www.eastinhotelsresidences.com Open in urlscan Pro
2606:4700::6811:b73a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.eastinhotelsresidences.com/
Effective URL:
https://www.eastinhotelsresidences.com/
Submission: On October 17 via api (October 17th 2023, 1:20:55 am UTC) from US — Scanned from DE

Summary HTTP 81 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 19 domains to perform 81 HTTP transactions. The main IP is 2606:4700::6811:b73a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.eastinhotelsresidences.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 13th 2023. Valid for: a year.

This is the only time www.eastinhotelsresidences.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700::68... 2606:4700::6811:b83a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2606:4700::68... 2606:4700::6811:b73a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:ba3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
4	151.101.0.217 151.101.0.217	54113 (FASTLY) (FASTLY)
4	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.122.117.240 3.122.117.240	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.244.31.25 195.244.31.25	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
81	27

13 2606:4700::6811:b83a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.eastinhotelsresidences.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image-tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6811:b73a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.eastinhotelsresidences.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ba3a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.117.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-117-240.eu-central-1.compute.amazonaws.com

tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.134 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.229 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net

dynamic.travelclick-websolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	eastinhotelsresidences.com 2 redirects www.eastinhotelsresidences.com	683 KB
15	galaxy.tf cdn.galaxy.tf — Cisco Umbrella Rank: 135144 image-tc.galaxy.tf — Cisco Umbrella Rank: 103757 tc.galaxy.tf — Cisco Umbrella Rank: 181200	2 MB
9	doubleclick.net 8 redirects ad.doubleclick.net — Cisco Umbrella Rank: 173 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	3 KB
9	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3770 i.vimeocdn.com — Cisco Umbrella Rank: 3607 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3720	265 KB
8	sojern.com static.sojern.com — Cisco Umbrella Rank: 15161 beacon.sojern.com — Cisco Umbrella Rank: 6176 pixel.sojern.com — Cisco Umbrella Rank: 8495	39 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	107 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	42 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 118 fcmatch.google.com — Cisco Umbrella Rank: 4031 region1.analytics.google.com — Cisco Umbrella Rank: 2714	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	358 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	216 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 643	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	88 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 13042 www.google.de — Cisco Umbrella Rank: 6147	884 B
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2214 vimeo.com — Cisco Umbrella Rank: 2125	11 KB
1	travelclick-websolutions.com dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 141739	1 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	149 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 4036	432 B
81	19

	Domain	Requested by
18	www.eastinhotelsresidences.com	2 redirects www.eastinhotelsresidences.com www.googletagmanager.com
12	image-tc.galaxy.tf	www.eastinhotelsresidences.com
4	cm.g.doubleclick.net	4 redirects
4	ad.doubleclick.net	4 redirects
4	i.vimeocdn.com	player.vimeo.com www.eastinhotelsresidences.com f.vimeocdn.com
4	f.vimeocdn.com	player.vimeo.com
4	static.sojern.com	www.googletagmanager.com www.eastinhotelsresidences.com static.sojern.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	www.eastinhotelsresidences.com www.googletagmanager.com
3	pixel.sojern.com	static.sojern.com
3	www.gstatic.com	f.vimeocdn.com www.gstatic.com
3	fonts.googleapis.com	www.eastinhotelsresidences.com
2	www.facebook.com	static.sojern.com
2	c1.adform.net	2 redirects
2	ib.adnxs.com	2 redirects
2	connect.facebook.net	beacon.sojern.com connect.facebook.net
2	adservice.google.com	1 redirects static.sojern.com
2	tc.galaxy.tf	cdn.galaxy.tf
1	region1.google-analytics.com	www.eastinhotelsresidences.com
1	www.google.de	www.eastinhotelsresidences.com
1	stats.g.doubleclick.net	www.eastinhotelsresidences.com
1	region1.analytics.google.com	www.eastinhotelsresidences.com
1	dynamic.travelclick-websolutions.com	www.eastinhotelsresidences.com
1	vimeo.com	f.vimeocdn.com
1	match.adsrvr.org	static.sojern.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	adservice.google.de	www.eastinhotelsresidences.com
1	beacon.sojern.com	static.sojern.com
1	player.vimeo.com	www.eastinhotelsresidences.com
1	cdn.galaxy.tf	www.eastinhotelsresidences.com
81	33

This site contains links to these domains. Also see Links.

Domain
949.www.travelclick-websolutions.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
www.eastinhotelsresidences.com Cloudflare Inc ECC CA-3	`2023-03-13` - `2024-03-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.galaxy.tf Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
image-tc.galaxy.tf Cloudflare Inc ECC CA-3	`2023-05-08` - `2024-05-07`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-01-15` - `2024-02-16`	a year	crt.sh
*.galaxy.tf Amazon RSA 2048 M01	`2023-04-22` - `2024-05-20`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-09-08` - `2023-12-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-26` - `2023-10-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
*.travelclick-websolutions.com Gandi Standard SSL CA 2	`2023-07-05` - `2024-07-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.eastinhotelsresidences.com/
Frame ID: 33678423747D7FCE390465E3956245E1
Requests: 51 HTTP requests in this frame

Frame: https://player.vimeo.com/video/157257665
Frame ID: AC0693904472526BE474B0BE12D5C4E5
Requests: 14 HTTP requests in this frame

Frame: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
Frame ID: 33718D377DC22FAEC9477DEA2697A7A6
Requests: 14 HTTP requests in this frame

Frame: https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Frame ID: ED3391635C14EFF682124CE34E8FBA9B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Eastin Hotels, Resorts & Residences | Deluxe & Luxury Hotels in Asiaarrow-rightarrow-leftarrow-bottomarrow-topcalendarphonewebsitedownload-arrowfacebooktwittergoogle-plustripadvisorinstagrampauseplaycrossquote-opensunMenumailmarkerclockcheckpinterestyoutubewechatlinkedintiktokline-msgwhatsappweibogallery-videotrianglehotelhotel-airlogoutarrow-downxingpersontriangle-rulerbedfloorplangoogleuploadclosecalendarguestsearchremovehotelmap-viewlist-viewvideo-playvideo-pausezoom-magnifychain-linkalertheightdimensionsmax-capacitystarreview-usertrashtagcircle-enlargecircle-videoprinterMenuBack to top

Page URL History Show full URLs

http://www.eastinhotelsresidences.com/ HTTP 301
https://www.eastinhotelsresidences.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Page Statistics

81
Requests

91 %
HTTPS

55 %
IPv6

19
Domains

33
Subdomains

27
IPs

5
Countries

3379 kB
Transfer

7637 kB
Size

18
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://949.www.travelclick-websolutions.com/our-hotels
Title: Eastin Hotels

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EastinHotelsResidences

Search URL Search Domain Scan URL

URL: https://twitter.com/EastinHotels

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7Lfuqt34uR_hv7NR4-25bQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.eastinhotelsresidences.com/ HTTP 301
https://www.eastinhotelsresidences.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

Request Chain 38

https://ad.doubleclick.net/ddm/activity/src=9572998;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9572998;dc_pre=CPfzz6n1-4EDFQdSGQodzyYM-A;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596 HTTP 302
https://adservice.google.com/ddm/fls/p/src=9572998;dc_pre=CPfzz6n1-4EDFQdSGQodzyYM-A;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596;~oref=https://www.eastinhotelsresidences.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=9572998;dc_pre=CPfzz6n1-4EDFQdSGQodzyYM-A;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596;~oref=https://www.eastinhotelsresidences.com/

