au.dirhotels.com Open in urlscan Pro
91.196.124.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://au.dirhotels.com/login.php
Submission Tags: krdtest
Submission: On July 24 via api (July 24th 2021, 8:11:38 pm UTC) from JP

Summary HTTP 84 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 84 HTTP transactions. The main IP is 91.196.124.156, located in Bulgaria and belongs to SUPERHOSTING_AS, BG. The main domain is au.dirhotels.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 21st 2021. Valid for: 3 months.

This is the only time au.dirhotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	91.196.124.156 91.196.124.156	201200 (SUPERHOST...) (SUPERHOSTING_AS)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
21	2600:9000:218... 2600:9000:2182:3e00:1d:ff62:dec0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.22.52.65 104.22.52.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	185.28.221.4 185.28.221.4	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	37.10.0.220 37.10.0.220	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
10	2600:9000:218... 2600:9000:2182:6e00:1f:e2ee:200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
84	18

7 91.196.124.156 (Bulgaria)

ASN201200 (SUPERHOSTING_AS, BG)
PTR: host124-156.superhosting.bg

au.dirhotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us.dirhotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:2182:3e00:1d:ff62:dec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

t-ec.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-ec.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.28.221.4 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)

aff.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.10.0.220 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2182:6e00:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	bstatic.com t-ec.bstatic.com s-ec.bstatic.com aff.bstatic.com cf.bstatic.com	2 MB
15	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	222 KB
7	dirhotels.com au.dirhotels.com us.dirhotels.com	81 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	63 KB
6	doubleclick.net googleads.g.doubleclick.net	35 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	google.com adservice.google.com www.google.com	1 KB
2	booking.com www.booking.com	36 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.de adservice.google.de	439 B
2	statcounter.com www.statcounter.com c.statcounter.com	14 KB
1	googleadservices.com partner.googleadservices.com	660 B
1	fontawesome.com use.fontawesome.com	8 KB
1	ampproject.org cdn.ampproject.org	7 KB
84	14

	Domain	Requested by
12	t-ec.bstatic.com	au.dirhotels.com
10	cf.bstatic.com	www.booking.com cf.bstatic.com
9	s-ec.bstatic.com	au.dirhotels.com
8	pagead2.googlesyndication.com	au.dirhotels.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	au.dirhotels.com	au.dirhotels.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	au.dirhotels.com googleads.g.doubleclick.net
2	www.booking.com	aff.bstatic.com cf.bstatic.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	c.statcounter.com	www.statcounter.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	aff.bstatic.com	au.dirhotels.com
1	us.dirhotels.com	au.dirhotels.com
1	www.statcounter.com	au.dirhotels.com
1	use.fontawesome.com	au.dirhotels.com
1	cdn.ampproject.org	au.dirhotels.com
84	22

This site contains links to these domains. Also see Links.

Domain
dirhotels.com
eapteka247.com

Subject Issuer	Validity	Valid
au.dirhotels.com cPanel, Inc. Certification Authority	`2021-07-21` - `2021-10-19`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.bstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-28` - `2021-12-24`	a year	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-11-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
us.dirhotels.com cPanel, Inc. Certification Authority	`2021-05-16` - `2021-08-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.booking.com DigiCert ECC Secure Server CA	`2020-10-14` - `2021-10-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://au.dirhotels.com/login.php
Frame ID: 8AFD60DCBBC140E0311A8D491B41536A
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Frame ID: E36FEB5D73AA7FA8855A61C3987CC2F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4799802982166754&output=html&adk=1812271804&adf=3025194257&lmt=1627157479&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157479341&bpp=3&bdt=265&idt=59&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5670490626763&frm=20&pv=2&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&pvsid=1012566220902837&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=76
Frame ID: E9B65F5852EAF20A70A9BB88DFF35391
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4799802982166754&output=html&h=280&slotname=9422759423&adk=1974736439&adf=1862265143&pi=t.ma~as.9422759423&w=740&fwrn=4&fwrnh=100&lmt=1627157479&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157479344&bpp=2&bdt=267&idt=77&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670490626763&frm=20&pv=1&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&pvsid=1012566220902837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AC2rseSjxm&p=https%3A//au.dirhotels.com&dtd=80
Frame ID: 2AD645AE2D59F5B9FCC9F114CF9C5CE6
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4799802982166754&output=html&h=280&adk=1283731946&adf=661815038&pi=t.aa~a.2826166470~rp.2&w=1105&fwrn=4&fwrnh=100&lmt=1627157480&rafmt=1&to=qs&pwprc=9987598980&psa=0&format=1105x280&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157480073&bpp=1&bdt=997&idt=0&shv=r20210720&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a533079c813949b-22dee2038bc80090%3AT%3D1627157479%3ART%3D1627157479%3AS%3DALNI_MbightsJILrFhLlxEl6_pjO8zlUyg&prev_fmts=0x0%2C740x280&nras=2&correlator=5670490626763&frm=20&pv=1&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=248&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&psts=AGkb-H9KORRQgd4vhGJNXgdpItjM0ZIDTXZhlOfI26SxObaOZ3mHPQMsoUdv6B7GRa2mQl0nkGatTZ9dW5pw8A&pvsid=1012566220902837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=edsT9jsZDB&p=https%3A//au.dirhotels.com&dtd=8
Frame ID: 6EF225368FEC70328E9B50BE90754573
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
Frame ID: 10EC7DB9A3F749853758330647C2A441
Requests: 1 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&
Frame ID: 9F9C45F5BC241C99BC9F2BD2E5512BA7
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4753FA162B921BE7B5DC4823C1546847
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E9AAA40FC6463766C1921111CC13E9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

84
Requests

100 %
HTTPS

71 %
IPv6

14
Domains

22
Subdomains

18
IPs

4
Countries

2347 kB
Transfer

3392 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://dirhotels.com/contact.php
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://dirhotels.com/terms.php
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://eapteka247.com/
Title: Eapteka

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.php Show response
au.dirhotels.com/ 30 KB
6 KB 302ms
141ms Document
text/html 91.196.124.156
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dirhotels.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.196.124.156 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host124-156.superhosting.bg
Software: Apache /
Resource Hash: c552b0c3b45a136e4cdf6bafbb5e30a3da4c3a3814b0f4b4f7e34d40abc25892

Request headers

:method: GET
:authority: au.dirhotels.com
:scheme: https
:path: /login.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:17 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=2bntbdh9ng5r097ijlc9dbj294; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
accept-ranges: none
content-length: 5529
content-type: text/html; charset=utf-8

GET
H2 200 bootstrap.min.css
au.dirhotels.com/style/css/ 97 KB
16 KB 75ms
74ms Stylesheet
text/css 91.196.124.156
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dirhotels.com/style/css/bootstrap.min.css?v=1
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.196.124.156 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host124-156.superhosting.bg
Software: Apache /
Resource Hash: b6b3468fd8d3aea06885acdb6b293693adb6799a35b70ac50e5389a1c1dc42e3

Request headers

:path: /style/css/bootstrap.min.css?v=1
pragma: no-cache
cookie: PHPSESSID=2bntbdh9ng5r097ijlc9dbj294
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.dirhotels.com
referer: https://au.dirhotels.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.dirhotels.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:17 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 12:39:06 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: none
content-length: 16681

GET
H2 200 font-awesome.min.css
au.dirhotels.com/style/css/ 23 KB
5 KB 71ms
70ms Stylesheet
text/css 91.196.124.156
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dirhotels.com/style/css/font-awesome.min.css
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.196.124.156 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host124-156.superhosting.bg
Software: Apache /
Resource Hash: 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

