://auto.newpz.shop
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: MISS
x-goog-meta-git-hash: 373c091c6fdcdbc392bebb4218cf2f6b09db008c
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPr940evY-C2zwJmYhPOpf-IC778eWhh0fsDiGuhjeXed9omgtjI_-xSn9B6_u0A-FQ8qFsT1K2Z4g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 7260.93406
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 13:05:33 GMT
server: cloudflare
etag: W/"5f62d99221d8ccce15f2c06ac22cba0e"
vary: Accept-Encoding
x-goog-generation: 1705323933679203
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=Lg3ikw==, md5=X2LZkiHYzM4V8sBqwiy6Dg==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTwp%2FsFJZahky%2BL%2BJLgqL0SVbGRTX7JGzqoHYxeNwof%2BlPd0RqJ2VQDibbyetjj9BBriyivboR7Hk%2BpjekQ1vzTwvjh1y6Z3WLGnqVljxUK41h9ny91LAog71BlaQ9lwghIzsVFM1bw%2BHLoSc0E487grDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 167065
cf-ray: 8460dcf67cea4972-MIA
expires: Tue, 14 Jan 2025 20:09:52 GMT

POST
H2 200 get-visitor-data Show response
www.thehotelsnetwork.com/agent/ 510 B
873 B 355ms
355ms Fetch
application/json 108.139.47.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/agent/get-visitor-data

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=e25c93eb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-55.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

f35c4a3f209c8d7071cc9c3f81c726d442b6e1d8a860e1002a2b2de545373ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ed4584f7c263c11cf4adf75ba3a25764.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: JFK50-P1
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://auto.newpz.shop
access-control-allow-credentials: true
content-length: 510
x-amz-cf-id: NKBY8vK4oRfy4VewEWypfnVfAeBtpYF5RgJj0lbHlO4QIhOjVqFpgg==

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/4.6.6/ 70 KB
22 KB 102ms
32ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/4.6.6/bundle.min.js

Requested by

Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com//ec6c1c5195eb457d8b2cba6b15191d30.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

df8904bb65e8073d9386860c530bef7deb61d85cebe5ecba4e1511eba9b3f60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auto.newpz.shop/
Origin: https://auto.newpz.shop
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 28 Mar 2019 08:14:17 GMT
server: Fastly
age: 6529282
etag: "ed04e5be5fc3a144e094abbc1a740852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 22607
expires: Wed, 02 Oct 2024 16:00:46 GMT

GET
H3 200 identity Show response
onboard.triptease.io/ 161 B
832 B 52ms
52ms Fetch
application/json 2606:4700:3030::ac43:a4e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/identity

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.6.6/bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12052848dfe2ed441db65977b594506a6a9b042266c73abb8e9295f8a483985

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:06 GMT
strict-transport-security: max-age=15552000
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH1UqWp%2FcFFV4r8Tx%2FaSEevKtjZEIJQ4oyQ1kn%2FM1FLLoux8mQtuqjZXLqjdMk6cBrBYJqQOAxTsf55NPWY0SL7n1oAXfHA0gDcNxvP8XUVJIEq6%2Fe5FfhD2gEnQdyaihnDdSp86dpIUtOsJ%2FWKzTYvJmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://auto.newpz.shop
cache-control: no-store, no-cache
access-control-allow-credentials: true
cf-ray: 8460dcfa091c4c2c-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 200 / Show response
o313875.ingest.sentry.io/api/1796084/store/ 41 B
364 B 348ms
72ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o313875.ingest.sentry.io/api/1796084/store/?sentry_key=ec6c1c5195eb457d8b2cba6b15191d30&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.6.6/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7512858f11c1ab41d9d620c5f33d9311e13ee04d9b008a2526bc9f8666d3a690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 Jan 2024 20:28:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
295 B 76ms
75ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.6.6/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://auto.newpz.shop
Date: Mon, 15 Jan 2024 20:28:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 main.js Show response
static-meta.triptease.io/client/ 38 KB
13 KB 135ms
32ms Script
text/plain 151.101.1.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-meta.triptease.io/client/main.js
Requested by: Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01F7Y032KYE8569FY61NJWTPND
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.182 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 566f1ead8d6af799b2331c0c736df48b10de9287c11f4d6ed9430592c38f3a83