Request Chain 48

https://ad.doubleclick.net/ddm/activity/src=13483457;type=track0;cat=easti0;qty=1;cost=0;u1=s%253Dccid_ga%257Cccid_auto%257Cf_v%253Dcp_v3_js%257Cp_v%253D4%257Cversion%253D3%257Cauto_url%253Dhttps%25253A%25252F%25252Fwww.eastinhotelsresidences.com%25252F%257Cauto_ccid%253Db8nk7-ijr4w-qprbp-zrrw4-vyywb%257Cauto_ga%253D1195232472.1697505648%257Cauto_eml_count%253D1%257Cws%253D1600x1200%257Ctz%253D-120%257Chpid%253D112167%257Cpt%253DTRACKING%257Cet%253D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=112167;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=13483457;dc_pre=COe-1an1-4EDFbJVwgodPPQAXA;type=track0;cat=easti0;qty=1;cost=0;u1=s%253Dccid_ga%257Cccid_auto%257Cf_v%253Dcp_v3_js%257Cp_v%253D4%257Cversion%253D3%257Cauto_url%253Dhttps%25253A%25252F%25252Fwww.eastinhotelsresidences.com%25252F%257Cauto_ccid%253Db8nk7-ijr4w-qprbp-zrrw4-vyywb%257Cauto_ga%253D1195232472.1697505648%257Cauto_eml_count%253D1%257Cws%253D1600x1200%257Ctz%253D-120%257Chpid%253D112167%257Cpt%253DTRACKING%257Cet%253D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=112167;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=13483457;dc_pre=COe-1an1-4EDFbJVwgodPPQAXA;type=track0;cat=easti0;qty=1;cost=0;u1=s%253Dccid_ga%257Cccid_auto%257Cf_v%253Dcp_v3_js%257Cp_v%253D4%257Cversion%253D3%257Cauto_url%253Dhttps%25253A%25252F%25252Fwww.eastinhotelsresidences.com%25252F%257Cauto_ccid%253Db8nk7-ijr4w-qprbp-zrrw4-vyywb%257Cauto_ga%253D1195232472.1697505648%257Cauto_eml_count%253D1%257Cws%253D1600x1200%257Ctz%253D-120%257Chpid%253D112167%257Cpt%253DTRACKING%257Cet%253D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=112167;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=nfq0A1xMn6DM_tEBOZ34mQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-&sjrn_ula=8166203250 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=nfq0A1xMn6DM_tEBOZ34mQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-&sjrn_ula=8166203250&google_tc= HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-&sjrn_ula=8166203250&google_gid=CAESENPPIFAD-X9rBzTbeeg-xUM&google_cver=1

Request Chain 50

https://cm.g.doubleclick.net/pixel?google_hm=nfq0A1xMn6DM_tEBOZ34mQ&google_nid=sojern_adh HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=nfq0A1xMn6DM_tEBOZ34mQ&google_nid=sojern_adh&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoq_jTzH4LdQvAWSDv4PVm9ta_oVnxzqOE4j9Cq-mlDsBQ45eJdVMJSXCAuceAgyWMWKdIPjOG72o9wBXNYKHm_q3oHvryvHGN7QIi5Z0RZ9xh-ZGn4 HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq_jTzH4LdQvAWSDv4PVm9ta_oVnxzqOE4j9Cq-mlDsBQ45eJdVMJSXCAuceAgyWMWKdIPjOG72o9wBXNYKHm_q3oHvryvHGN7QIi5Z0RZ9xh-ZGn4

Request Chain 51

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue- HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DpseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue- HTTP 302
https://pixel.sojern.com/idsync/apn?id=5801066619911826679&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-

Request Chain 53

https://c1.adform.net/serving/cookie/match?cid=9dfab403-5c4c-9fa0-ccfe-d101399df899&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=9dfab403-5c4c-9fa0-ccfe-d101399df899&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=1740433271273709500&cid=9dfab403-5c4c-9fa0-ccfe-d101399df899

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.eastinhotelsresidences.com/
Redirect Chain

http://www.eastinhotelsresidences.com/
https://www.eastinhotelsresidences.com/

79 KB
18 KB

234ms
210ms

Document
text/html

2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24c7ebfc4fd98e7c9fa40f28f006855d62f689e5d2fde172b761151a24fee02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8174b8968f7992b4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 01:20:47 GMT
last-modified: Sun, 15 Oct 2023 01:27:52 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-cf-id: vhZp2tyCsrAtK9SNYtClFzp-T_shYN0CAPInXvJ653nVlcQ7yWZStQ==
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 8174b89648e018c5-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 17 Oct 2023 01:20:47 GMT
Expires: Tue, 17 Oct 2023 02:20:47 GMT
Location: https://www.eastinhotelsresidences.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
876 B 54ms
19ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

598dac89694017d12e812bdae67530962525b21b3d29f0c6cb54d64279476e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 01:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 01:20:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 01:20:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
899 B 53ms
18ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3333a2035912d27f9f31d7ef4d7a59aab880a4a89fa54a729dcdf1bc8bcdb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 01:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 01:20:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 01:20:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
736 B 53ms
19ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fd6673c422424e4269957d703f7552aeebed142390e9c3720fd6770a2ec7d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 01:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 01:20:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 01:20:47 GMT

GET
H2 200 main.css
www.eastinhotelsresidences.com/css/custom/919/1/main/6810a260adca17fc911bb9aac09043ad/ 745 KB
103 KB 265ms
254ms Stylesheet
text/css 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/css/custom/919/1/main/6810a260adca17fc911bb9aac09043ad/main.css

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ae404f16f1fc796b50674d5dc4cbaa0ea9275f5a7887ed970be08328e3e23b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Oct 2023 01:28:03 GMT
server: cloudflare
etag: W/"4e26a4430462bdae54e122c7f95215ee"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
cf-ray: 8174b898281792b4-FRA
x-amz-cf-id: 6uGSajkTJPJBI-LOhPIRTJcGEHc8lPRn1uHcTQpZ1XPfanhy18ig9w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 281 KB
86 KB 53ms
29ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2f07355716cf20181604a763e041a2738f37e622573f2d7db31f8e1a4b9f9a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87825
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 Oct 2023 01:20:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 347 KB
103 KB 68ms
44ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NX23PZH

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

556dc7db7791961b86a7d00072cbc77158e56e36828968a05be62c5d23882047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105077
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 Oct 2023 01:20:47 GMT

GET
H3 200 svg-icons.svg
www.eastinhotelsresidences.com/integration/tc-theme/public/svg/ 61 KB
19 KB 153ms
153ms Image
image/svg+xml 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/svg/svg-icons.svg

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0396b324dadb72495db1da038132f4c3b07bb1412ba55525349963c9285bc251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Sep 2023 10:23:09 GMT
server: cloudflare
etag: W/"96cd63c6bf3583f2d0af06fc988fc564"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 8174b89a0eac1e5a-FRA
x-amz-cf-id: 0MLg9pOHC2VD2d1gdYBpZlONgGyCC4uo9OEzBD_9Akq0aTRSDgKPiw==

GET
H3 200 cookieconsent.min.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/vendor/ 19 KB
7 KB 160ms
160ms Script
application/javascript 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/vendor/cookieconsent.min.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Dec 2022 08:58:51 GMT
server: cloudflare
etag: W/"f2bc0804920974cdb94feca2936b668c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 8174b89a0eae1e5a-FRA
x-amz-cf-id: dalhfmcjkY_jVQkJDryXKZtQ3tpeaTzClSq3pG1o1POYpdA9YlN3PA==

GET
H2 200 gms-latest.min.js Show response
cdn.galaxy.tf/asset-galaxy/js/ 149 KB
46 KB 397ms
367ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v6cdf91f55f466c045fe390a6829b5a23

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43549841a01a031072533d3431295109f296c65253c61aa54a3a460800f49e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
strict-transport-security: max-age=15768000
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 15:34:17 GMT
server: cloudflare
etag: W/"253fd-607728e6ffe83-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8174b89a39d718f5-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Oct 2023 01:20:47 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastinhotelsresidences.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 420070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 04:39:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX23PZH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Oct 2023 23:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5465
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 17 Oct 2023 01:49:42 GMT

GET
H3 404 undefined
www.eastinhotelsresidences.com/ 0
0 576ms
575ms Script
text/html 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/undefined

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX23PZH

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 8174b89aef3a1e5a-FRA
x-amz-cf-id: keIsGtVK-nA-g0VOPIVBx9rpI1G-rTU99sw68UWfunx32zbQNlonjA==

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ 6 KB
6 KB 61ms
8ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX23PZH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 573df05aa08d415383b527f34ba575f6d58ba0fef033b6da852ce2327f04b0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:15:38 GMT
age: 309
x-guploader-uploadid: ABPtcPrufYj7NzRM-XDXLVPTEU_RkV5mHStoLdX1z8umyjJlruIU9Ts2pzYuDezMQwzj2_xNExA5-P62beiur2IxrorODQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6138
last-modified: Fri, 09 Jun 2023 10:52:22 GMT
server: UploadServer
etag: "b0e6a30a07bca6d9e5f647a711382aec"
x-goog-generation: 1686307942516200
x-goog-hash: crc32c=ueAaFw==, md5=sOajCge8ptnl9kenETgq7A==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 6138
accept-ranges: bytes
expires: Tue, 17 Oct 2023 02:15:38 GMT

GET
H3 200 main.bundle.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/shared-gms-v2/js/ 207 KB
66 KB 177ms
177ms Script
application/javascript 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v6cdf91f55f466c045fe390a6829b5a23

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be40a25502750fcea8a3c3a7b05053eed840ba2006cff3135d4889c06a7826e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jul 2023 04:12:17 GMT
server: cloudflare
etag: W/"98b3d5ea0bf694fa252e148078e5e6f2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 8174b89d38531e5a-FRA
x-amz-cf-id: 5qSrqHzHD_YuuTpwxOWC96FR2xakB9PjWenTD74WMXPZn9caW60DkQ==