:path: /style/css/font-awesome.min.css
pragma: no-cache
cookie: PHPSESSID=2bntbdh9ng5r097ijlc9dbj294
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.dirhotels.com
referer: https://au.dirhotels.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.dirhotels.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:17 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 12:39:06 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: none
content-length: 5443

GET
H2 200 style.css
au.dirhotels.com/style/css/ 57 KB
12 KB 119ms
118ms Stylesheet
text/css 91.196.124.156
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dirhotels.com/style/css/style.css?v=2
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.196.124.156 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host124-156.superhosting.bg
Software: Apache /
Resource Hash: f520c5a20344d6c072d89a0da28570d671820996f1cb796100644628b67ea8db

Request headers

:path: /style/css/style.css?v=2
pragma: no-cache
cookie: PHPSESSID=2bntbdh9ng5r097ijlc9dbj294
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.dirhotels.com
referer: https://au.dirhotels.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.dirhotels.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:17 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 12:39:06 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: none
content-length: 12409

GET
H2 200 jquery.min.js Show response
au.dirhotels.com/style/js/ 94 KB
33 KB 122ms
121ms Script
application/javascript 91.196.124.156
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dirhotels.com/style/js/jquery.min.js
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.196.124.156 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host124-156.superhosting.bg
Software: Apache /
Resource Hash: c8963b6bd2ca8497603794bf9adcbff7a3ea55c9c3edef3d5a992405ee256a90

Request headers

:path: /style/js/jquery.min.js
pragma: no-cache
cookie: PHPSESSID=2bntbdh9ng5r097ijlc9dbj294
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dirhotels.com
referer: https://au.dirhotels.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.dirhotels.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:17 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 12:39:07 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: none
content-length: 33280

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 20 KB
7 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4abc07410992738ff369c429c51315178e488b813e7f076a4aeffe6e86cc7098

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6631
x-xss-protection: 0
server: sffe
date: Sat, 24 Jul 2021 20:11:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "fe85337cb602f8e5"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 20:11:19 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.7/css/ 35 KB
8 KB 30ms
16ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.7/css/all.css
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1555432
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XT8CFMV6FBG03CN4
x-amz-id-2: q31eAZXiUK0RS4cGjHAXh9lIm6BsDh6He3HDCqjUUqhOjc57eKOG/hIdi/xLziLwmumuj3XatEQ=
last-modified: Wed, 30 Jun 2021 15:27:50 GMT
server: cloudflare
etag: W/"16f4f6797931e43125885e1741f125a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17MEyFYUMWdSvv7j1kIMz3wfrSt82Be8UvzgkRgJYgRlLEFxsvVh3vBJ3ZhwTmyWoloUhr0j%2Fe7cCBcmP3%2FsliCSNm1gQxvb2Ag1tSBwkpHzTNebjG1nowzXTF3S1LXRolhj%2FQ%2Bg75mfY%2BbfQMn9TDn9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 673fcc045931c2a9-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
49 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f16a935d459a3bf85554bc55742924f23066053190a78a54904b6bf3e8a0140e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49260
x-xss-protection: 0
server: cafe
etag: 17688924842044148777
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 20:11:19 GMT

GET
H2 200 168932300.jpg
t-ec.bstatic.com/images/hotel/max1024x768/168/ 87 KB
87 KB 171ms
148ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t-ec.bstatic.com/images/hotel/max1024x768/168/168932300.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b240d6c9ab7a4874799d856389235af8e2f82b32e5fa82c9e407bd542a776cd4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "1eb21a3c240312e03c84928fd3b46432d030826f"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 88851
x-xss-protection: 1; mode=block
x-amz-cf-id: H7cvgWwR6_J_G21Jk_owVkWwAKzRJcgrFsito6xBj-e2DgEsopyZnw==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 107767462.jpg
t-ec.bstatic.com/images/hotel/max1024x768/107/ 66 KB
67 KB 164ms
152ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t-ec.bstatic.com/images/hotel/max1024x768/107/107767462.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

011579396b99ff871f634116f5307bc3e20020e4e348b21fdb08168c147f5453

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "c509b74c05d5a8e7aadc358ba0dd0bddc5869853"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 67693
x-xss-protection: 1; mode=block
x-amz-cf-id: naxYkfgz_vMREri3GdLFcflwN2zSjCRkCa3ekNN0XMaKRBCa5YJgUw==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 173663921.jpg
s-ec.bstatic.com/images/hotel/max1024x768/173/ 80 KB
80 KB 185ms
162ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-ec.bstatic.com/images/hotel/max1024x768/173/173663921.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b1ace3301a7592226fba4caefc343644de0230326bb0504f6f59532c226ad46a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "c2ba0784bc739b96a34a63fdbe7b6d0819557cad"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 81871
x-xss-protection: 1; mode=block
x-amz-cf-id: wtvus57iyKwVBcHOKpjs0o4ibsefTTMW7HUlkuuo625XUTMR8t-5Gw==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 140544995.jpg
t-ec.bstatic.com/images/hotel/max1024x768/140/ 71 KB
72 KB 170ms
158ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t-ec.bstatic.com/images/hotel/max1024x768/140/140544995.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a2c907e96507a4a57865816306d57f8ca7cc3a3b6e26ebb060f954d41939e979

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "9a3673d8026dadacc7a20f05949abc6dc5fa996b"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 72737
x-xss-protection: 1; mode=block
x-amz-cf-id: bgJujjWZosTzKMxS0NxCZvX0_qjyXIbErNhpKqKynzdkd6x-gQsFLQ==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 176539859.jpg
s-ec.bstatic.com/images/hotel/max1024x768/176/ 84 KB
85 KB 178ms
156ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-ec.bstatic.com/images/hotel/max1024x768/176/176539859.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7bacd186bbecc8366f952852d4fcef421fbfacca635934e7536270f164476e78

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "ff72b11430159a76bcbfe32229e6bd763aa37104"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 86489
x-xss-protection: 1; mode=block
x-amz-cf-id: P2BM_px2RruhDe3npRxu5Q_o7Dq_uPL5Vb3Ke4ALLsOrOKhEqxK7Fg==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 175496064.jpg
t-ec.bstatic.com/images/hotel/max1024x768/175/ 122 KB
122 KB 253ms
241ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t-ec.bstatic.com/images/hotel/max1024x768/175/175496064.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d1354a2752b3cbbaeea79d6696b6033889020f6c533215d26c2816f008986545

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "bc88a94c65f1017cd19634188aeeb7a83016bf66"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 124535
x-xss-protection: 1; mode=block
x-amz-cf-id: KMGxLu5pwQtI-sgXEs6VM-NNpEokDNv7J7UnJfvQtNMi1GYPKJzpPw==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 404 25314669.jpg
t-ec.bstatic.com/images/hotel/max500/253/ 0
0 58ms
47ms Image
text/html 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-ec.bstatic.com/images/hotel/max500/253/25314669.jpg
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 142879723.jpg
s-ec.bstatic.com/images/hotel/max1024x768/142/ 21 KB
22 KB 240ms
218ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-ec.bstatic.com/images/hotel/max1024x768/142/142879723.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e53cb65c255a2d42a66c52e40a974a49d3173279b7554fc5712503115110507

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "597aee95dfe282e474af3a48f6c727fa41771a29"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 21881
x-xss-protection: 1; mode=block
x-amz-cf-id: dc1dOrQkiGZZa1LN58xgWecYpoMMEjv34q_KEnTyv73pD7SM9Kq0GQ==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 404 119672747.jpg
s-ec.bstatic.com/images/hotel/max500/119/ 0
0 61ms
39ms Image
text/html 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-ec.bstatic.com/images/hotel/max500/119/119672747.jpg
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 52822040.jpg
s-ec.bstatic.com/images/hotel/max1024x768/528/ 103 KB
104 KB 150ms
149ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-ec.bstatic.com/images/hotel/max1024x768/528/52822040.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6978401dfc10593cb11eeba2e702a347ea8e1cf4c6b93184824ece2e5dfd8833

