www.flemings-hotels.com Open in urlscan Pro
2606:4700::6811:ba3a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1834185
Effective URL:
https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Submission: On March 03 via api (March 3rd 2023, 9:59:49 am UTC) from AT — Scanned from DE

Summary HTTP 76 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 76 HTTP transactions. The main IP is 2606:4700::6811:ba3a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.flemings-hotels.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 28th 2022. Valid for: a year.

This is the only time www.flemings-hotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	104.70.84.190 104.70.84.190	16625 (AKAMAI-AS) (AKAMAI-AS)
24	2606:4700::68... 2606:4700::6811:ba3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.71.189 172.67.71.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b63a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.198.114.4 88.198.114.4	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.251.208.102 142.251.208.102	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	195.244.31.25 195.244.31.25	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
2	2600:9000:223... 2600:9000:223f:e200:16:41f8:18c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
76	20

21 104.70.84.190 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-84-190.deploy.static.akamaitechnologies.com

tcgms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tcgms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700::6811:ba3a (United States)

ASN13335 (CLOUDFLARENET, US)

www.flemings-hotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image-tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.189 (United States)

ASN13335 (CLOUDFLARENET, US)

app.secureprivacy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b63a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.114.4 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: app7.trustyou.com

api.trustyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f6.1e100.net

3510645.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net

dynamic.travelclick-websolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:e200:16:41f8:18c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.tsa-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	tcgms.net 1 redirects tcgms.net — Cisco Umbrella Rank: 56595 www.tcgms.net — Cisco Umbrella Rank: 75890	302 KB
20	flemings-hotels.com www.flemings-hotels.com	2 MB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 3510645.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	5 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	2 KB
5	galaxy.tf cdn.galaxy.tf — Cisco Umbrella Rank: 116706 image-tc.galaxy.tf — Cisco Umbrella Rank: 89020	384 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	292 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6149	670 B
2	tsa-db.com api.tsa-db.com — Cisco Umbrella Rank: 65023	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	136 KB
1	travelclick-websolutions.com dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 124323	1 KB
1	gstatic.com www.gstatic.com	163 KB
1	trustyou.com api.trustyou.com — Cisco Umbrella Rank: 91291	5 KB
1	secureprivacy.ai app.secureprivacy.ai — Cisco Umbrella Rank: 60193	8 KB
76	15

	Domain	Requested by
20	www.flemings-hotels.com	www.flemings-hotels.com www.googletagmanager.com
19	www.tcgms.net	tcgms.net www.tcgms.net
4	www.googletagmanager.com	www.flemings-hotels.com www.googletagmanager.com
4	www.google.com	www.flemings-hotels.com
4	image-tc.galaxy.tf	www.flemings-hotels.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.google.de	www.flemings-hotels.com
2	region1.google-analytics.com	www.flemings-hotels.com
2	api.tsa-db.com	www.flemings-hotels.com
2	www.facebook.com	www.flemings-hotels.com
2	connect.facebook.net	www.flemings-hotels.com connect.facebook.net
2	3510645.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	tcgms.net	1 redirects www.flemings-hotels.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	dynamic.travelclick-websolutions.com	cdn.galaxy.tf
1	www.gstatic.com	www.google.com
1	adservice.google.com	3510645.fls.doubleclick.net
1	api.trustyou.com	www.flemings-hotels.com
1	cdn.galaxy.tf	www.flemings-hotels.com
1	app.secureprivacy.ai	www.flemings-hotels.com
76	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
reservations.flemings-hotels.com
www.amadeus-hospitality.com

Subject Issuer	Validity	Valid
www.flemings-hotels.com Cloudflare Inc ECC CA-3	`2022-04-28` - `2023-04-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
cdn.galaxy.tf Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
image-tc.galaxy.tf Cloudflare Inc ECC CA-3	`2022-06-08` - `2023-06-07`	a year	crt.sh
*.trustyou.com Go Daddy Secure Certificate Authority - G2	`2022-12-15` - `2023-12-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
secure.tcgms.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-10`	2 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.travelclick-websolutions.com Gandi Standard SSL CA 2	`2022-06-16` - `2023-07-08`	a year	crt.sh
*.tsa-db.com Amazon RSA 2048 M02	`2023-02-28` - `2024-03-28`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Frame ID: 64BDACF6F3B14EE2AA94FE4A86B5944A
Requests: 51 HTTP requests in this frame

Frame: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df
Frame ID: A6D41901623E7F8540E2324B243EFDD7
Requests: 22 HTTP requests in this frame

Frame: https://3510645.fls.doubleclick.net/activityi;dc_pre=COOXvYbAv_0CFWwMewodTf8OmQ;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=807429396.1677837578;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00
Frame ID: 56F0E2F88268E72FBCDA11009E42AAFD
Requests: 2 HTTP requests in this frame

Frame: https://www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677830400
Frame ID: 6252E052BBCD624A74E1A2A42015AA86
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Flemings Newsletter | Flemings Hotels

Page URL History Show full URLs

https://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1834185 HTTP 301
https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

76
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

21
Subdomains

20
IPs

4
Countries

3642 kB
Transfer

14377 kB
Size

13
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/flemingshotels/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/flemingshotels/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/flemings-hotels

Search URL Search Domain Scan URL

URL: https://reservations.flemings-hotels.com/114478
Title: Meine Reservierung

Search URL Search Domain Scan URL

URL: https://www.amadeus-hospitality.com/
Title: Made by Amadeus.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1834185 HTTP 301
https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://3510645.fls.doubleclick.net/activityi;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=807429396.1677837578;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00 HTTP 302
https://3510645.fls.doubleclick.net/activityi;dc_pre=COOXvYbAv_0CFWwMewodTf8OmQ;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=807429396.1677837578;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00