GET
H/1.1 200
OK 157257665 Show response
player.vimeo.com/video/ Frame AC06 25 KB
10 KB 364ms
301ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/157257665

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed725477658d590a46e4ba750d0d49325fe122fd80c8dc8a86c126ed375d579c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eastinhotelsresidences.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 8174b89dad5e39e0-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 Oct 2023 01:20:48 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230054-FRA
X-Timer: S1697505648.276105,VS0,VE278
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-865856c8f7-hwpdh
x-content-type-options: nosniff
x-host: player-backend-865856c8f7-hwpdh
x-player-backend: g
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1562743639-5d2593572fde2-thumb.jpg
image-tc.galaxy.tf/wijpeg-9t0hz0lkql81qhv7ulwq7u98w/ 29 KB
30 KB 748ms
714ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-9t0hz0lkql81qhv7ulwq7u98w/1562743639-5d2593572fde2-thumb.jpg?width=560

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f51a9d161ee058e4ea25c31ef3b1d7ad3de51cdf961286c3c0c8067605f59dc4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
x-amz-version-id: JLCcUhTTJo3GYk9Uy_ohUGfq2bYodMfy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 30104
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Dec 2021 03:44:00 GMT
server: cloudflare
etag: "577d2cd614cd40a763d6bc3c8bf220a2"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b89d7d6e92c9-FRA
x-amz-cf-id: 4fGc7vacOO2q57z_EMFKhIZCNnwLRPoANunf4nmNvzwq1-cVdFZefw==

GET
H2 200 one-bed-room-suite-18.jpg
image-tc.galaxy.tf/wijpeg-6jv5nqlw3aaekxp8f0w3b7k69/ 36 KB
37 KB 514ms
480ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-6jv5nqlw3aaekxp8f0w3b7k69/one-bed-room-suite-18.jpg?width=560

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cac7b96ee4613e4181c1c60478189c5b47667e30fffadea2e23fdc4d88e25c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
x-amz-version-id: yMebH.tUoEe6c4BMoRWnzOxXKqZ0gnZR
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 36834
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Apr 2023 04:43:41 GMT
server: cloudflare
etag: "489fcc58b605c91fe942c59bafa41392"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b89d7d6f92c9-FRA
x-amz-cf-id: 3SSNoFz-3HayvSNyxYwDBZ-JrdjEa8GR3mcA3w1CWwcK8DCQ_QlMmg==

GET
H2 200 bedroom-5772286-1920.jpg
image-tc.galaxy.tf/wijpeg-a5rn1j4b7j7qmnxwlmf4x9mri/ 27 KB
27 KB 713ms
679ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-a5rn1j4b7j7qmnxwlmf4x9mri/bedroom-5772286-1920.jpg?width=560

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

326f3659de1153f0d59c9258fdd63b7dfd6dd26f2c9c3e9adc4b87f71b122a7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
x-amz-version-id: p3ZbulCSb8GNz76hT6XB_agsFBjsB.dz
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 27728
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Apr 2023 04:43:41 GMT
server: cloudflare
etag: "fe1d77173af456bf40699cc0d0301d84"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b89d7d7092c9-FRA
x-amz-cf-id: LbjpnG3GLCzac6x6hwKi8_PoQDi5WIKx-VrkkkukGHxsdXljAEroQQ==

GET
H3 200 galaxy-helpers.js Show response
www.eastinhotelsresidences.com/frontend/galaxy-helpers/public/ 56 KB
21 KB 111ms
110ms Script
application/javascript 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-fe1f7349-11dd-4c02-81c7-9f05a1cabde5

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1af5c26a6ca0cf6e1efcd25d203b5d1b890d8d2756d58ca0cfdfafa2f488576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Nov 2022 04:21:43 GMT
server: cloudflare
etag: W/"ef1febd8b777272d6178f74661f8347e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 8174b89d48591e5a-FRA
x-amz-cf-id: ibEg4gBEaclvCIsZy04Eus1i9HEg54lWDnpbdRgJJJTwwPVD1E-O9w==

GET
H2 200 test3.jpg
image-tc.galaxy.tf/wijpeg-3df7u6b8ey4zwwab0ky95hlws/ 95 KB
95 KB 578ms
545ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-3df7u6b8ey4zwwab0ky95hlws/test3.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f2994b539b61ad8fb2ee93fcea05f65ef512e3367d70396e28f1019f22c64e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
x-amz-version-id: 6wOHPEUi1dpWqTbtSkzuGBnhGwo5B0Bp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 97213
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 05:27:38 GMT
server: cloudflare
etag: "7c7d7762eaa0bd61d0dad608e97eb7ad"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b89d7d6d92c9-FRA
x-amz-cf-id: ZFcLH4Op7WtWakFi5Ch-Z_R2udTLUDySNifQ69WbZ_ohfK-70gn0Xg==

GET
H2 200 ehr2.jpg
image-tc.galaxy.tf/wijpeg-sj59cbw0l2al26nr0uum79jl/ 68 KB
69 KB 608ms
576ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-sj59cbw0l2al26nr0uum79jl/ehr2.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2464b3f797065f1654a41a4eaae7083e9b492125fd7632abf40ad96eda5b3899

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
x-amz-version-id: fKoz74X5iXJUoR5vQeuXBOQco.bo5HZO
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 69961
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 05:27:38 GMT
server: cloudflare
etag: "b1f43fd7bbe91caef767c99b75f832a7"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b89d7d6b92c9-FRA
x-amz-cf-id: 4mof9LLZGX_raOah-QVPhWZyg9ef0Tj2zYavJBD6tcYDvjYe9QWBlw==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastinhotelsresidences.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:37:30 GMT
x-content-type-options: nosniff
age: 423798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 03:37:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastinhotelsresidences.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 378477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 16:12:51 GMT

GET
H3 200 bundle.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/ 1 MB
386 KB 191ms
191ms Script
application/javascript 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?v6cdf91f55f466c045fe390a6829b5a23

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c7d025836da3da42ced1490c2f17501af9f539655e2d000fac1eaf1584e9f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Oct 2023 10:46:23 GMT
server: cloudflare
etag: W/"e60f34748d6cc63129badccce92bf927"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 8174b89e18c11e5a-FRA
x-amz-cf-id: nWdWLg3GBm55b45PtEZC9CNhb-etMSvyFFcL4hBIRqjgn66rvnMrig==

GET
H2 200 43.html Show response
static.sojern.com/cip/c/ Frame 3371 7 KB
8 KB 152ms
151ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a90e21ca39b126b23712ff533fa8164e82d0c69bb9e666111a98e00d659f84cf

Request headers

Referer: https://www.eastinhotelsresidences.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 7400
content-type: text/html
date: Tue, 17 Oct 2023 01:20:48 GMT
etag: "29b3ae6256471e6a026df08a465ca124"
expires: Tue, 17 Oct 2023 02:20:48 GMT
last-modified: Wed, 13 Sep 2023 07:42:31 GMT
server: UploadServer
x-goog-generation: 1694590951925972
x-goog-hash: crc32c=Zup2ZA== md5=KbOuYlZHHmoCbfCKRlyhJA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7400
x-guploader-uploadid: ADPycduVHhIgSUKVfsivrpNxLjxLVeu_CMyL_ydSLs9W_M9l5Pm3WSrkutes6LX1j92o5H_fXl4IbxxoBMFsZ5B-y10F24CfvhL0

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.25.13/js/ Frame AC06 544 KB
131 KB 56ms
8ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.13/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/157257665
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7eb76bba7810cf6bee51e9eeb8213bc6b3b250c894679ac00bbfc0dcf9c37105

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200081-IAD, cache-fra-eddf8230059-FRA
date: Tue, 17 Oct 2023 01:20:48 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 383317
x-timer: S1697505649.621591,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 134477
x-cache-hits: 13, 121486

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.25.13/js/ Frame AC06 412 KB
100 KB 55ms
7ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.13/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/157257665
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05303c42d42f9e06694dac47b2d5245ee87f20c17d0de251a86257f62fbfe12f

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100138-IAD, cache-fra-eddf8230059-FRA
date: Tue, 17 Oct 2023 01:20:48 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 383317
x-timer: S1697505649.621591,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101618
x-cache-hits: 14, 136503

GET
H2 200 player.css
f.vimeocdn.com/p/4.25.13/css/ Frame AC06 214 KB
22 KB 56ms
7ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.13/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/157257665
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf52612476fe1f5a6e317433c8661fe892bcd3c3d669fb0cc0d497af6f67a608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000044-IAD, cache-fra-eddf8230030-FRA
date: Tue, 17 Oct 2023 01:20:48 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 383317
x-timer: S1697505649.621337,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 22343
x-cache-hits: 12, 144478