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "1d77e62bb0917e49e3f01c6b38d27207b589f88a"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 105670
x-xss-protection: 1; mode=block
x-amz-cf-id: 2d7KQRyQEHrRqnnbSmZDgQbIApJ-keCrubYfhtbSsRWD88gjBoTrLw==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 121376229.jpg
t-ec.bstatic.com/images/hotel/max1024x768/121/ 93 KB
94 KB 19ms
18ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t-ec.bstatic.com/images/hotel/max1024x768/121/121376229.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ab1f3ec0d5a196a14e62284710dd2dc3bb4bbac4422cb0d096217abe278ae939

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 12:04:28 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
age: 115611
etag: "133aff12a39ebf405f90bb5097305e042f8288c4"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 95524
x-xss-protection: 1; mode=block
x-amz-cf-id: DNOhnqIbqhkWm4vHEIL8GsOqEMH2lakqp6Q-C80Neiqhmbg8Azq3Tw==
expires: Sun, 22 Aug 2021 12:04:28 GMT

GET
H2 200 131095099.jpg
s-ec.bstatic.com/images/hotel/max1024x768/131/ 154 KB
155 KB 225ms
223ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-ec.bstatic.com/images/hotel/max1024x768/131/131095099.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a7ac2ef0959f3dd57beb0b82bc0d7006ac4aee31a64c4413fad130c446f9f2dc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "e5d11f616d17c3135e3606be33cf69d1c25619f8"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 158061
x-xss-protection: 1; mode=block
x-amz-cf-id: Ba_80Ws0nvH2jKJMABAiy9jVLLiaCUCuKmbzC-E26fFpslWrdQjdFg==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 121271740.jpg
t-ec.bstatic.com/images/hotel/max1024x768/121/ 60 KB
61 KB 187ms
185ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t-ec.bstatic.com/images/hotel/max1024x768/121/121271740.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

056762e1614c9dd3b56db992b5725bd40367164ffff7e458b8d1f51a0f0d2c27

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "293e8159cb3ed351bfcf051008cabe5d51d5cd8c"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 61742
x-xss-protection: 1; mode=block
x-amz-cf-id: rRLA6a-73uv5t3ija_Fdws-cuBB7crIVdENMBhplXX5BAElf_oim3A==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 103559894.jpg
t-ec.bstatic.com/images/hotel/max1024x768/103/ 65 KB
65 KB 154ms
152ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t-ec.bstatic.com/images/hotel/max1024x768/103/103559894.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

94b73f3f5b9670df9bcb7c544ccdf1a5ea37c5d3eed5a72e19cc012717e05da8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "2cab75e1121996e337d187fd671979486ba327d2"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 66583
x-xss-protection: 1; mode=block
x-amz-cf-id: veP3h2Dtm2VhlaVmU4lxL6AWMOPmxsJ2HMOQDCVthobHUa979sOYWw==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 159809614.jpg
t-ec.bstatic.com/images/hotel/max1024x768/159/ 163 KB
164 KB 177ms
175ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t-ec.bstatic.com/images/hotel/max1024x768/159/159809614.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b2b544190d814b99232ebd41653e0fcab7e96601f96885136381036d02648401

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "d12eabc18aaea888b7a6fbc705cd0c1ad6605c3a"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 167237
x-xss-protection: 1; mode=block
x-amz-cf-id: cD1zooKylJEi1QqKc5_AYdobpp2O4GaEe4jIMnSmF5jOKWB6lY6vSg==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 107287828.jpg
s-ec.bstatic.com/images/hotel/max1024x768/107/ 203 KB
204 KB 218ms
217ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-ec.bstatic.com/images/hotel/max1024x768/107/107287828.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2286ce960b1a24b22fadb81cc2af6850df5363ac920eb9ee66fc9701e1b5a39f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "5c7e10b678f6f950d013b0b5f525e78e9f91fa0b"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 208061
x-xss-protection: 1; mode=block
x-amz-cf-id: x2h9ZyHrWb76K7F4FYlajd__g1oXPsVfp3tHbFyOopWoPvjU8_Yu-Q==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 92692961.jpg
t-ec.bstatic.com/images/hotel/max1024x768/926/ 140 KB
140 KB 170ms
168ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t-ec.bstatic.com/images/hotel/max1024x768/926/92692961.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f5eea53388d04782dcc234ed5a3bfa7c6211195d1386ba77d3ecfd4a5008975f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "48766f526c7c7affe1017ea799d41e4ba6fa8a71"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 143083
x-xss-protection: 1; mode=block
x-amz-cf-id: UsczABzwpoVXalFFu1PLEsNI-7fYdGzDR2CnqM00JY2yrJrmTAJ0ig==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 87626078.jpg
s-ec.bstatic.com/images/hotel/max1024x768/876/ 55 KB
55 KB 127ms
127ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-ec.bstatic.com/images/hotel/max1024x768/876/87626078.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

28e976b4ae104087e67ffbfacbb4128be54a32d6718cda4fbb33f699e17955d3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "f709afa3eedcedb57056bdf95d77854ea919c912"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 56367
x-xss-protection: 1; mode=block
x-amz-cf-id: 1hZkIolA_1hvZYVVJd12vjWhmUcXTSoSW8ZVASq0PIaswI48ZlhmAg==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 105811862.jpg
s-ec.bstatic.com/images/hotel/max1024x768/105/ 72 KB
73 KB 133ms
133ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-ec.bstatic.com/images/hotel/max1024x768/105/105811862.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

27dae8c7ba47c379ea1175591cb243b2d0db20f0419bb8cc1f95d88a595a34a6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "d32fece27d93285485ba4dd46d5b3174176df9f4"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 74029
x-xss-protection: 1; mode=block
x-amz-cf-id: _M54zrT6JVcHAfzOYMyWbN_8UGIxV94M8yaVeDGge-1qIx5O5YRPlA==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 200 172171610.jpg
t-ec.bstatic.com/images/hotel/max1024x768/172/ 85 KB
86 KB 185ms
183ms Image
image/jpeg 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t-ec.bstatic.com/images/hotel/max1024x768/172/172171610.jpg

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a5c860bbc2d69cf59b6f1577629f5b46c6a323350d6bdfdb08fea6d065a90664

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
etag: "68cf8cfd5b4503e79c4da179d8150e59027ff10b"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 87158
x-xss-protection: 1; mode=block
x-amz-cf-id: gjtmc-sLqiahpRG-xFL9Fpczc0GsXruerkPZXAKLKxQExeUxQDUKpg==
expires: Mon, 23 Aug 2021 20:11:19 GMT

GET
H2 404 74784515.jpg
t-ec.bstatic.com/images/hotel/max1024x768/747/ 0
0 39ms
37ms Image
text/html 2600:9000:2182:3e00:1d:ff62:dec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-ec.bstatic.com/images/hotel/max1024x768/747/74784515.jpg
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3e00:1d:ff62:dec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 38 KB
13 KB 80ms
30ms Script
application/x-javascript 104.22.52.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd4667051083414e6918c646422069fdd0292fb55aff0e8b807ec4fbb496c09