Request headers

Referer: https://auto.newpz.shop/
Origin: https://auto.newpz.shop
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:06 GMT
via: 1.1 google, 1.1 varnish
content-encoding: gzip
age: 74673
x-cache: HIT
x-envoy-upstream-service-time: 2
content-length: 12875
x-served-by: cache-mia-kmia1760031-MIA
server: istio-envoy
x-timer: S1705350487.650281,VS0,VE0
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800,stale-while-revalidate=1800
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 168

GET
H2 200 609cda88ee914046af1cb76abe3e4a5d Show response
static-meta.triptease.io/client/bundle-data/ 334 B
351 B 35ms
34ms Fetch
application/json 151.101.1.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-meta.triptease.io/client/bundle-data/609cda88ee914046af1cb76abe3e4a5d
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.6.6/bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.182 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 1ea1081b64cdc01c8de24fb0a7e4aa7a6db4cfd7a92d4b5f1ae5241d9e5702b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:06 GMT
via: 1.1 google, 1.1 varnish
content-encoding: gzip
age: 784
x-cache: HIT
x-envoy-upstream-service-time: 69
content-length: 254
x-served-by: cache-mia-kmia1760031-MIA
server: istio-envoy
x-timer: S1705350487.694593,VS0,VE2
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800,stale-while-revalidate=1800
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 609cda88ee914046af1cb76abe3e4a5d Show response
static-meta.triptease.io/client/bundle-data/ 334 B
320 B 33ms
33ms Fetch
application/json 151.101.1.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-meta.triptease.io/client/bundle-data/609cda88ee914046af1cb76abe3e4a5d
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.6.6/bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.182 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 1ea1081b64cdc01c8de24fb0a7e4aa7a6db4cfd7a92d4b5f1ae5241d9e5702b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:06 GMT
via: 1.1 google, 1.1 varnish
content-encoding: gzip
age: 784
x-cache: HIT
x-envoy-upstream-service-time: 69
content-length: 254
x-served-by: cache-mia-kmia1760031-MIA
server: istio-envoy
x-timer: S1705350487.698473,VS0,VE0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800,stale-while-revalidate=1800
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 85ms
84ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-351318857

Requested by

Host: static-meta.triptease.io
URL: https://static-meta.triptease.io/client/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c00ca16a1c5b4c03d85ebcd9f995588b5eed09f961e2f7c1ff0ef333e5a3f11e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72768
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jan 2024 20:28:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 89ms
88ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-351318857&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d23efd4e1d7e7bc39a02d1f92817aaccc120b223bf072ed8f87ca0356148d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72838
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jan 2024 20:28:06 GMT

GET
H2 200 wh.js Show response
p.relay-t.io/ 4 KB
4 KB 346ms
154ms Script
application/javascript 2600:9000:21ea:ac00:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.relay-t.io/wh.js

Requested by

Host: static-meta.triptease.io
URL: https://static-meta.triptease.io/client/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21ea:ac00:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea4528c781578e1ee3a4d86bbccc529b966fb1a0441d4f8b034fb98d95456199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:07 GMT
via: 1.1 ebeca2ec07c54274f6b9125c7b82aecc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-meta-content-type: application/javascript
content-length: 4051
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Aug 2023 11:43:36 GMT
server: AmazonS3
etag: "9a4e0664dd2e1fa457e3c385544d64c7"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: Gf-5amnWOTl3w8fhg0Lv8rWiEjqwj77Ys_C9Se6tmVzN8_7m9KjzLQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/351318857/ 2 KB
2 KB 82ms
81ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/351318857/?random=1705350486864&cv=11&fst=1705350486864&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauto.newpz.shop%2F&hn=www.googleadservices.com&frm=0&tiba=H-Hotels.com%20-%20Offizielle%20Webseite%20HYPERION%20%26%20H-Hotels&auid=423744222.1705350484&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-351318857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0796f4462e4ff9fcce057268f1987806ca20af72458c399f915e75e72a17764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/351318857/ 42 B
64 B 83ms
83ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/351318857/?random=1705350486864&cv=11&fst=1705348800000&bg=ffffff&guid=ON&async=1&gtm=45be41a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauto.newpz.shop%2F&frm=0&tiba=H-Hotels.com%20-%20Offizielle%20Webseite%20HYPERION%20%26%20H-Hotels&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_qr-i4-hS0zRtgaL2ZKzR9_A7PYyOZh-ZhEVp6bz28bFVZqRa&random=2950673429&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:28:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 batch
onboard.triptease.io/message/ 0
478 B 128ms
128ms Ping
text/html 2606:4700:3030::ac43:a4e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/message/batch