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame 3371 18 KB
18 KB 8ms
8ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 00:44:51 GMT
age: 2157
x-guploader-uploadid: ABPtcPoHr-UkIyihPQKW80He3KqhwrNc0_tpc4rOcD1whM0MAwpw2g6ze6KTmWCtKDzvNcTq8fXSiPO21JcouSeRBkjqfV9IDH3W
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Tue, 17 Oct 2023 01:44:51 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame 3371 4 KB
4 KB 10ms
9ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 00:56:59 GMT
age: 1429
x-guploader-uploadid: ADPycdsT76yiJyx79TCaUcTCGSxhwhvROrfvLDoplH8BthhRs5OlTc0Stub-O2dNsGaxlZ0pKS8Xi4NAz6zL_HtCZFS9nXQd2BlJ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4219
last-modified: Wed, 26 Apr 2023 13:18:45 GMT
server: UploadServer
etag: "c4ca3af5c34884e0dfd4291b07f65037"
x-goog-generation: 1682515125984075
x-goog-hash: crc32c=eNqgAQ==, md5=xMo69cNIhODf1CkbB/ZQNw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4219
accept-ranges: bytes
expires: Tue, 17 Oct 2023 01:56:59 GMT

GET
H2 200 928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d
i.vimeocdn.com/video/ Frame AC06 592 B
1001 B 44ms
8ms Image
image/avif 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/157257665
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7bbec4ab7d0bdbbff26c6f604124eb718decf354ade84675996a182b7b3e590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2287569
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 592
viewmaster-server: viewmaster-us-central1-w76n
x-served-by: cache-dfw-kdfw8210090-DFW, cache-fra-etou8220043-FRA
x-timer: S1697505649.623564,VS0,VE1
etag: 99255d73ca55383f5d503a7830a5384b
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 57, 1

GET
H3 200 7334-38dae3079e129b2fcea4.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/ 5 KB
2 KB 96ms
96ms Script
application/javascript 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/7334-38dae3079e129b2fcea4.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?v6cdf91f55f466c045fe390a6829b5a23

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5843509cb5d8c6a299a23ecf46ceb93b74f071c9b3d4dab42a38b544ff494fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Oct 2023 10:46:25 GMT
server: cloudflare
etag: W/"f4d4f6b68394b39e00f7bdf65c380355"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 8174b8a009d91e5a-FRA
x-amz-cf-id: CMzkuErfXK1Ce0FLEuNtQfF4ngV_Mh87Eh5nxGJciesSK4nhMPgZig==

GET
H3 200 svg-icons.svg Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/svg/ 61 KB
19 KB 93ms
92ms XHR
image/svg+xml 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/svg/svg-icons.svg

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?v6cdf91f55f466c045fe390a6829b5a23

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0396b324dadb72495db1da038132f4c3b07bb1412ba55525349963c9285bc251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Sep 2023 10:23:09 GMT
server: cloudflare
etag: W/"96cd63c6bf3583f2d0af06fc988fc564"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 8174b8a039e91e5a-FRA
x-amz-cf-id: qzpwJ124VOMgf7oIClwOkk6gopCsaC0SfY0DfIhk4r0R8yCA17KSTQ==

GET
H2 200 43 Show response
beacon.sojern.com/pixel/cp/ Frame 3371 6 KB
2 KB 68ms
19ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/43?f_v=cp_v3_js&p_v=4&f_v=cp_v3_js&cid=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D3%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%7Cauto_ccid%3Db8nk7-ijr4w-qprbp-zrrw4-vyywb%7Cauto_ga%3D1195232472.1697505648%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-120%7Chpid%3D112167%7Cpt%3DTRACKING%7Cet%3D&p_v=4&version=3&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=&domain=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&s=ccid_ga%7Cccid_auto&ccid=1195232472.1697505648%7Cb8nk7-ijr4w-qprbp-zrrw4-vyywb
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 9dafefa72e0d50293394e828cecce0e615e30b9420e9a1d8b1b1f6ca3f8057c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1377

OPTIONS
H2 204 gms
tc.galaxy.tf/token/oauth2/ Frame 0
0 81ms
9ms Preflight 3.122.117.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tc.galaxy.tf/token/oauth2/gms
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.117.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-117-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-galaxy-key
Access-Control-Request-Method: GET
Origin: https://www.eastinhotelsresidences.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-galaxy-key,x-referer-override
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT
access-control-allow-origin: *
apigw-requestid: M7Aprg4pFiAEJ8g=
date: Tue, 17 Oct 2023 01:20:48 GMT

GET
H2 200 gms Show response
tc.galaxy.tf/token/oauth2/ 734 B
755 B 38ms
37ms XHR
application/json 3.122.117.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tc.galaxy.tf/token/oauth2/gms
Requested by: Host: cdn.galaxy.tf
URL: https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v6cdf91f55f466c045fe390a6829b5a23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.117.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-117-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f092748fe2abcd3ca1753fa3ba1320cbbdf229154afdb8d716bf0467dd099c34

Request headers

Referer: https://www.eastinhotelsresidences.com/
X-Galaxy-Key: da2302ffd81a1fd83deedf8321e53bbf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 17 Oct 2023 01:20:48 GMT
content-encoding: gzip
content-length: 592
apigw-requestid: M7Aprh2pFiAEPZA=, M7Aprg3eliAEJ0A=
content-type: application/json

GET
H3

200

main.js Show response
www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/ Frame ED33
Redirect Chain

https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

7 KB
3 KB

13ms
13ms

Script
application/javascript

2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81fe8a31a97089b426e33a36cd66cd0e21c416e6a5d6d4230fe96e03f77f7a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8174b8a11a611e5a-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 17 Oct 2023 01:20:48 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8174b8a09a1c1e5a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

/
adservice.google.de/ddm/fls/p/src=9572998;dc_pre=CPfzz6n1-4EDFQdSGQodzyYM-A;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596;~oref=https...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9572998;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596?
https://ad.doubleclick.net/ddm/activity/src=9572998;dc_pre=CPfzz6n1-4EDFQdSGQodzyYM-A;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596?
https://adservice.google.com/ddm/fls/p/src=9572998;dc_pre=CPfzz6n1-4EDFQdSGQodzyYM-A;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596;~o...
https://adservice.google.de/ddm/fls/p/src=9572998;dc_pre=CPfzz6n1-4EDFQdSGQodzyYM-A;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596;~or...

42 B
476 B

136ms
49ms

Image
image/gif

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=9572998;dc_pre=CPfzz6n1-4EDFQdSGQodzyYM-A;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596;~oref=https://www.eastinhotelsresidences.com/

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://adservice.google.de/ddm/fls/p/src=9572998;dc_pre=CPfzz6n1-4EDFQdSGQodzyYM-A;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3122505991003.0596;~oref=https://www.eastinhotelsresidences.com/
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7269-aae6ece68262238dd2fd.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/ 70 KB
26 KB 99ms
98ms Script
application/javascript 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/7269-aae6ece68262238dd2fd.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?v6cdf91f55f466c045fe390a6829b5a23

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b44450a7f4268f42a98ccc3eb1831145224e681830b49637183a0c71a51011f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Oct 2023 10:46:32 GMT
server: cloudflare
etag: W/"c88de4f9cbec28fcd4c1102dbcae5cf3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 8174b8a0ba2b1e5a-FRA
x-amz-cf-id: FKxs5KYV3zpj3UKLpynleUkhv4XxybeOg5Wm_kevGzBEFxp070vlPQ==

GET
H3 200 2082-6dd85f61eca3de9e5fbe.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/ 26 KB
7 KB 232ms
231ms Script
application/javascript 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/2082-6dd85f61eca3de9e5fbe.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?v6cdf91f55f466c045fe390a6829b5a23

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

449dae8ba4c079a51412a1aabfdfa88472c80e7c7c5fb2ac077f7bed6a66a77a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Oct 2023 10:46:17 GMT
server: cloudflare
etag: W/"94abe0dfdc89c8a18bd238d5d0f3da91"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 8174b8a0ba2d1e5a-FRA
x-amz-cf-id: hU2fvAw8Z8WS1mNpFts3y6i4_Zz0856Bw0VIcI89BrzQPcu8C3UD5A==

GET
H3 200 header-one-8a1a57a50a769fbb1673.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/ 7 KB
3 KB 94ms
94ms Script
application/javascript 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/header-one-8a1a57a50a769fbb1673.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?v6cdf91f55f466c045fe390a6829b5a23