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 08:51:42 GMT
server: cloudflare
age: 24857
etag: W/"60bf2f9e-9987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 673fcc062fa232b0-CDG
expires: Sun, 25 Jul 2021 01:17:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/style/css/style.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 20:10:47 GMT
server: ESF
date: Sat, 24 Jul 2021 20:11:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jul 2021 20:11:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
648 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/style/css/style.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dc4c088d91f1dcbde2840ebfd2bb0e34b7f7226bbd96fb15f78d9567c6be4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 19:52:53 GMT
server: ESF
date: Sat, 24 Jul 2021 20:11:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jul 2021 20:11:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
856 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,600italic,600

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/style/css/style.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28b606e8e312080d7df193b0a02ccf89c8c450e051929cb356ed93400772101e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 20:11:19 GMT
server: ESF
date: Sat, 24 Jul 2021 20:11:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jul 2021 20:11:19 GMT

GET
H2 200 jscrollpane.css
au.dirhotels.com/style/css/ 2 KB
698 B 66ms
66ms Stylesheet
text/css 91.196.124.156
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dirhotels.com/style/css/jscrollpane.css
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/style/css/style.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.196.124.156 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host124-156.superhosting.bg
Software: Apache /
Resource Hash: adb2cb30b4c6f46ebdf3c13cf277e95dac4029feec639274ac07424194187b26

Request headers

:path: /style/css/jscrollpane.css
pragma: no-cache
cookie: PHPSESSID=2bntbdh9ng5r097ijlc9dbj294
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.dirhotels.com
referer: https://au.dirhotels.com/style/css/style.css?v=2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.dirhotels.com/style/css/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:18 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 12:39:06 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: none
content-length: 643

GET
H2 200 logo1.png
us.dirhotels.com/images/ 8 KB
8 KB 185ms
64ms Image
image/png 91.196.124.156
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.dirhotels.com/images/logo1.png
Requested by: Host: au.dirhotels.com
URL: https://au.dirhotels.com/style/css/style.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.196.124.156 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host124-156.superhosting.bg
Software: Apache /
Resource Hash: 8d8437ff02d10d98d8f2d0ba563579b08c7fe7cab1e5999176499b8f0f7c0665

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:18 GMT
last-modified: Tue, 29 Jan 2019 11:00:35 GMT
server: Apache
accept-ranges: bytes
etag: "1d20b2e-2068-58096b3efe2ad"
content-length: 8296
content-type: image/png

GET
H/1.1 200
OK flexiproduct.js Show response
aff.bstatic.com/static/affiliate_base/js/ 6 KB
3 KB 1013ms
613ms Script
application/javascript 185.28.221.4
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1627157479307

Requested by

Host: au.dirhotels.com
URL: https://au.dirhotels.com/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.28.221.4 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

c553ef7271334af93285181e0b891ecc964712f12d02af54ecee9c58354c71e6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:20 GMT
content-encoding: br
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-186e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
transfer-encoding: chunked
timing-allow-origin: *
nel: {"report_to":"default","max_age":600}
x-xss-protection: 1; mode=block
expires: Mon, 23 Aug 2021 20:11:20 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/ 250 KB
93 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4799802982166754&plah=au.dirhotels.com&amaexp=1&bust=31061978

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95151
x-xss-protection: 0
server: cafe
etag: 4826816153601596757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 20:11:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame E36F 10 KB
5 KB 7ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210720/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dirhotels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.dirhotels.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 24 Jul 2021 01:46:23 GMT
expires: Sat, 07 Aug 2021 01:46:23 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 66296
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
660 B 107ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=au.dirhotels.com&callback=_gfp_s_&client=ca-pub-4799802982166754

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4799802982166754&plah=au.dirhotels.com&amaexp=1&bust=31061978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2aac4956c1fe79fe9f3c59805ac05665829dfb39e5623be2db8be5c00376c6b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
317 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=au.dirhotels.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 20:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=au.dirhotels.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 20:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E9B6 11 KB
4 KB 582ms
582ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4799802982166754&output=html&adk=1812271804&adf=3025194257&lmt=1627157479&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157479341&bpp=3&bdt=265&idt=59&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5670490626763&frm=20&pv=2&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&pvsid=1012566220902837&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=76

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6470843b685674389c28c4c19704e397a8d0fbc4b6200bf003f7f0a3be86e750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4799802982166754&output=html&adk=1812271804&adf=3025194257&lmt=1627157479&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157479341&bpp=3&bdt=265&idt=59&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5670490626763&frm=20&pv=2&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&pvsid=1012566220902837&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dirhotels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.dirhotels.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Jul 2021 20:11:19 GMT
server: cafe
content-length: 4486
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Jul-2021 20:26:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Jul 2021 20:11:19 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039897272555"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Sat, 24 Jul 2021 20:11:19 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AD6 75 KB
25 KB 496ms
496ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4799802982166754&output=html&h=280&slotname=9422759423&adk=1974736439&adf=1862265143&pi=t.ma~as.9422759423&w=740&fwrn=4&fwrnh=100&lmt=1627157479&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157479344&bpp=2&bdt=267&idt=77&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670490626763&frm=20&pv=1&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&pvsid=1012566220902837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AC2rseSjxm&p=https%3A//au.dirhotels.com&dtd=80

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc929795352a197ccebbb950fe6ab3ef8a9933ee10279d0d19dd2caa06882f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4799802982166754&output=html&h=280&slotname=9422759423&adk=1974736439&adf=1862265143&pi=t.ma~as.9422759423&w=740&fwrn=4&fwrnh=100&lmt=1627157479&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157479344&bpp=2&bdt=267&idt=77&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670490626763&frm=20&pv=1&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&pvsid=1012566220902837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AC2rseSjxm&p=https%3A//au.dirhotels.com&dtd=80
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dirhotels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.dirhotels.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Jul 2021 20:11:19 GMT
server: cafe
content-length: 25780
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Jul-2021 20:26:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Jul 2021 20:11:19 GMT
cache-control: private

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
572 B 162ms
161ms XHR
application/json 104.22.52.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=10799846&u1=3DD2EE383F794F4C2BB9A3CCA983301C&java=1&security=0890d18a&sc_snum=1&sess=8987a3&p=0&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//au.dirhotels.com/login.php&t=Page%20Not%20Found&invisible=1&sc_rum_e_s=657&sc_rum_e_e=660&sc_rum_f_s=0&sc_rum_f_e=642&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 673fcc06781d32b0-CDG
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://au.dirhotels.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 0625867b14f7db6003faf473caeace36.js Show response
www.gstatic.com/mysidia/ Frame 2AD6 8 KB
4 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0625867b14f7db6003faf473caeace36.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4799802982166754&output=html&h=280&slotname=9422759423&adk=1974736439&adf=1862265143&pi=t.ma~as.9422759423&w=740&fwrn=4&fwrnh=100&lmt=1627157479&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157479344&bpp=2&bdt=267&idt=77&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670490626763&frm=20&pv=1&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&pvsid=1012566220902837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AC2rseSjxm&p=https%3A//au.dirhotels.com&dtd=80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1c387c0f4d541b5f303a016362289f12bad5b99f569e93cc208939fe555ae84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 09:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3512
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 08:17:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 09:16:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 2AD6 3 KB
578 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 19:50:17 GMT
server: ESF
date: Sat, 24 Jul 2021 20:11:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jul 2021 20:11:19 GMT

GET
H2 200 b0ed9b56544bec8128f8998873cea4ad.js Show response
www.gstatic.com/mysidia/ Frame 2AD6 11 KB
5 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b0ed9b56544bec8128f8998873cea4ad.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

349f98d9eff3e12d8eb9a71bfe3ff7742ccedc9ecc429d35925075e2adf11f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 09:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4679
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 08:17:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 09:47:13 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 2AD6 1 KB
857 B 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Aug 2021 20:10:15 GMT