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01F7Y032KYE8569FY61NJWTPND

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:a4e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 Jan 2024 20:28:07 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPSLzJQqaxWUy7SUq5GRoAkGLnciYvPgeeF%2Ff670nC98Y6fYEoSdozp2drSUgmM5qVGvnaqG5xfx6%2FbQ88KmG6Dm2k%2F%2BJ0Bxbw5lbcZTHDAiz%2BiqUyLsv04RLKTV8kkcB01Lc9cZo0rEdQbxXPOyCSF2QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: d0c526e425c3ebba1238113f9bf17dcb
cf-ray: 8460dd002c4a4c2c-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 beat.js Show response
p.relay-t.io/ 41 B
620 B 519ms
386ms XHR
application/javascript 2600:9000:21ea:ac00:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.relay-t.io/beat.js?type=tg&idhotel=idH&pmsId=pms&tkraw=&tk=&ref=https%3A%2F%2Fauto.newpz.shop%2F

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.6.6/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21ea:ac00:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

054adbdcec8e7b39edf0d9dba9c85da6ca3176979ece5d5b1d6c6f745247fa8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://auto.newpz.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:28:08 GMT
via: 1.1 ce0d380336eb1f624e574285078b47f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-meta-content-type: application/javascript
content-length: 41
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Aug 2023 11:43:36 GMT
server: AmazonS3
etag: "7572208be7a56e654e45ff98629938c3"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: 0OYcVXNKG8WlvC-Vv9ZaC5kJS_SF185gmzVm3BYQlYFoAXhErMC8RA==

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
295 B 63ms
63ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.6.6/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://auto.newpz.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://auto.newpz.shop
Date: Mon, 15 Jan 2024 20:28:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/MarselisWebPro.woff2

Domain: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/hhotels-icons.woff2

Domain: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.woff2?v=4.5.0

Domain: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/hhotels-icons.woff

Domain: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/MarselisWebPro.woff

Domain: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.woff?v=4.5.0

Domain: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.ttf?v=4.5.0

Domain: hhotelsag.germany-2.evergage.com
URL: https://hhotelsag.germany-2.evergage.com/api2/event/engage?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6ImhvbWUiLCJjb250ZW50Wm9uZXMiOlsiZ2xvYmFsX3BvcHVwIiwiaW5mb2xpbmtfbmF2aV90b3AiLCJob21lX2ZpcnN0X3NsaWRlIiwiaG9tZV9maXJzdF9zbGlkZV9zbWFsbCIsImhvbWVfdGhpcmRfc2xpZGUiLCJob21lX3RoaXJkX3NsaWRlX3NtYWxsIiwibGFzdF92aWV3ZWRfcHJvcGVydHkiLCJzb2NpYWxfcHJvb2YiLCJnbG9iYWxfaW5mb2Jhcl90b3Bfb2ZfcGFnZSIsImNtc19wb3B1cCJdLCJ1cmwiOiJodHRwczovL2F1dG8ubmV3cHouc2hvcC8iLCJ1cmxSZWZlcnJlciI6IiIsImNoYW5uZWwiOiJXZWIiLCJiZWFjb25WZXJzaW9uIjoxNiwiY29uZmlnVmVyc2lvbiI6IjIwNiJ9LCJmbGFncyI6eyJwYWdlVmlldyI6dHJ1ZX0sInVzZXIiOnt9LCJwZXJmb3JtYW5jZSI6e30sImRlYnVnIjp7ImV4cGxhbmF0aW9ucyI6dHJ1ZX0sImNhdGFsb2ciOnt9LCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJfdG9vbHNFdmVudExpbmtJZCI6IjY3NTQ5NzAzNDQ5ODk4MSJ9