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09e64c9b9e3167a0320784905257b2b6b61607bf35091526d098d2840899fa63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Oct 2023 10:46:27 GMT
server: cloudflare
etag: W/"0d1181c8a105e2f5be2a2e1f98de4b71"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 8174b8a0ba2e1e5a-FRA
x-amz-cf-id: rnUB-wa5BsZBxXtjqxn-Rztl7sVv8yry7qBx7GVwWZ1zUM_-sDNP5w==

GET
H2 200 one-bed-room-suite-7.jpg
image-tc.galaxy.tf/wijpeg-blnfm9y0b6lpnebq2tfmgx2oo/ 269 KB
270 KB 659ms
658ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-blnfm9y0b6lpnebq2tfmgx2oo/one-bed-room-suite-7.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9b535e5bbdb29b0f17910af51dd9fb3f853891092c93c4594b4f52c2edc8fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:49 GMT
x-amz-version-id: H3VphO5xmPdMlTYEl57bI6FWNM..mVVk
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 275533
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 09:02:02 GMT
server: cloudflare
etag: "60fc492b267d7266d9a12b97dafbbd58"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b8a11f5792c9-FRA
x-amz-cf-id: AmH_4OoY9krP9lptCE3A6gaqMIBzGZfOFCetE00SinKKhdYUshCv3g==

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame AC06 2 KB
1 KB 7ms
7ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/157257665
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230030-FRA
date: Tue, 17 Oct 2023 01:20:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2061262
x-timer: S1697505649.860034,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 38, 531068

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame AC06 4 KB
2 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.25.13/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 01:20:48 GMT

GET
H2 200 928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d
i.vimeocdn.com/video/ Frame AC06 4 KB
5 KB 11ms
11ms Image
image/avif 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d?mw=900&mh=506
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 76970459413c2c9d2ef46a4a9ebb9e9d8fff2674c747904e64cbafa1e4e611e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2214639
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 4530
viewmaster-server: viewmaster-us-central1-hk4m
x-served-by: cache-dfw-kdfw8210094-DFW, cache-fra-etou8220043-FRA
x-timer: S1697505649.902987,VS0,VE2
etag: f7c39357b151715634b7b2219878c3b7
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 45, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame AC06 0
142 B 138ms
110ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=a5dde26229c4cffe6a74a37a94ea67d4a9d1511f1697505648
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.25.13/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 17 Oct 2023 01:20:48 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 3371 198 KB
53 KB 47ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/cp/43?f_v=cp_v3_js&p_v=4&f_v=cp_v3_js&cid=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D3%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%7Cauto_ccid%3Db8nk7-ijr4w-qprbp-zrrw4-vyywb%7Cauto_ga%3D1195232472.1697505648%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-120%7Chpid%3D112167%7Cpt%3DTRACKING%7Cet%3D&p_v=4&version=3&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=&domain=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&s=ccid_ga%7Cccid_auto&ccid=1195232472.1697505648%7Cb8nk7-ijr4w-qprbp-zrrw4-vyywb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 17 Oct 2023 01:20:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: imjQYiBJ1rwxzAlDOwUX+W4Yx+vNqzFVV3jyzK6nz9PC5uZGMjmCUHDE1eDIaO/b/8iCMORwg7feVrR0LmXhaQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

src=13483457;dc_pre=COe-1an1-4EDFbJVwgodPPQAXA;type=track0;cat=easti0;qty=1;cost=0;u1=s%253Dccid_ga%257Cccid_auto%257Cf_v%253Dcp_v3_js%257Cp_v%253D4%257Cversion%253D3%257Cauto_url%253Dhttps%25253A%...
adservice.google.com/ddm/fls/z/ Frame 3371
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=13483457;type=track0;cat=easti0;qty=1;cost=0;u1=s%253Dccid_ga%257Cccid_auto%257Cf_v%253Dcp_v3_js%257Cp_v%253D4%257Cversion%253D3%257Cauto_url%253Dhttps%2...
https://ad.doubleclick.net/ddm/activity/src=13483457;dc_pre=COe-1an1-4EDFbJVwgodPPQAXA;type=track0;cat=easti0;qty=1;cost=0;u1=s%253Dccid_ga%257Cccid_auto%257Cf_v%253Dcp_v3_js%257Cp_v%253D4%257Cvers...
https://adservice.google.com/ddm/fls/z/src=13483457;dc_pre=COe-1an1-4EDFbJVwgodPPQAXA;type=track0;cat=easti0;qty=1;cost=0;u1=s%253Dccid_ga%257Cccid_auto%257Cf_v%253Dcp_v3_js%257Cp_v%253D4%257Cversi...

42 B
118 B

75ms
75ms

Image
image/gif

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=13483457;dc_pre=COe-1an1-4EDFbJVwgodPPQAXA;type=track0;cat=easti0;qty=1;cost=0;u1=s%253Dccid_ga%257Cccid_auto%257Cf_v%253Dcp_v3_js%257Cp_v%253D4%257Cversion%253D3%257Cauto_url%253Dhttps%25253A%25252F%25252Fwww.eastinhotelsresidences.com%25252F%257Cauto_ccid%253Db8nk7-ijr4w-qprbp-zrrw4-vyywb%257Cauto_ga%253D1195232472.1697505648%257Cauto_eml_count%253D1%257Cws%253D1600x1200%257Ctz%253D-120%257Chpid%253D112167%257Cpt%253DTRACKING%257Cet%253D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=112167;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=13483457;dc_pre=COe-1an1-4EDFbJVwgodPPQAXA;type=track0;cat=easti0;qty=1;cost=0;u1=s%253Dccid_ga%257Cccid_auto%257Cf_v%253Dcp_v3_js%257Cp_v%253D4%257Cversion%253D3%257Cauto_url%253Dhttps%25253A%25252F%25252Fwww.eastinhotelsresidences.com%25252F%257Cauto_ccid%253Db8nk7-ijr4w-qprbp-zrrw4-vyywb%257Cauto_ga%253D1195232472.1697505648%257Cauto_eml_count%253D1%257Cws%253D1600x1200%257Ctz%253D-120%257Chpid%253D112167%257Cpt%253DTRACKING%257Cet%253D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=112167;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 3371
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=nfq0A1xMn6DM_tEBOZ34mQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl7...
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=nfq0A1xMn6DM_tEBOZ34mQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl7...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-&sjrn_ula=8166203250&google_gid=CAESENPPIFAD-X9rBzTbeeg-xUM&google_cver=1

42 B
283 B

25ms
19ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-&sjrn_ula=8166203250&google_gid=CAESENPPIFAD-X9rBzTbeeg-xUM&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 17 Oct 2023 01:20:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-&sjrn_ula=8166203250&google_gid=CAESENPPIFAD-X9rBzTbeeg-xUM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 3371
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=nfq0A1xMn6DM_tEBOZ34mQ&google_nid=sojern_adh
https://cm.g.doubleclick.net/pixel?google_hm=nfq0A1xMn6DM_tEBOZ34mQ&google_nid=sojern_adh&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDoq_jTzH4LdQvAWSDv4PVm9ta_oVnxzqOE4j9Cq-mlDsBQ45eJdVMJSXCAuceAgyWMWKdIPjOG72o9wBXNYKHm_q3oHvryvHGN7QIi5Z0RZ9xh-ZGn4
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq_jTzH4LdQvAWSDv4PVm9ta_oVnxzqOE4j9Cq-mlDsBQ45eJdVMJSXCAuceAgyWMWKdIPjOG72o9wBXNYKHm_q3oHvryvHGN7QIi5Z0RZ9xh-ZGn4

170 B
432 B

137ms
71ms

Image
image/png

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq_jTzH4LdQvAWSDv4PVm9ta_oVnxzqOE4j9Cq-mlDsBQ45eJdVMJSXCAuceAgyWMWKdIPjOG72o9wBXNYKHm_q3oHvryvHGN7QIi5Z0RZ9xh-ZGn4

Requested by

Protocol

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq_jTzH4LdQvAWSDv4PVm9ta_oVnxzqOE4j9Cq-mlDsBQ45eJdVMJSXCAuceAgyWMWKdIPjOG72o9wBXNYKHm_q3oHvryvHGN7QIi5Z0RZ9xh-ZGn4
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame 3371
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DpseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-
https://pixel.sojern.com/idsync/apn?id=5801066619911826679&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-

42 B
264 B

28ms
20ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=5801066619911826679&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 17 Oct 2023 01:20:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
an-x-request-uuid: 4118e0b6-951e-471e-87cd-5570d5d6c183
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=5801066619911826679&sjrn_id=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-
x-proxy-origin: 81.95.5.42; 81.95.5.42; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3371 70 B
149 B 103ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=pseZ8SBtXNA-WGmB7-Ek6todJxb-UpMMfDHEYSSdkObHkAq9pl72giqnAtgY2ue-&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:48 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