GET
H2 200 aedeba39b64edc89259c5bab3bb9fe61.js Show response
www.gstatic.com/mysidia/ Frame 2AD6 3 KB
1 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/aedeba39b64edc89259c5bab3bb9fe61.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981a2ca846b248a95d65dc8801c27aecafe9f4f6f41c60065c13169e002e275a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1390
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 12:27:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Oct 2021 01:13:08 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 2AD6 18 KB
8 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Aug 2021 20:00:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 2AD6 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Aug 2021 20:09:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AD6 124 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:19 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039891503395"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Sat, 24 Jul 2021 20:11:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 2AD6 14 KB
7 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Aug 2021 20:10:13 GMT

GET
H3-29 200 638cf57158770915db314ccd85b2248b.js Show response
www.gstatic.com/mysidia/ Frame 2AD6 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638cf57158770915db314ccd85b2248b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2815473cb317930b4e63191154c2bbbf5d3b3165b461207ac7548af646b8a19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 08:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10810
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 08:17:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 08:40:05 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13010821928260225513/ Frame 2AD6 18 KB
18 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13010821928260225513/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9fa30f7563e7cb0aef27eec8f3b77f84a79b52a340e1eff440afb55058d290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:01:21 GMT
x-content-type-options: nosniff
age: 338998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18391
x-xss-protection: 0
last-modified: Fri, 07 May 2021 09:21:02 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 22:01:21 GMT

GET
DATA 200
OK truncated
/ Frame 2AD6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a502918f0251787b8c117187f4401b5be333fd43d68fafe6408ac25b3c15c340

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2AD6 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_Vr453P8YKX6GoOSrASdjqHoCoSUhuJjkfaw7e4NChABIPuFpyVglQKgAcHUwbQByAEJqQI14cShLMCzPqgDAcgDywSqBLEBT9ABmK_EI9vNy_RgK4NGvy011uK2F-OM-nmnz9tGxTzTL9rk5Lyb1ecKkSeWJUq4SyRVGl86XdMWslAGnw3iMoR1GHQh_HNdk_POPBk0LvNb3EyZByYxIymvMLDXLEm7s0EHsIaAYXMyfiZWJfmrVVVJYOzlRs6SOA4FlENb7GRXsUuCHaEXwg5xlg_QvK6DZb4V8WjT-nL8r6EzLy-HiazUHT4Pc8F72vCezXvNrMCwwASghuOuzgOgBi6AB6ervssCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEKWVA9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwOIFAXQFQGYFgGAFwGyFxoKGAgAEhRwdWItNDc5OTgwMjk4MjE2Njc1NA&sigh=fV4AL6ffRbc&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4799802982166754&output=html&h=280&slotname=9422759423&adk=1974736439&adf=1862265143&pi=t.ma~as.9422759423&w=740&fwrn=4&fwrnh=100&lmt=1627157479&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157479344&bpp=2&bdt=267&idt=77&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670490626763&frm=20&pv=1&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&pvsid=1012566220902837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AC2rseSjxm&p=https%3A//au.dirhotels.com&dtd=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Jul 2021 20:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 24 Jul 2021 20:11:20 GMT

GET
DATA 200
OK truncated
/ Frame 2AD6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a46c71270dbfd024af1b4a04638010f6340783c0d93999de591733f4b581e319

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2AD6 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 409742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 02:22:18 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2AD6 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 368698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 13:46:22 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=au.dirhotels.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 20:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
23ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=au.dirhotels.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 20:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6EF2 436 B
232 B 268ms
268ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4799802982166754&output=html&h=280&adk=1283731946&adf=661815038&pi=t.aa~a.2826166470~rp.2&w=1105&fwrn=4&fwrnh=100&lmt=1627157480&rafmt=1&to=qs&pwprc=9987598980&psa=0&format=1105x280&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157480073&bpp=1&bdt=997&idt=0&shv=r20210720&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a533079c813949b-22dee2038bc80090%3AT%3D1627157479%3ART%3D1627157479%3AS%3DALNI_MbightsJILrFhLlxEl6_pjO8zlUyg&prev_fmts=0x0%2C740x280&nras=2&correlator=5670490626763&frm=20&pv=1&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=248&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&psts=AGkb-H9KORRQgd4vhGJNXgdpItjM0ZIDTXZhlOfI26SxObaOZ3mHPQMsoUdv6B7GRa2mQl0nkGatTZ9dW5pw8A&pvsid=1012566220902837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=edsT9jsZDB&p=https%3A//au.dirhotels.com&dtd=8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f715289b9d66a5ed464a6c8560e1b22e63e3ebe15ecf3fa8c2d1a066ab39336e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4799802982166754&output=html&h=280&adk=1283731946&adf=661815038&pi=t.aa~a.2826166470~rp.2&w=1105&fwrn=4&fwrnh=100&lmt=1627157480&rafmt=1&to=qs&pwprc=9987598980&psa=0&format=1105x280&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157480073&bpp=1&bdt=997&idt=0&shv=r20210720&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a533079c813949b-22dee2038bc80090%3AT%3D1627157479%3ART%3D1627157479%3AS%3DALNI_MbightsJILrFhLlxEl6_pjO8zlUyg&prev_fmts=0x0%2C740x280&nras=2&correlator=5670490626763&frm=20&pv=1&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=248&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&psts=AGkb-H9KORRQgd4vhGJNXgdpItjM0ZIDTXZhlOfI26SxObaOZ3mHPQMsoUdv6B7GRa2mQl0nkGatTZ9dW5pw8A&pvsid=1012566220902837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=edsT9jsZDB&p=https%3A//au.dirhotels.com&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dirhotels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlDUDggJ67Y02VHJIVWFSohH7on5XR2QDf4DB2e9CYvz3F6vyBCkejywup0lnQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.dirhotels.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Jul 2021 20:11:20 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js Show response
pagead2.googlesyndication.com/bg/ Frame 10EC 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 20:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13334
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 20:14:37 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AD6 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg8IASoLdGFsbC1iYW5uZXIKCggCKgZzZXJ2ZXIKQwgEKj9teXNpZGlhX2FuYWx5dGljcyxkaXNhYmxlX2h5YnJpZF93cmFwcGVyLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKDRArIQAAAAAAAD5AMAQKDRADIQAAAM3MtIFAMAQKDRAKIQAAAIBmZhJAMAQKDRANIQAAAAAAAAAAMAQKDRAeKgc3NDB4MjgwMAQKDRAZKgc3NDB4MjgwMAQKDRAOIQAAAAAAAAAAMAQKDRAQIQAAAACAM9lAMAQKDRARIQAAAAAAAAAAMAQKDRASIQAAAAAAAABAMAQKDRATIQAAAAAAAABAMAQKDRAEIQAAADMz34FAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAgEJAMAQKDRAUIQAAAAAAEIJAMAQKDRAVIQAAAAAAABBAMAQKDRAWIQAAAAAAAAhAMAQKDRAFIQAAAM3M4IFAMAQKDRAXIQAAAJqZKYNAMAQKDRAYIQAAAM3MxIRAMAQSGkNPV0p1ZnpCX1BFQ0ZRTUppd29kSFVjSXJRIgl0ZXh0L3J5dWsoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b0ed9b56544bec8128f8998873cea4ad.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 20:11:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK flexiproduct.html Show response
www.booking.com/ Frame 9F9C 87 KB
35 KB 379ms
295ms Document
text/html 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&

Requested by

Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1627157479307

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

39346905edf3dcad317eafd8bb24f740d6d9ef19bff63f9ecab3b3d6d6fa825a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.booking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://au.dirhotels.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.dirhotels.com/