Domain: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Persistent/3/4/3/d/343d47785989465713b378a89d0f4c4fac2be38c/paris-skyline-05-2400x1349-200x112.jpg

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thehotelsnetwork.com/widget/core/latest/hub	1970-01-21 02:28:06	Name: thn_id Value: TFE3Oj84NkNBQzo/RVFpUWRjNzNkaGZmYjQ1ZmI2N19nN2E3ZmhmYGAyZWdhMmhlUVtRREBGQzQ2UWlRNzo/ODZDQUM6P0V5RG9iXWNdYVFbUUVAPDY/UWlRNkp5OTN2NDp+Onl4Jkt4YH06eER4PyNkNHJ4ZXg8QSkncnloXTZKeTkqP303KmFJRSlifTsydWhhKyl4On46eEl7O3BGfHJ4RHg+dTo0YGg+MihkPyspeUg0Pj1GNXJ4ZXg6eER4PnU6NGBoSzUoeTc1dz1IKyR4ZXg/K0E0YT1fM2J4OntyeTkqP303NXY9RjV2aDcyKCI6fjp4OntyeTk1KCI6fj1EOiooeUt4PV9EeD49SzRKeGV4PSN4JTp4RHg+QV8yJHhleDtwSSR0X2IiYD1+Il9jS3wmKyQjPCcyfXMjeCN1KkojX3xIeDpIOjRiJzp4O0A6fHN1eCUlNXMoJmRyJF81ciMmKmAkdXklfDxFKSZ0QEsjO3Q6NyJdYXAoQSdhJCY4JCklMz90NkJBOSR7OzY6YiF5J2Z2Iyl7RUY0eXNhSD5kJlFO
www.clarity.ms/	1970-01-21 02:28:06	Name: CLID Value: 72164df0b03a4cd6b2a048ca36db3b71.20240115.20250114
.newpz.shop/	1970-01-20 19:52:06	Name: _gcl_au Value: 1.1.423744222.1705350484
.newpz.shop/	1970-01-21 02:28:06	Name: _clck Value: py7v9j%7C2%7Cfif%7C0%7C1475
.newpz.shop/	1970-01-21 03:18:30	Name: _ga Value: GA1.2.1806881592.1705350484
.newpz.shop/	1970-01-20 17:43:56	Name: _gid Value: GA1.2.1847829802.1705350484
.newpz.shop/	1970-01-20 17:42:30	Name: _gat_UA-7626586-3 Value: 1
hhotelsag.germany-2.evergage.com/	1970-01-20 17:52:35	Name: AWSALBTGCORS Value: jxJ3MmTBRUBRflT8J1CXf+OnWRVo+VaiS2t4tPmw+QGXo1c8xD7rj2pZ4o6VAOZxYarEz4tMxQVBlhfFCXMRLguy8DLVWgWJGSe8BRLqCBk+n4HPY7Z8EPfPWKb6cUDL8CRFJQUTh2CR9ZH3fAeUjNqRmwvWPLns6SPyVzpKf7Rr6Vv3twQ=
.bing.com/	1970-01-21 03:04:06	Name: MUID Value: 121E39D54B6A68EF2D4E2DD24A06698D
.c.bing.com/	1970-01-20 17:52:35	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:04:06	Name: SRM_B Value: 121E39D54B6A68EF2D4E2DD24A06698D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:04:06	Name: MUID Value: 121E39D54B6A68EF2D4E2DD24A06698D
.c.clarity.ms/	1970-01-20 17:52:35	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:42:31	Name: ANONCHK Value: 0
.newpz.shop/	1970-01-20 17:43:56	Name: _clsk Value: 10hfq70%7C1705350484222%7C1%7C1%7Ct.clarity.ms%2Fcollect
auto.newpz.shop/	1969-12-31 23:59:59	Name: Neos_Session Value: cIkZeXnT5HnVuyj1kx9V7QH8ZyntHvlT
.triptease.io/	1970-01-21 02:29:32	Name: triptease-user-id Value: 01HM7CYP2JE7EQ8S82RNJWFWS5
.triptease.io/	1970-01-20 17:42:59	Name: triptease-session-id Value: 01HM7CYP2J6FMTV15ASSW5S3ZG
.doubleclick.net/	1970-01-21 03:18:30	Name: IDE Value: AHWqTUlkpTBF9xIGjE_ga9I39DIHlmVrzU1uQJ5mQeG5PcyeEjdJYI-m7zhqt4de