202

adf
pixel.sojern.com/idsync/ Frame 3371
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=9dfab403-5c4c-9fa0-ccfe-d101399df899&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=9dfab403-5c4c-9fa0-ccfe-d101399df899&party=1296
https://pixel.sojern.com/idsync/adf?adfid=1740433271273709500&cid=9dfab403-5c4c-9fa0-ccfe-d101399df899

0
208 B

21ms
20ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=1740433271273709500&cid=9dfab403-5c4c-9fa0-ccfe-d101399df899
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=3&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=b8nk7-ijr4w-qprbp-zrrw4-vyywb&auto_ga=1195232472.1697505648&e_eml=null&auto_eml=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_count=1&auto_eml_domain=949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&auto_eml_list=O2PS466O2P23Q6804OS66S665OQ4RQPP%40949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ&ws=1600x1200&tz=-120&hpid=112167&pt=TRACKING&et=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=1740433271273709500&cid=9dfab403-5c4c-9fa0-ccfe-d101399df899
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

POST
H3 200 8174b8968f7992b4 Show response
www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame ED33 0
284 B 30ms
25ms XHR
text/plain 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/b/jsd/r/8174b8968f7992b4
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Oct 2023 01:20:49 GMT
content-encoding: br
server: cloudflare
cf-ray: 8174b8a2bb191e5a-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame AC06 0
925 B 234ms
197ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=a5dde26229c4cffe6a74a37a94ea67d4a9d1511f1697505648

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: Mon, 16 Oct 2023 13:20:49 GMT
Date: Tue, 17 Oct 2023 01:20:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200079-IAD, cache-fra-eddf8230076-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1697505649.128943,VS0,VE177
x-backend-proxy: webproxy14
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-95987747f-qshfw
Accept-Ranges: bytes
CF-RAY: 8174b8a2fb4c5d63-FRA
X-Cache-Hits: 0, 0

GET
H2 200 928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d
i.vimeocdn.com/video/ Frame AC06 4 KB
5 KB 8ms
7ms Image
image/avif 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d?mw=900&mh=506
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 76970459413c2c9d2ef46a4a9ebb9e9d8fff2674c747904e64cbafa1e4e611e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:49 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2214639
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 4530
viewmaster-server: viewmaster-us-central1-hk4m
x-served-by: cache-dfw-kdfw8210094-DFW, cache-fra-etou8220043-FRA
x-timer: S1697505649.172373,VS0,VE0
etag: f7c39357b151715634b7b2219878c3b7
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 45, 2

GET
H2 200 928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d
i.vimeocdn.com/video/ Frame AC06 592 B
669 B 7ms
7ms Image
image/avif 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d?mw=80&q=85
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.25.13/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7bbec4ab7d0bdbbff26c6f604124eb718decf354ade84675996a182b7b3e590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:49 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2287570
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 592
viewmaster-server: viewmaster-us-central1-w76n
x-served-by: cache-dfw-kdfw8210090-DFW, cache-fra-etou8220043-FRA
x-timer: S1697505649.203795,VS0,VE0
etag: 99255d73ca55383f5d503a7830a5384b
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 57, 2

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame AC06 35 KB
12 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Tue, 17 Oct 2023 01:20:49 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/118/ Frame AC06 50 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/118/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 15:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14707
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 15:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 17 Oct 2023 15:57:06 GMT

GET
H2 200 777941750775110 Show response
connect.facebook.net/signals/config/ Frame 3371 132 KB
34 KB 73ms
72ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/777941750775110?v=2.9.134&r=stable&domain=www.eastinhotelsresidences.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24713668394b23b2da61647e7fea9df165a521a19e148119d1ab99275647016a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 17 Oct 2023 01:20:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: JeRY0GsgjvSGyXODT2D/TlK6XI+hEIAOM6PWcYuW7gpTNBHhbDR2/2LhL6eaOm4e5kkqgSM0LcnYZx37qxnxuA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 logo-mobile.png
image-tc.galaxy.tf/wipng-b4sotz3pgkmtdyyym35ds08c2/ 3 KB
4 KB 505ms
505ms Image
image/png 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-b4sotz3pgkmtdyyym35ds08c2/logo-mobile.png?width=500

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc75b7b203cb5e92d83655298e99f4fd5acb30159dce2adb2ed96688de5950fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:49 GMT
x-amz-version-id: .25exx9KApW5h0aVzcgGe34Tk7hex03c
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 3557
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Oct 2021 03:56:42 GMT
server: cloudflare
etag: "c927c63d311fbd34a52e770a15627d4c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b8a3eea1049f-FRA
x-amz-cf-id: IgfnYwNivlqNOHAKQBuw9bjeU6wlnE8oAy0p0XKChNJOGRGix-1rrw==

POST
H/1.1 200
OK 919 Show response
dynamic.travelclick-websolutions.com/view/ 2 KB
1 KB 627ms
380ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/view/919

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?v6cdf91f55f466c045fe390a6829b5a23

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

c6ba2f5e49fa3c55b3087760efd8e606f23618b0d0a43d2ea4f13692e537d62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.eastinhotelsresidences.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 17 Oct 2023 01:20:49 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-03
Content-Length: 737
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastinhotelsresidences.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 21:18:33 GMT
x-content-type-options: nosniff
age: 187336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 21:18:33 GMT

GET
H3 200 chunk-tc-GMS-2dfc9597184b46f4ed71.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/ 4 KB
2 KB 234ms
233ms Script
application/javascript 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/chunk-tc-GMS-2dfc9597184b46f4ed71.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?v6cdf91f55f466c045fe390a6829b5a23

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc018b15933a38b35be9bc63f711ad7d5bb35799f20a19f419cb75618aa40ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Oct 2023 10:46:27 GMT
server: cloudflare
etag: W/"9565a5538b22532439a98f644dcb9b57"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 8174b8a47c001e5a-FRA
x-amz-cf-id: bvaEdhmXXSasCUu_Vz9kNCJrqt-jCu2u6Lj6ppMFSREBFIwGRlqmFA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
86 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1PTC8F8MTT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX23PZH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d92389b06a2a13d2ce6d119ae9f2c032145ad5aa352fab2a95aaa1d9ed5ded8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 17 Oct 2023 01:20:49 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
218 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1909567621&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&ul=en-us&de=UTF-8&dt=Eastin%20Hotels%2C%20Resorts%20%26%20Residences%20%7C%20Deluxe%20%26%20Luxury%20Hotels%20in%20Asia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=errors%20tracking&ea=API%20Query%20ID%20not%20discovered%20.%20Galaxy%20site&el=www.eastinhotelsresidences.com&_u=aGDACEABBAAAACAAI~&jid=86371564&gjid=964810951&cid=1195232472.1697505648&tid=UA-162681275-3&_gid=1951913719.1697505648&_r=1&_slc=1&gtm=45He3ab0n81TL2MM4B&cd34=%7C&cd36=%7C&cd41=GTM-TL2MM4B&cd42=71&z=2020981530

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eastinhotelsresidences.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eastinhotelsresidences.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Oct 2023 23:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5467
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 17 Oct 2023 01:49:42 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
68 B 15ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1909567621&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&ul=en-us&de=UTF-8&dt=Eastin%20Hotels%2C%20Resorts%20%26%20Residences%20%7C%20Deluxe%20%26%20Luxury%20Hotels%20in%20Asia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACAEK~&jid=1901143044&gjid=843990422&cid=1195232472.1697505648&tid=UA-162681275-1&_gid=1951913719.1697505648&_r=1&_slc=1&gtm=45He3ab0n81TL2MM4B&cd13=essentials&cd14=th1&cg1=web&cg2=not_applicable&cd15=hd1&cd16=ft3&cd19=tvs_no&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&cd39=not_applicable&cd40=eastinhotelsresidences.com&cd41=GTM-TL2MM4B&cd42=71&cd54=be4&cd59=0&z=1916171276