Response headers

server: nginx
date: Sat, 24 Jul 2021 20:11:20 GMT
content-type: text/html; charset=UTF-8
content-length: 34955
cache-control: private
vary: Accept-Encoding, User-Agent
content-encoding: br
nel: {"max_age":604800,"report_to":"default"}
report-to: {"max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default"}
set-cookie: _pxhd=nTT4%2F%2F4Gb5H8qHKcrboZXz4xqbXS8zSilABvZdR-XEthvHrjv7gR7LSE24TkD3JrcJY0RRK7bJUeRPBNQR3XUg%3D%3D%3AZHidFccaHXDIKoENF8tj8TUsvN2XvueopG-79X9frnDXpTT-7tWoeN9DbI9mK%2F7GIi%2FDdw%2F5xkKjb8igim%2Fh4ULJNiBCjeOCAjgsPoquiTs%3D; path=/; expires=Sun, 24-Jul-2022 20:11:20 GMT bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbiKbS0JOgDBK6LEtX6%2Blc%2BXPMRRalQbrgUTZoa5LdVPgRYNjJ3nevfq00CzUAWeX%2FWHIZAs6AO98EWOMcjhulAH6MCyl4HQ%2FdJk5pqgGybMxCzJQY8T%2B%2BjxQFbsT0SEWw5hQMGEVJkGbCyfRJMDbYBWBzkGyUvEMeaaNVEqRnKYI%3D; domain=.booking.com; path=/; expires=Thu, 23-Jul-2026 20:11:20 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 82b674edb949dddf78e02d76e8593771bf2e85d5.css
cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/ Frame 9F9C 1 KB
1015 B 32ms
9ms Stylesheet
text/css 2600:9000:2182:6e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 20:50:03 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 688877
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 10:23:33 GMT
server: nginx
etag: W/"5eda1d25-51a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: 6TJjUMFyF_pxyDVSMo6fpA3Y48YJSfxErCy7WyOeTuNOzIGhWprhpw==
expires: Sun, 15 Aug 2021 20:50:03 GMT

GET
H2 200 f6d29e089da85314827d24b5e412d273b710cf84.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/ Frame 9F9C 11 KB
3 KB 62ms
39ms Stylesheet
text/css 2600:9000:2182:6e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/f6d29e089da85314827d24b5e412d273b710cf84.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:58:57 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 871943
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 10:23:33 GMT
server: nginx
etag: W/"5eda1d25-2ae3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: T3D_A5J9FXJqgfG-IfeejGQ4msq6SOtfcZb06-66cRWp4Y7YM-lsww==
expires: Fri, 13 Aug 2021 17:58:57 GMT

GET
H2 200 0579e1e4d20e28f92adaba484f8f11a42e2b5e68.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/ Frame 9F9C 13 KB
3 KB 33ms
10ms Stylesheet
text/css 2600:9000:2182:6e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/0579e1e4d20e28f92adaba484f8f11a42e2b5e68.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0fe3b9faabb14dd0bf83ae0848aa86f1520857f00c96913cc1217bd04909da12

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 14:57:58 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1142002
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:19 GMT
server: nginx
etag: W/"5cadd1af-32e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: 7SPCyk-2hwcipzW-RylN2KbLYUIn53-YG7KCb7Xo9ZLb37IsASHoJQ==
expires: Tue, 10 Aug 2021 14:57:58 GMT

GET
H2 200 3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css
cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/ Frame 9F9C 952 B
1 KB 62ms
39ms Stylesheet
text/css 2600:9000:2182:6e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:36:15 GMT
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1506905
x-cache: Hit from cloudfront
content-length: 952
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:19 GMT
server: nginx
etag: "5cadd1af-3b8"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: htQYrdOm0O-OQ8blDtj8eHvNJ4MpaxPMxMlLYfhXBl_kb_CPDiMzpQ==
expires: Fri, 06 Aug 2021 09:36:15 GMT

GET
H2 200 ebc3273565b5e682ccaf01872d2e046749306442.png
cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ Frame 9F9C 3 KB
3 KB 9ms
9ms Image
image/png 2600:9000:2182:6e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ebc3273565b5e682ccaf01872d2e046749306442.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 20:07:15 GMT
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1037045
x-cache: Hit from cloudfront
content-length: 2904
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:50 GMT
server: nginx
etag: "5cadd1ce-b58"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: W94XldLh6ieQOsjOw6GznnNRIHsLTW_OysbGKsDffjOOnR26C2yH3g==
expires: Wed, 11 Aug 2021 20:07:15 GMT

GET
H2 200 2e1059de66c6a928c4ea7e843b9ffbd51cc3e15d.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/ Frame 9F9C 123 KB
39 KB 37ms
15ms Script
application/javascript 2600:9000:2182:6e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/2e1059de66c6a928c4ea7e843b9ffbd51cc3e15d.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0b01b0858503cb5946f0c5c1b7c59a3be705eab43b2c6ce1526a7a7509ac63b9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 21:35:46 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1290933
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-1ecfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: etPds1id_ZhDgB9hALA1f4a64dPGaD1WhYS7zqMEao6HjejWmWgoHQ==
expires: Sun, 08 Aug 2021 21:35:46 GMT

GET
H2 200 eb78197b2eee9a032c319d91a6e1c581e295f284.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/ Frame 9F9C 33 KB
11 KB 36ms
14ms Script
application/javascript 2600:9000:2182:6e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/eb78197b2eee9a032c319d91a6e1c581e295f284.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:20:21 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 683459
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-84eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: g_yerhoBpAXWQlYsx9cyy0nOIc6FKemwu6IgIAZcW2Efru__ljmpzQ==
expires: Sun, 15 Aug 2021 22:20:21 GMT

GET
H2 200 a620a252f1d0110ab972e81348133431e8486098.js Show response
cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/ Frame 9F9C 2 KB
1 KB 18ms
17ms Script
application/javascript 2600:9000:2182:6e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/a620a252f1d0110ab972e81348133431e8486098.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 21:09:08 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 774132
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-903"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: 7dxkaPm5iD80oeDDXZO0SUfGGFvPmWEn5TDJjE1mIeEuUrBuNXlQ2g==
expires: Sat, 14 Aug 2021 21:09:08 GMT

GET
H2 200 7e03f1178ca725d97fdd726255c96b3e71b660d2.js Show response
cf.bstatic.com/static/affiliate_base/js/flexi_responsive_cloudfront_sd/ Frame 9F9C 392 B
966 B 13ms
13ms Script
application/javascript 2600:9000:2182:6e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexi_responsive_cloudfront_sd/7e03f1178ca725d97fdd726255c96b3e71b660d2.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ec9e5f73690e9e6f199bdb463ce1ecd83960019884fdef77d916c3a8aa14a76e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 22:29:14 GMT
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 596526
x-cache: Hit from cloudfront
content-length: 392
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: "5e39454a-188"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 4QQminWtqB10rb5PZY9zv2TiBiOuw22bUzcMFu_Rai8dTMF21x3L5A==
expires: Mon, 16 Aug 2021 22:29:14 GMT

GET
H2 200 750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
cf.bstatic.com/static/fonts/flexi/flexi/ Frame 9F9C 8 KB
8 KB 14ms
14ms Font
application/font-woff 2600:9000:2182:6e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/flexi/flexi/750fa5bec9bde5e6e09115b5970b8106f73a5646.woff

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 22:27:24 GMT
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 942236
x-cache: Hit from cloudfront
content-length: 7772
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
server: nginx
etag: "5cadd1cd-1e5c"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rIAlcJOjhtQyskAqIQFE3F0soqj-r_IKmGhEHxYwA-4miRnNjr25qA==
expires: Thu, 12 Aug 2021 22:27:24 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 26ms
25ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