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://auto.newpz.shop/ Message: Access to font at 'https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/hhotels-icons.woff2' from origin 'https://auto.newpz.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/hhotels-icons.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auto.newpz.shop/ Message: Access to font at 'https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/MarselisWebPro.woff2' from origin 'https://auto.newpz.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/MarselisWebPro.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auto.newpz.shop/ Message: Access to font at 'https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.woff2?v=4.5.0' from origin 'https://auto.newpz.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.woff2?v=4.5.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auto.newpz.shop/ Message: Access to font at 'https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/hhotels-icons.woff' from origin 'https://auto.newpz.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/hhotels-icons.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auto.newpz.shop/ Message: Access to font at 'https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/MarselisWebPro.woff' from origin 'https://auto.newpz.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/MarselisWebPro.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auto.newpz.shop/ Message: Access to font at 'https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.woff?v=4.5.0' from origin 'https://auto.newpz.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.woff?v=4.5.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auto.newpz.shop/ Message: Access to font at 'https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.ttf?v=4.5.0' from origin 'https://auto.newpz.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.ttf?v=4.5.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auto.newpz.shop/ Message: Access to XMLHttpRequest at 'https://hhotelsag.germany-2.evergage.com/api2/event/engage?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6ImhvbWUiLCJjb250ZW50Wm9uZXMiOlsiZ2xvYmFsX3BvcHVwIiwiaW5mb2xpbmtfbmF2aV90b3AiLCJob21lX2ZpcnN0X3NsaWRlIiwiaG9tZV9maXJzdF9zbGlkZV9zbWFsbCIsImhvbWVfdGhpcmRfc2xpZGUiLCJob21lX3RoaXJkX3NsaWRlX3NtYWxsIiwibGFzdF92aWV3ZWRfcHJvcGVydHkiLCJzb2NpYWxfcHJvb2YiLCJnbG9iYWxfaW5mb2Jhcl90b3Bfb2ZfcGFnZSIsImNtc19wb3B1cCJdLCJ1cmwiOiJodHRwczovL2F1dG8ubmV3cHouc2hvcC8iLCJ1cmxSZWZlcnJlciI6IiIsImNoYW5uZWwiOiJXZWIiLCJiZWFjb25WZXJzaW9uIjoxNiwiY29uZmlnVmVyc2lvbiI6IjIwNiJ9LCJmbGFncyI6eyJwYWdlVmlldyI6dHJ1ZX0sInVzZXIiOnt9LCJwZXJmb3JtYW5jZSI6e30sImRlYnVnIjp7ImV4cGxhbmF0aW9ucyI6dHJ1ZX0sImNhdGFsb2ciOnt9LCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJfdG9vbHNFdmVudExpbmtJZCI6IjY3NTQ5NzAzNDQ5ODk4MSJ9' from origin 'https://auto.newpz.shop' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://hhotelsag.germany-2.evergage.com/api2/event/engage?