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eastinhotelsresidences.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eastinhotelsresidences.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3R5SJEDWK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71d3a128a20697535d6ba43b8c6bf5f8a9f57f22dc67ecec9471036ab7dcb4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84721
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 17 Oct 2023 01:20:49 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 3371 0
31 B 63ms
13ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=777941750775110&ev=PageView&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fc%2F43.html%3Ff_v%3Dcp_v3_js%26p_v%3D4%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%26auto_ccid%3Db8nk7-ijr4w-qprbp-zrrw4-vyywb%26auto_ga%3D1195232472.1697505648%26e_eml%3Dnull%26auto_eml%3DO2PS466O2P23Q6804OS66S665OQ4RQPP%2540949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ%26auto_eml_count%3D1%26auto_eml_domain%3D949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ%26auto_eml_list%3DO2PS466O2P23Q6804OS66S665OQ4RQPP%2540949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ%26ws%3D1600x1200%26tz%3D-120%26hpid%3D112167%26pt%3DTRACKING%26et%3D&rl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&if=true&ts=1697505649435&sw=1600&sh=1200&v=2.9.134&r=stable&a=trplsojern&ec=0&o=30&ler=other&it=1697505649220&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 17 Oct 2023 01:20:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 3371 0
185 B 59ms
10ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=777941750775110&ev=Tracking&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fc%2F43.html%3Ff_v%3Dcp_v3_js%26p_v%3D4%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%26auto_ccid%3Db8nk7-ijr4w-qprbp-zrrw4-vyywb%26auto_ga%3D1195232472.1697505648%26e_eml%3Dnull%26auto_eml%3DO2PS466O2P23Q6804OS66S665OQ4RQPP%2540949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ%26auto_eml_count%3D1%26auto_eml_domain%3D949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ%26auto_eml_list%3DO2PS466O2P23Q6804OS66S665OQ4RQPP%2540949.JJJ.GENIRYPYVPX-JROFBYHGVBAF.PBZ%26ws%3D1600x1200%26tz%3D-120%26hpid%3D112167%26pt%3DTRACKING%26et%3D&rl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&if=true&ts=1697505649438&cd[content_type]=hotel&cd[content_ids]=%5B%22112167%22%5D&cd[value]=0&cd[purchase_value]=0&cd[custom_param1]=s%25253Dccid_ga%25257Cccid_auto%25257Cf_v%25253Dcp_v3_js%25257Cp_v%25253D4%25257Cversion%25253D3%25257Cauto_url%25253Dhttps%2525253A%2525252F%2525252Fwww.eastinhotelsresidences.com%2525252F%25257Cauto_ccid%25253Db8nk7-ijr4w-qprbp-zrrw4-vyywb%25257Cauto_ga%25253D1195232472.1697505648%25257Cauto_eml_count%25253D1%25257Cws%25253D1600x1200%25257Ctz%25253D-120%25257Chpid%25253D112167%25257Cpt%25253DTRACKING%25257Cet%25253D&sw=1600&sh=1200&v=2.9.134&r=stable&a=trplsojern&ec=1&o=30&ler=other&it=1697505649220&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 17 Oct 2023 01:20:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
264 B 52ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1PTC8F8MTT&gtm=45je3ab0&_p=1909567621&_gaz=1&cid=1195232472.1697505648&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1697505649&sct=1&seg=0&dl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&dt=Eastin%20Hotels%2C%20Resorts%20%26%20Residences%20%7C%20Deluxe%20%26%20Luxury%20Hotels%20in%20Asia&en=page_view&_fv=1&_ss=1&ep.page_subsection=not_applicable&ep.page_language=en&up.user_logged_in_session=no
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eastinhotelsresidences.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
264 B 76ms
23ms Ping
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1PTC8F8MTT&cid=1195232472.1697505648&gtm=45je3ab0&aip=1
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eastinhotelsresidences.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 49ms
18ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1PTC8F8MTT&cid=1195232472.1697505648&gtm=45je3ab0&aip=1&z=1750890310

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 21ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3R5SJEDWK4&gtm=45je3ab0&_p=1909567621&cid=1195232472.1697505648&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697505649&sct=1&seg=0&dl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&dt=Eastin%20Hotels%2C%20Resorts%20%26%20Residences%20%7C%20Deluxe%20%26%20Luxury%20Hotels%20in%20Asia&en=page_view&_fv=1&_ss=1&ep.page_has_tvs=no&ep.page_footer=ft3&ep.page_header=hd1&ep.page_language=en&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.site_galaxy_product=essentials&ep.page_template=th1&ep.site_tvs=tvs_no&epn.site_number_of_languages=2&ep.site_global_product=web&ep.page_content_group=not_applicable&ep.site_be_version=be4&epn.page_tvs_videos_count=0&up.user_logged_in=no
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 01:20:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eastinhotelsresidences.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ehcm-bedroom-mood.jpg
image-tc.galaxy.tf/wijpeg-57qh7k530e8jgz0md66hl4akc/ 80 KB
80 KB 821ms
821ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-57qh7k530e8jgz0md66hl4akc/ehcm-bedroom-mood.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193162428dec979db75071042607f6358e84947adfca955bfb870baa01c5c451

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:50 GMT
x-amz-version-id: JzjCSW1_j_tvU2jMcb1L9SjRA5WyeucG
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 81639
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 05:27:39 GMT
server: cloudflare
etag: "b39af1a3b31d851ebbf6a90cac47fd1e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b8a6dfcf049f-FRA
x-amz-cf-id: KWgJQeCzHMkcwKqm6GY0Mcf-35AnwoHRTfLBK2Cx1JrzgKqExG4rpw==

GET
H3 200 thanac-4-4-187329-1-006be2.jpg
image-tc.galaxy.tf/wijpeg-72fbcfgrmgt18sv7imhrqr80a/ 289 KB
290 KB 596ms
595ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-72fbcfgrmgt18sv7imhrqr80a/thanac-4-4-187329-1-006be2.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d1e2226c4a11e8e8195adac73c99be79e4e0ccb8906f623280e2b62d599874f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:51 GMT
x-amz-version-id: 6NuVI_vbyWN4_MI_obqRxIUCVGwKD.AD
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 295866
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 05:27:46 GMT
server: cloudflare
etag: "e2cf92f19e8ffaf4ac75f58e2baf2987"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b8ad0a31049f-FRA
x-amz-cf-id: 8SQLzltJiyof5zUB-0XnwOJKSTlSFW0kbTgKNHiO_mphjbDPmpNPcA==

GET
H3 200 egpb-overall-3.jpg
image-tc.galaxy.tf/wijpeg-9yxay60nixm6j1gr0t1dk8bct/ 409 KB
410 KB 558ms
557ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-9yxay60nixm6j1gr0t1dk8bct/egpb-overall-3.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3fc9e30ebefb6628ae3defc470ac95c102d3808a67a19d9e4a8b40379820be

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:52 GMT
x-amz-version-id: M3c9nRx5o9WPzytA6ZH.50UcBGTHa4q1
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 418708
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Jul 2023 07:42:05 GMT
server: cloudflare
etag: "f28ad5c0f6d16101244cb11e351541d4"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b8b26c6f049f-FRA
x-amz-cf-id: gD_QYiXweZcbN-wyzOe1UUzeyQi9Sf5iy7ej5y5Jy39Viy_Y4j4-bw==

GET
H3 200 ehcbi-lobby-10-1-b4e3bd.jpg
image-tc.galaxy.tf/wijpeg-afq5q8o9utujn9nga4gfz20m0/ 186 KB
186 KB 554ms
553ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-afq5q8o9utujn9nga4gfz20m0/ehcbi-lobby-10-1-b4e3bd.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c696612d402ffb390d8975b68cb0babf3acaf61125d6aa0a9a04fc2b714a10fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:53 GMT
x-amz-version-id: xAlkGjE3owGfxhkuOfUaCR4gvRE7EfVm
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 189971
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 05:27:51 GMT
server: cloudflare
etag: "945e16167a6b37f3961b1f5702b2b9d5"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b8b81efb049f-FRA
x-amz-cf-id: 9p8fnkW6YqKNgCSaO1JN_FnPFsCcdK5Kx9dmnLJrjugWrU3UQClsVw==

GET
H3 200 eghv-executive-lounge-2.jpg
image-tc.galaxy.tf/wijpeg-jk7mzpkjeg0s9kbota674wx6/ 237 KB
238 KB 655ms
654ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-jk7mzpkjeg0s9kbota674wx6/eghv-executive-lounge-2.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65b80a34255909871b2be7b2d2a63570c991b992b1fd196f7f719eae22b15da1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 01:20:53 GMT
x-amz-version-id: rHAjfhUeSyl6zCljQri42z5Oibtyr7Ue
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 242851
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 04:32:51 GMT
server: cloudflare
etag: "fa6b8087b4a982f8248b87e5e1df55d6"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8174b8bd18c6049f-FRA
x-amz-cf-id: ITIHHI6uRmkmOEmjY2OI-TtVzxIArCpBQMoxouwgNcMC0LwfFa_1JQ==