994ab219fd37feba0bdebf5d03f4baf3adeb695af296cb06936c3fe3355c310f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 20:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8484
x-xss-protection: 0

GET
H/1.1 200
OK fp_view Show response
www.booking.com/affiliate/ Frame 9F9C 12 B
1 KB 100ms
100ms XHR
application/json 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/affiliate/fp_view?aid=1689265&target_aid=1689265&product_type=nsb

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/2e1059de66c6a928c4ea7e843b9ffbd51cc3e15d.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=220&lang=en-US&aid=1689265&target_aid=1689265&fid=1627157480342&
X-Requested-With: XMLHttpRequest
X-Booking-CSRF: KKz8YAAAAAA=XoEdDsVJUqX_2LWAxeFFSNvQiolKREFxnoo441YD5YjDtCoK6yjxgHDAfZ_RL_EmsnktIwN8SvtV3yvLkEoHFsxoleHHEuEOoaETIS05iO3GVBnWOJ4eN9buY74jWAJF-P1jvR7lPKZ2DjV-zdilvkAGMKs6KRrLZly9A2STmAgx70ZCBeWNN4OBRgRlWlseFAqe5_gIQ6Xwuexn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:20 GMT
x-content-options: nosniff
server: nginx
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://reports.booking.com/csp_violation?type=report&tag=112&pid=34218df4e1a10406&e=UmFuZG9tSVYkc2RlIyh9YV52yMgL4uFPlMiAwY3njEmUF6b7637It4Oa69OpCrlnvL7_y7uwHSA&f=2&s=0;
content-type: application/json; charset=UTF-8
transfer-encoding: chunked
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 20:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 24 Jul 2021 20:11:20 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4753 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dirhotels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.dirhotels.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 24 Jul 2021 18:42:08 GMT
expires: Sun, 24 Jul 2022 18:42:08 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4E9A 783 B
783 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dad2def260455b923587ea5547f22039fea45d88bd8b64ef228b72a93310fe5b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m13GZRL6I3zomu0zJ9EU2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dirhotels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.dirhotels.com/

Response headers

expires: Sat, 24 Jul 2021 20:11:20 GMT
date: Sat, 24 Jul 2021 20:11:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-m13GZRL6I3zomu0zJ9EU2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js Show response
pagead2.googlesyndication.com/bg/ Frame 4753 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 20:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13334
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 20:14:37 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=1012566220902837&bg=!IyClIGTNAAbnC78O5ws7ACkAdvg8WrAXVIYZ2_0amm7TnJu8Qtx80Xtnz4tNSTo6M-9oDC1h4tBIyQIAAAA3UgAAAApoAQcKAPTcXhrdTbhC8nT-UtGhdO-O1omaBcf5e0FYdCtylKJ0FG74V5BSCD7pf_S_J91JQFaUftyzmpfRXYQuFCWmkVbIvHLA-AWcuEEQ14Y-izweS2fC7y6wvt1LAmvEnBEg8E2rCWZmDaHp4kLke9CAjW7gF9-1zsu-Ar1PuCY1k7K9uuOa39TPhzMQBGT5WHdVy2mLfZlX0SiP2Ys2qeSJMDWes_ADTN9kUkKC9MXisAlDvrjAOOpgH1W9oKCFbgnJC_elWgtMpIyn7qX72kuXYsv-2gxF4m9z5bBH3zzauQ9b9re3vF7UMGgAkDAzrTIpfZXWudD6mQJ7HsHrC_WvnkM2xhlmoPa78RsnOkqKC1ZCuyjA5PMcsDZirnCEZdkK58BXcimrnLtYtzK_MXoVuWmOAf5bx9O82b0z-QSuJFOZtzqKiY9OCucgVXe_DswwheP_aksEh71aAwWa_3JuyvDQ_l8f-VnMPEkyvvx_BSqJFvEj4ubldBQDI3_Rk4VuEWTZGZszWF5jyyTvH7VHNoCBC0FqaK4_O69f22FQ0BP3lvqCjgfk5JE4njXb3FTV4aRZnE_sFIDNBNvmG-jlElf9YEVv3RAyN1FF6yd83XptExKoH-5xppIwj54WYVtkziGlNIT1zir-Tr6L8J2GMtArrG6qLc8l2cjy9xHME8BxXQE7vYvtu2zA_dRZ_cztkG_XuAqBOBGz_RXUmWGFnPdelDiGZDYiABdEfutr2liB0a7rXsgianwLpO10NlLZEo6KGIzfzUPGspw3YM5PTrZ2S7mOWjw02WaynpJ6EAgdXp_sIkDkSgCdeNw14V8wdNddURAyoUQXe3o9ChGYRpv4YFXMFcKu0KuJ2aluOk5SnkKeBrqGu9J4U2VzMJqJwBOyTmfnBUjpsmYbMYanTNFHXo1ZKiEG9cgvz_ROYey4h8nQO8ubgXkHZ0bdAv-kmmjxpUkcha2nV4l4pjy5odAVL8DRWxLTfatrZ__3IEBaPs8rGhEUnd7tLE94R4h52Ra_YsI8DgaHWWsNK-bJBgacTqyspVSESuO_f-4vAYJt_l-xgezq2534zFRlqWTCHN7TH6-biSS0jnQPNlZ52t_qq4y-wmOLEJC5ZJBEPZWMEcQdxrHmx34eSEckeUJbpmimtlqM1IZDZge_V8mTW2UIYGo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dirhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 20:11:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2AD6 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXKWU53P8YKX6GoOSrASdjqHoCoSUhuJjkfaw7e4NChABIPuFpyVglQKgAcHUwbQByAEJqQI14cShLMCzPqgDAaoEsQFP0AGYr8Qj283L9GArg0a_LTXW4rYX44z6eafP20bFPNMv2uTkvJvV5wqRJ5YlSrhLJFUaXzpd0xayUAafDeIyhHUYdCH8c12T8848GTQu81vcTJkHJjEjKa8wsNcsSbuzQQewhoBhczJ-JlYl-atVVUlg7OVGzpI4DgWUQ1vsZFexS4IdoRfCDnGWD9C8roNlvhXxaNP6cvyvoTMvL4eJrNQdPg9zwXva8J7Ne82swLDABKCG467OA6AGLoAHp6u-ywKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQpZUD0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTA4gUBdAVAZgWAYAXAbIXGgoYCAASFHB1Yi00Nzk5ODAyOTgyMTY2NzU0&sigh=uxlAPiIdzto&vt=1&template_id=5000&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4799802982166754&output=html&h=280&slotname=9422759423&adk=1974736439&adf=1862265143&pi=t.ma~as.9422759423&w=740&fwrn=4&fwrnh=100&lmt=1627157479&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fau.dirhotels.com%2Flogin.php&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627157479344&bpp=2&bdt=267&idt=77&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670490626763&frm=20&pv=1&ga_vid=1186631605.1627157479&ga_sid=1627157479&ga_hid=525390914&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31061978%2C20211866&oid=3&pvsid=1012566220902837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AC2rseSjxm&p=https%3A//au.dirhotels.com&dtd=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Jul 2021 20:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2AD6 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYMjfAJU21SpsIgIBmX0UOhwdiCG4--n9TKVGtoQwKAijJEbeRACrbiUbFiyrD0M_Bbi7kJg1exC9eeEso839-G-vQlEO50eeGOYmxgRhA1tftZWqN8j-t3-L1zg&sai=AMfl-YRuNKB-vnaJK3diM2XkpIQ47PMh6eNvgUko3TqOnL1C5-9OmsXgIvd0vYLxqPeQ-4zxXeymNfZ4LgHm&sig=Cg0ArKJSzHGcvD5SIJu9EAE&id=lidar2&mcvt=1000&p=135,430,415,1170&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210723&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1974736439&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627157479425&dlt=500&rpt=55&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 20:11:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.booking.com/	1970-01-21 15:47:17	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbiKbS0JOgDBK6LEtX6%2Blc%2BXPMRRalQbrgUTZoa5LdVPgRYNjJ3nevfq00CzUAWeX%2FWHIZAs6AO98EWOMcjhulAH6MCyl4HQ%2FdJk5pqgGybMxCzJQY8T%2B%2BjxQFbsT0SEWw5hQMGEVJkGbCyfRJMDbYBWBzkGyUvEMeaaNVEqRnKYI%3D
.dirhotels.com/	1970-01-20 05:20:53	Name: __gads Value: ID=7a533079c813949b-22dee2038bc80090:T=1627157479:RT=1627157479:S=ALNI_MbightsJILrFhLlxEl6_pjO8zlUyg
.au.dirhotels.com/	1970-01-20 13:30:29	Name: sc_is_visitor_unique Value: rx10799846.1627157479.3DD2EE383F794F4C2BB9A3CCA983301C.1.1.1.1.1.1.1.1.1
.doubleclick.net/	1970-01-20 05:20:53	Name: IDE Value: AHWqTUlDUDggJ67Y02VHJIVWFSohH7on5XR2QDf4DB2e9CYvz3F6vyBCkejywup0lnQ
au.dirhotels.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2bntbdh9ng5r097ijlc9dbj294