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6ImhvbWUiLCJjb250ZW50Wm9uZXMiOlsiZ2xvYmFsX3BvcHVwIiwiaW5mb2xpbmtfbmF2aV90b3AiLCJob21lX2ZpcnN0X3NsaWRlIiwiaG9tZV9maXJzdF9zbGlkZV9zbWFsbCIsImhvbWVfdGhpcmRfc2xpZGUiLCJob21lX3RoaXJkX3NsaWRlX3NtYWxsIiwibGFzdF92aWV3ZWRfcHJvcGVydHkiLCJzb2NpYWxfcHJvb2YiLCJnbG9iYWxfaW5mb2Jhcl90b3Bfb2ZfcGFnZSIsImNtc19wb3B1cCJdLCJ1cmwiOiJodHRwczovL2F1dG8ubmV3cHouc2hvcC8iLCJ1cmxSZWZlcnJlciI6IiIsImNoYW5uZWwiOiJXZWIiLCJiZWFjb25WZXJzaW9uIjoxNiwiY29uZmlnVmVyc2lvbiI6IjIwNiJ9LCJmbGFncyI6eyJwYWdlVmlldyI6dHJ1ZX0sInVzZXIiOnt9LCJwZXJmb3JtYW5jZSI6e30sImRlYnVnIjp7ImV4cGxhbmF0aW9ucyI6dHJ1ZX0sImNhdGFsb2ciOnt9LCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJfdG9vbHNFdmVudExpbmtJZCI6IjY3NTQ5NzAzNDQ5ODk4MSJ9 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cookie-cdn.cookiepro.com/consent/0/0.json Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/9cc85f2a.min.js?h=e25c93eb Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auto.newpz.shop
browser.sentry-cdn.com
c.bing.com
c.clarity.ms
cdn.evgnet.com
cdn.quicktext.im
cookie-cdn.cookiepro.com
geoip.quicktext.im
googleads.g.doubleclick.net
hhotelsag.germany-2.evergage.com
js.sentry-cdn.com
o313875.ingest.sentry.io
onboard.triptease.io
p.relay-t.io
static-meta.triptease.io
static.cloudflareinsights.com
stats.g.doubleclick.net
t.clarity.ms
widget-api.quicktext.im
www.clarity.ms
www.dwin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.h-hotels.com
www.thehotelsnetwork.com
www.wepowerconnections.com
hhotelsag.germany-2.evergage.com
www.h-hotels.com
104.100.68.178
108.139.47.55
13.69.68.43
151.101.1.182
151.101.64.114
20.110.205.119
20.114.189.70
20.82.9.244
2600:9000:21ea:ac00:1d:40aa:1fc0:93a1
2600:9000:2209:c800:f:8ce2:fb80:93a1
2606:4700:3030::ac43:a4e2
2606:4700:3033::ac43:8038
2606:4700:4400::ac40:936c
2606:4700::6810:3865
2606:4700::6812:aa54
2607:f8b0:4004:c06::9b
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81d::2008
2620:1ec:bdf::40
2620:1ec:c11::200
2a04:4e42:200::729
2a04:4e42::729
34.120.195.249
054adbdcec8e7b39edf0d9dba9c85da6ca3176979ece5d5b1d6c6f745247fa8a
1e000dc29147b02aaa77381e5792c53baace322f184fc631701d15b31e56af5e
1ea1081b64cdc01c8de24fb0a7e4aa7a6db4cfd7a92d4b5f1ae5241d9e5702b8
21892044c96c9d332a6b6a44ce5678b967e9d0897e7206cf8b3466cc5c47ca3e
2490ff3dd602ddd217a5f8618d61423d52703aa4f1285a6ce6bd9438d0913a9d
2d23efd4e1d7e7bc39a02d1f92817aaccc120b223bf072ed8f87ca0356148d83
34caa9782480a25668f40eead52873b6261530cf1887d17e9fc811e040c7508c
35f1eaa1dfb800aea1bf4d612b826986c4f7ced0050f7e6829d2d099edc8f27b
398936a3ce23ff445338bb6c7bf5bdfbbdfa076de75212c3a15583fb7052cdf1
39f96edb0a030c2455e37c2a404650845e728078d0b01c8afeba1b08f29ade87