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eastinhotelsresidences.com/	1970-01-20 15:33:12	Name: _gid Value: GA1.2.1951913719.1697505648
.vimeo.com/	1970-01-20 15:31:47	Name: __cf_bm Value: .4mniE_YlahtJSYlZgxkSSc.BUf0wktYVIKOcF2m.5g-1697505648-0-AYv9wF8af5ceIJtlMLtiLGp8QDWlinoZVVKfkPaq8wO8W4Y2U/YXcIQNn6JVpZMtEPyAlx5eDCDQgSSPjdX9czw=
.adnxs.com/	1970-01-20 17:41:21	Name: uuid2 Value: 5801066619911826679
.adform.net/	1970-01-20 16:16:24	Name: C Value: 1
.vimeo.com/	1970-01-21 01:07:45	Name: vuid Value: pl1494856023.487220548
.adform.net/	1970-01-20 16:58:09	Name: uid Value: 1740433271273709500
.www.eastinhotelsresidences.com/	1970-01-21 00:17:21	Name: cf_clearance Value: EKxqSPV.AJjAvpN5gu4n69CF_Yt90ydXiPcTXITC8LY-1697505649-0-1-c7d9fdee.5c7bd989.8cef3096-0.2.1697505649
.sojern.com/	1970-01-21 00:17:21	Name: gid Value: CAESENPPIFAD-X9rBzTbeeg-xUM
.sojern.com/	1970-01-21 00:17:21	Name: cid Value: 9dfab403-5c4c-9fa0-ccfe-d101399df899#1697500800000
.sojern.com/	1970-01-20 17:41:21	Name: apnid Value: 5801066619911826679
.doubleclick.net/	1970-01-21 00:53:21	Name: IDE Value: AHWqTUmbVfaPIHJY45Fy2lbPl_-RD23WSrYjsWkojOVCtbZsHVFcKeNxbxj8APXxM0U
.sojern.com/	1970-01-21 00:17:21	Name: adfid Value: 1740433271273709500
www.eastinhotelsresidences.com/	1969-12-31 23:59:59	Name: __tcet Value: 1697505649
.eastinhotelsresidences.com/	1970-01-20 15:31:45	Name: _gat_UA-162681275-3 Value: 1
.eastinhotelsresidences.com/	1970-01-20 15:31:45	Name: _gat_tct Value: 1
.eastinhotelsresidences.com/	1970-01-21 01:07:45	Name: _ga_1PTC8F8MTT Value: GS1.1.1697505649.1.0.1697505649.60.0.0
.eastinhotelsresidences.com/	1970-01-21 01:07:45	Name: _ga Value: GA1.1.1195232472.1697505648
.eastinhotelsresidences.com/	1970-01-21 01:07:45	Name: _ga_3R5SJEDWK4 Value: GS1.1.1697505649.1.0.1697505649.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.eastinhotelsresidences.com/undefined Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.eastinhotelsresidences.com/ Message: Refused to execute script from 'https://www.eastinhotelsresidences.com/undefined' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
beacon.sojern.com
c1.adform.net
cdn.galaxy.tf
cm.g.doubleclick.net
connect.facebook.net
dynamic.travelclick-websolutions.com
f.vimeocdn.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
ib.adnxs.com
image-tc.galaxy.tf
match.adsrvr.org
pixel.sojern.com
player.vimeo.com
region1.analytics.google.com
region1.google-analytics.com
static.sojern.com
stats.g.doubleclick.net
tc.galaxy.tf
vimeo.com
www.eastinhotelsresidences.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.gstatic.com
107.178.244.119
142.250.185.134
146.75.118.109
151.101.0.217
162.159.128.61
162.159.138.60
195.244.31.25
2001:4860:4802:32::36
216.58.212.162
2606:4700::6811:b73a
2606:4700::6811:b83a
2606:4700::6811:ba3a
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c03::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.122.117.240
3.33.220.150
34.120.202.204
35.244.188.9
37.157.2.229
37.252.172.123
0396b324dadb72495db1da038132f4c3b07bb1412ba55525349963c9285bc251
05303c42d42f9e06694dac47b2d5245ee87f20c17d0de251a86257f62fbfe12f
09e64c9b9e3167a0320784905257b2b6b61607bf35091526d098d2840899fa63
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14cac7b96ee4613e4181c1c60478189c5b47667e30fffadea2e23fdc4d88e25c
193162428dec979db75071042607f6358e84947adfca955bfb870baa01c5c451
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2464b3f797065f1654a41a4eaae7083e9b492125fd7632abf40ad96eda5b3899
24713668394b23b2da61647e7fea9df165a521a19e148119d1ab99275647016a
3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db
326f3659de1153f0d59c9258fdd63b7dfd6dd26f2c9c3e9adc4b87f71b122a7b
3333a2035912d27f9f31d7ef4d7a59aab880a4a89fa54a729dcdf1bc8bcdb81c
43549841a01a031072533d3431295109f296c65253c61aa54a3a460800f49e34
449dae8ba4c079a51412a1aabfdfa88472c80e7c7c5fb2ac077f7bed6a66a77a
4ae404f16f1fc796b50674d5dc4cbaa0ea9275f5a7887ed970be08328e3e23b5
556dc7db7791961b86a7d00072cbc77158e56e36828968a05be62c5d23882047
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
573df05aa08d415383b527f34ba575f6d58ba0fef033b6da852ce2327f04b0a0
598dac89694017d12e812bdae67530962525b21b3d29f0c6cb54d64279476e67
5be40a25502750fcea8a3c3a7b05053eed840ba2006cff3135d4889c06a7826e
5fd6673c422424e4269957d703f7552aeebed142390e9c3720fd6770a2ec7d3a
62f2994b539b61ad8fb2ee93fcea05f65ef512e3367d70396e28f1019f22c64e
65b80a34255909871b2be7b2d2a63570c991b992b1fd196f7f719eae22b15da1
6c7d025836da3da42ced1490c2f17501af9f539655e2d000fac1eaf1584e9f73
6e9b535e5bbdb29b0f17910af51dd9fb3f853891092c93c4594b4f52c2edc8fe
71d3a128a20697535d6ba43b8c6bf5f8a9f57f22dc67ecec9471036ab7dcb4a1
76970459413c2c9d2ef46a4a9ebb9e9d8fff2674c747904e64cbafa1e4e611e2
7eb76bba7810cf6bee51e9eeb8213bc6b3b250c894679ac00bbfc0dcf9c37105
81fe8a31a97089b426e33a36cd66cd0e21c416e6a5d6d4230fe96e03f77f7a4c
8d1e2226c4a11e8e8195adac73c99be79e4e0ccb8906f623280e2b62d599874f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9dafefa72e0d50293394e828cecce0e615e30b9420e9a1d8b1b1f6ca3f8057c1
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a90e21ca39b126b23712ff533fa8164e82d0c69bb9e666111a98e00d659f84cf
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24c7ebfc4fd98e7c9fa40f28f006855d62f689e5d2fde172b761151a24fee02
b2f07355716cf20181604a763e041a2738f37e622573f2d7db31f8e1a4b9f9a7
b44450a7f4268f42a98ccc3eb1831145224e681830b49637183a0c71a51011f6
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5843509cb5d8c6a299a23ecf46ceb93b74f071c9b3d4dab42a38b544ff494fc
c696612d402ffb390d8975b68cb0babf3acaf61125d6aa0a9a04fc2b714a10fc
c6ba2f5e49fa3c55b3087760efd8e606f23618b0d0a43d2ea4f13692e537d62a
cf52612476fe1f5a6e317433c8661fe892bcd3c3d669fb0cc0d497af6f67a608
d7bbec4ab7d0bdbbff26c6f604124eb718decf354ade84675996a182b7b3e590
d92389b06a2a13d2ce6d119ae9f2c032145ad5aa352fab2a95aaa1d9ed5ded8f
da3fc9e30ebefb6628ae3defc470ac95c102d3808a67a19d9e4a8b40379820be
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e1af5c26a6ca0cf6e1efcd25d203b5d1b890d8d2756d58ca0cfdfafa2f488576
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed725477658d590a46e4ba750d0d49325fe122fd80c8dc8a86c126ed375d579c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f092748fe2abcd3ca1753fa3ba1320cbbdf229154afdb8d716bf0467dd099c34
f51a9d161ee058e4ea25c31ef3b1d7ad3de51cdf961286c3c0c8067605f59dc4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc018b15933a38b35be9bc63f711ad7d5bb35799f20a19f419cb75618aa40ec2
fc75b7b203cb5e92d83655298e99f4fd5acb30159dce2adb2ed96688de5950fd

www.eastinhotelsresidences.com Open in urlscan Pro 2606:4700::6811:b73a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

91 %HTTPS

55 %IPv6

19 Domains

33 Subdomains

27 IPs

5 Countries

3379 kBTransfer

7637 kBSize

18 Cookies

4 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.eastinhotelsresidences.com Open in urlscan Pro
2606:4700::6811:b73a Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

91 %
HTTPS

55 %
IPv6

19
Domains

33
Subdomains

27
IPs

5
Countries

3379 kB
Transfer

7637 kB
Size

18
Cookies

81 HTTP transactions
1 data transactions