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
aff.bstatic.com
au.dirhotels.com
c.statcounter.com
cdn.ampproject.org
cf.bstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s-ec.bstatic.com
t-ec.bstatic.com
tpc.googlesyndication.com
us.dirhotels.com
use.fontawesome.com
www.booking.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
104.22.52.65
142.250.184.226
185.28.221.4
2600:9000:2182:3e00:1d:ff62:dec0:93a1
2600:9000:2182:6e00:1f:e2ee:200:93a1
2606:4700:3031::ac43:d645
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
37.10.0.220
91.196.124.156
011579396b99ff871f634116f5307bc3e20020e4e348b21fdb08168c147f5453
056762e1614c9dd3b56db992b5725bd40367164ffff7e458b8d1f51a0f0d2c27
0b01b0858503cb5946f0c5c1b7c59a3be705eab43b2c6ce1526a7a7509ac63b9
0fc929795352a197ccebbb950fe6ab3ef8a9933ee10279d0d19dd2caa06882f7
0fe3b9faabb14dd0bf83ae0848aa86f1520857f00c96913cc1217bd04909da12
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
2286ce960b1a24b22fadb81cc2af6850df5363ac920eb9ee66fc9701e1b5a39f
27dae8c7ba47c379ea1175591cb243b2d0db20f0419bb8cc1f95d88a595a34a6
2815473cb317930b4e63191154c2bbbf5d3b3165b461207ac7548af646b8a19e
28b606e8e312080d7df193b0a02ccf89c8c450e051929cb356ed93400772101e
28e976b4ae104087e67ffbfacbb4128be54a32d6718cda4fbb33f699e17955d3
2aac4956c1fe79fe9f3c59805ac05665829dfb39e5623be2db8be5c00376c6b7
2dc4c088d91f1dcbde2840ebfd2bb0e34b7f7226bbd96fb15f78d9567c6be4f1
349f98d9eff3e12d8eb9a71bfe3ff7742ccedc9ecc429d35925075e2adf11f6d
39346905edf3dcad317eafd8bb24f740d6d9ef19bff63f9ecab3b3d6d6fa825a
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
4abc07410992738ff369c429c51315178e488b813e7f076a4aeffe6e86cc7098
4e53cb65c255a2d42a66c52e40a974a49d3173279b7554fc5712503115110507
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2
6470843b685674389c28c4c19704e397a8d0fbc4b6200bf003f7f0a3be86e750
6978401dfc10593cb11eeba2e702a347ea8e1cf4c6b93184824ece2e5dfd8833
69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce
7bacd186bbecc8366f952852d4fcef421fbfacca635934e7536270f164476e78
8d8437ff02d10d98d8f2d0ba563579b08c7fe7cab1e5999176499b8f0f7c0665
94b73f3f5b9670df9bcb7c544ccdf1a5ea37c5d3eed5a72e19cc012717e05da8
981a2ca846b248a95d65dc8801c27aecafe9f4f6f41c60065c13169e002e275a
994ab219fd37feba0bdebf5d03f4baf3adeb695af296cb06936c3fe3355c310f
9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e
9bd4667051083414e6918c646422069fdd0292fb55aff0e8b807ec4fbb496c09
a2c907e96507a4a57865816306d57f8ca7cc3a3b6e26ebb060f954d41939e979
a46c71270dbfd024af1b4a04638010f6340783c0d93999de591733f4b581e319
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a502918f0251787b8c117187f4401b5be333fd43d68fafe6408ac25b3c15c340
a5c860bbc2d69cf59b6f1577629f5b46c6a323350d6bdfdb08fea6d065a90664
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7ac2ef0959f3dd57beb0b82bc0d7006ac4aee31a64c4413fad130c446f9f2dc
ab1f3ec0d5a196a14e62284710dd2dc3bb4bbac4422cb0d096217abe278ae939
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
adb2cb30b4c6f46ebdf3c13cf277e95dac4029feec639274ac07424194187b26
b1ace3301a7592226fba4caefc343644de0230326bb0504f6f59532c226ad46a
b240d6c9ab7a4874799d856389235af8e2f82b32e5fa82c9e407bd542a776cd4
b2b544190d814b99232ebd41653e0fcab7e96601f96885136381036d02648401
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
b6b3468fd8d3aea06885acdb6b293693adb6799a35b70ac50e5389a1c1dc42e3
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
c552b0c3b45a136e4cdf6bafbb5e30a3da4c3a3814b0f4b4f7e34d40abc25892
c553ef7271334af93285181e0b891ecc964712f12d02af54ecee9c58354c71e6
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
c8963b6bd2ca8497603794bf9adcbff7a3ea55c9c3edef3d5a992405ee256a90
d1354a2752b3cbbaeea79d6696b6033889020f6c533215d26c2816f008986545
dad2def260455b923587ea5547f22039fea45d88bd8b64ef228b72a93310fe5b
db9fa30f7563e7cb0aef27eec8f3b77f84a79b52a340e1eff440afb55058d290
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ec9e5f73690e9e6f199bdb463ce1ecd83960019884fdef77d916c3a8aa14a76e
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16a935d459a3bf85554bc55742924f23066053190a78a54904b6bf3e8a0140e
f1c387c0f4d541b5f303a016362289f12bad5b99f569e93cc208939fe555ae84
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f520c5a20344d6c072d89a0da28570d671820996f1cb796100644628b67ea8db
f5eea53388d04782dcc234ed5a3bfa7c6211195d1386ba77d3ecfd4a5008975f
f715289b9d66a5ed464a6c8560e1b22e63e3ebe15ecf3fa8c2d1a066ab39336e
fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

au.dirhotels.com Open in urlscan Pro 91.196.124.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

84 Requests

100 %HTTPS

71 %IPv6

14 Domains

22 Subdomains

18 IPs

4 Countries

2347 kBTransfer

3392 kBSize

5 Cookies

3 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

au.dirhotels.com Open in urlscan Pro
91.196.124.156 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

100 %
HTTPS

71 %
IPv6

14
Domains

22
Subdomains

18
IPs

4
Countries

2347 kB
Transfer

3392 kB
Size

5
Cookies

84 HTTP transactions
2 data transactions