3b1f68fe719dd30cdc6d970ef3bd744a15d2f282ebc8aae9c7a25b041cd96686
3e13c330273b6785395117d6bee07bb6485fcf16db45c12fa06c33abcb276f81
40f97f8f7ab9b2a37926f07101f59674697a774e8b1e13b109644ba30b9d7bd9
41931a1c11d708c1ad5d998be5dc8a95ff22b1d57a2815e828b3abf00b575ac4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46985366c02484321957c6aee3455a3bc5dd5d7342594dacc5787ec79837437d
48fdb60ca97920e5fcf700dc3721f77547bf5dc7924746db6ef753d6772cd5af
49b4b04aec4f16c1e800c81bef56ca5163f51424410f378bdf364ed752d357c9
566f1ead8d6af799b2331c0c736df48b10de9287c11f4d6ed9430592c38f3a83
5c6ce5e371f0423371135325745d32bbc904c5785f88c10cd7fd91e963b22eaa
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
618b3821590525a5dec1e0936e5068ae3eac2d29564f1ff6d0dda755bc2fbbae
63a6bfa3864d85ef378f07708456ef9dcbc03f13d715d67fceea5904d9abfaa1
65135b5ba71c81ca85e6ceaf02321ba78bc9f271d4d03c7502caa50375b8b591
68b92f1adc88e247ebd471140ecd476cb6b48466c1a0d23c995e98bd17b63063
6a0f5aaabd55992a1582eaa371291cff90f34a1f59e838c040eac377fa35f81d
6abc76111bb324cb2f37fde8c418a77b7be7af4fdc5d673513443ec11970932e
6b0326564c6d9eaa6e3bb9d13d136cee2ca5f15ce4a0cc93eb0c0d0f62733069
6d07f7e11a3a8b124282ce73051eabeb460577018c2ddaafe4426c9ec56922a3
6df654521d0366f859476fc7bbbe344194d381ab297564ba3b867d18c0aa30cb
6e44e3b0232921957e78aee8d2538637360c4345b68a22bcca0d14c820606e42
70d62e3bff65be7f290bbb24afebab865c207efc463781868bf6c80ba872d7a1
7285200ee2d98b5fa9f8c767902e5686a05acfe520cad533c5aeb4132a06207b
7395f3346927a6163ae4a3184d86c9f20e9cf980785273126b3ddd316dbbf79c
7512858f11c1ab41d9d620c5f33d9311e13ee04d9b008a2526bc9f8666d3a690
78cdaeabec994c30004a02b76c4c9de2216289c12df5466c506456a8370b49cd
79a486a94eee24c83e86940bfd0a6f5c3f8bd4f035c46fc6dce795c5ccede58d
828cf349c051bfa5aedcf73f487862c5c0a04ce1199f9d6541f02bc434e40cd2
82b3d2391aa20b68a66bc8fc51a4f90c40edd61b38bfcb81f0ebfb8e6b5c51ae
83d881a5d37b5cce0c069966bdc4d59d89b5aa7d7844f970cd121c2e46866381
85436dbd9e2d34b2151ddef42e8af89df2e61129523710f335d941cbd6663b12
85665020508de909a7508dc7919bbe84e446d779e4ed3025395a707d976ad198
856b01a0a8a691f0790f4e17198d2c9cd237ec161b067070d16e6cfa3ef2fb95
86c696e412162acfe947cd9217011dd9386a31672daeceba8ed6e8064bdce640
87195d40c5fae06e7abcae774d1895786d834742cfa961802fdca0b53d04d447
8d79ab50b13be1d8e676266c67b60e5c7e08f7239ff333fe840864d16f96b9a2
90304eeba8a5c54ee50f66f1c9f0c44e400453cd9db1bc4607c247154ce5bb04
95da835e2ed0c30c157ea999fe74516c1272b257a6c12b0816938c0fcba76ff3
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a6af8b550d6c8dba73f41ebb6d5a1d314d1ae1bed1fe992fabab094b60cfaf7
9b15eed7924b330d8ec47008a10079485a1e2322723d8462fd1eca97865319e6
9cc0a8186f99cf5f6d3eb145376ce505d074ce5c011ac12d49dd50e3c2e8dce5
9e4aec8d5dbe2b8e477f2d03d8864f4e05b754137b8173cd993baa09dba00704
9e660fea2b5e4cafc2d1c4f08d4fe176649f79c5134c09130b54cad2ebb337ec
a7be934f08ecff4eacb95498a8bdbac0e6b1d16ef87b7ba73a33cb616987978d
a8ec94aece2adf68d3be4ab23df92b5cd8097eb40cb8b57eecb333ee1d86862f
ab3a6d367bd40afa6733bafd9ebb3ebd89cb3afcc6b6eb4da43e3ad749e77a07
ad7a88feb119b4bbb93a6f05c4099a7266d105d73c0280a7e1b3dc421fdd55cb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b23f50282d3f7bea86158c748d7478574eb8636cffc7b6579eb90fe5c9f14dce
baaee7908c5f7fefc3c15c3cf19df6c24540ee2eefc4a76b6c4e27ac3c416360
c00ca16a1c5b4c03d85ebcd9f995588b5eed09f961e2f7c1ff0ef333e5a3f11e
c0796f4462e4ff9fcce057268f1987806ca20af72458c399f915e75e72a17764
cb954b05e5d4ce768341c96e4495b031668695bbdda7b21c68588674940ab8c5
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce4c717510e805b65d6e99d854a42d3c47b7735f8c50819c1f722e57c89da99b
ce8b04c5832326994a174ea2b92baee7a9125f89db4b73f641ad73a122c3f0f5
cef87ebe89e4f3c7599d3406e97adb7b86ebf204f050b2750f01cb980dd40dde
d12052848dfe2ed441db65977b594506a6a9b042266c73abb8e9295f8a483985
d232f1b6099ca4cd4a7fe5a32773ea44e2e4c61bed52bd7d3ffa8d58570b7f46
d55ba7f080c5051b6d9c47e23ad5caf6489bf59a48e7fa482c1e7a20cec894f1
d5d0ca174174d3495824ca9c661ba0a7abc6ae7ab393f4743c859e2eef4d2177
daf37bf9db426257646224b7a2f44c05f4c8c0f8ad2e310b5d75ad6a73642d44
ddeef24de12dd7f5cb2478726eaa29d7e76260f240c7e6e785f8942639f8b4a8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8904bb65e8073d9386860c530bef7deb61d85cebe5ecba4e1511eba9b3f60f
dfd16eca9f477542cd77e9330e211fa49e7adc604fa6e9394858421ba19f7732
e0b37e1546b6e82f61ddd26957aa81a0e1e7570565554c6b52bddfbc55534d90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c7acf146891fbf935263beed8037fe8bd1d591eb572c3051b494b2ec0d5e20
e943674448c1d2da8134dc317edcab41c3f3d1eff89f61638490aae31baf2e90
ea4528c781578e1ee3a4d86bbccc529b966fb1a0441d4f8b034fb98d95456199
ecdd6703ef909836a7c4e849a4d6a6f77d7f7ed40001abaacfafe4b3a9c9c505
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7f93377ddc7256235cfe1cf2112c42aef89bd8ae886c2af806fd5a191d798a
f0358c2ba9c47b7789fd2970ccc15b9d421918448dedd4a4bba9d6b571e896ee
f35c4a3f209c8d7071cc9c3f81c726d442b6e1d8a860e1002a2b2de545373ee9
f4b2b7680920fe4ca2dd120654bda77b09827a9abf1694e723bce0bad1451993
f7772e27aaa19d9d079c946778ac623627c060f44520a3aea092a139b614c9e4
fc8067e0e01d102158e7fd51b59df347b1f0255d45841934fda861a02f945302

auto.newpz.shop Open in urlscan Pro 2606:4700:3033::ac43:8038 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

89 %HTTPS

64 %IPv6

20 Domains

27 Subdomains

25 IPs

2 Countries

2340 kBTransfer

5918 kBSize

20 Cookies

15 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auto.newpz.shop Open in urlscan Pro
2606:4700:3033::ac43:8038 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

89 %
HTTPS

64 %
IPv6

20
Domains

27
Subdomains

25
IPs

2
Countries

2340 kB
Transfer

5918 kB
Size

20
Cookies

104 HTTP transactions
11 data transactions