76 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request newsletter Show response
www.flemings-hotels.com/
Redirect Chain

https://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1834185
https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

93 KB
16 KB

286ms
267ms

Document
text/html

2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c80ab1f6ee79aed37e6d575473b4b5d4fa43655d61c94ec19e176962cfbb584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7a210715ec00363c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 03 Mar 2023 09:59:36 GMT
last-modified: Fri, 03 Mar 2023 09:35:06 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 3a2d3a68144052638ea46cd63a2b2f08.cloudfront.net (CloudFront)
x-amz-cf-id: b1aD05vM0OmKXtuxUUn9hXh0QGuOJRvh_kFb1KAJwQslqYcO4XtocA==
x-amz-cf-pop: BCN50-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: upgrade-insecure-requests
date: Fri, 03 Mar 2023 09:59:36 GMT
location: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
server: Apache-Coyote/1.1

GET
H2 200 62261c929d267ca63f82784c.js Show response
app.secureprivacy.ai/script/ 7 KB
8 KB 58ms
27ms Script
application/octet-stream 172.67.71.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.secureprivacy.ai/script/62261c929d267ca63f82784c.js
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6be8c702ecf7e676b3f8124253d6c97eb1cb0ab1c7d5a267983461f54658c4d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:36 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 27 Feb 2023 21:34:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: RpDpjN4cY1Z7bnO77Ytazg==
server: cloudflare
etag: "0x8DB190A67073E3D"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itTvQQIREHKch8uBtUmppGAOLfCNpPfdakvA0dMdOXPhjd%2BC9AImcZ%2BDsjYBfHt9kdr5n7mUkny6R3KXmx8nqf5d0cMW7q60MNc7TCn%2FkPnVXdw9mVTZ5WdaMe4avnQIhYmOQxs2"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 4565f69d-f01e-0060-33b6-4ddd34000000
x-ms-version: 2018-03-28
accept-ranges: bytes
cf-ray: 7a210717e99537d8-FRA
content-length: 7195

GET
H2 200 main.css
www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/ 451 KB
55 KB 76ms
75ms Stylesheet
text/css 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b45e4a5049146af2d13f095faf4857790d38a2b5b0949c391ef539fba7698c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:36 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Mar 2023 09:35:09 GMT
server: cloudflare
etag: W/"3dcbb42854cc2a2a3cd157ccd2f4b468"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
cf-ray: 7a210717bdeb363c-FRA
x-amz-cf-id: gU2WdIaW3paLbzt37jNX7RD6x65oxmz_wpBEP2UzGWPszafSgutUtg==

GET
H2 200 gms-latest.min.js Show response
cdn.galaxy.tf/asset-galaxy/js/ 148 KB
46 KB 382ms
351ms Script
application/javascript 2606:4700::6811:b63a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v19d44e94291151bfdcd1444d5caca497

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b63a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
strict-transport-security: max-age=15768000
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 23 Aug 2022 10:13:56 GMT
server: cloudflare
etag: W/"250c8-5e6e5d27ceffe-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7a210717ea49bbaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 09:59:37 GMT

GET
H3 200 main.bundle.js Show response
www.flemings-hotels.com/integration/flemings-hotels/public/shared-gms-v2/js/ 205 KB
65 KB 82ms
80ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/shared-gms-v2/js/main.bundle.js?v19d44e94291151bfdcd1444d5caca497

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd2e6e286b2c1237bdf2cc4b970bf6c3930c9e405d69f68f3231044cfa405a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 15:57:58 GMT
server: cloudflare
etag: W/"a806a390a2b0119f049fddd7e926f986"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 7a21071abc519b77-FRA
x-amz-cf-id: n_bH177o9p4Ib-0ye4Zg27IdEhlNgHVOmHVuilWdA-1_o6Z9txjJ8Q==

GET
H2 200 logo-header.svg
image-tc.galaxy.tf/wisvg-47mb3rv9uuaif5oivatbeuyj2/ 5 KB
2 KB 481ms
448ms Image
image/svg+xml 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-47mb3rv9uuaif5oivatbeuyj2/logo-header.svg?width=392

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f50bcd7dbcf2a6c6aa63cd5fe368d98f94a1b3a7bc2758046eaab4558a9e25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
x-amz-version-id: 5HE2Nv1O1IxrnAnG.mMFZO4dlIkXTLqT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
cf-cache-status: DYNAMIC
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 03:48:54 GMT
server: cloudflare
etag: W/"4723d460444af6e8c145e61a8d9c344e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
cf-ray: 7a21071aeeb62bba-FRA
x-amz-cf-id: OoUelm8C3WAqabPd6azjXUj9_ImQMTt5FPDscPA9crQsmFwyEIA4vw==

GET
H3 200 galaxy-helpers.js Show response
www.flemings-hotels.com/frontend/galaxy-helpers/public/ 56 KB
21 KB 582ms
581ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-676494c8-7126-41cd-8b37-49a9ecd71ccc

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1af5c26a6ca0cf6e1efcd25d203b5d1b890d8d2756d58ca0cfdfafa2f488576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
x-amz-version-id: INScYW4EMKICRsgK.ZKjs1vX72qyuS0H
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 b70652ef13a805740c3f1a14f25d8c3c.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: MSP50-P1
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Nov 2022 10:35:45 GMT
server: cloudflare
etag: W/"ef1febd8b777272d6178f74661f8347e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 7a21071849479b77-FRA
x-amz-cf-id: 3qrS6K5Myp-w7NcA3RAz5L-eLBm2c4H85_4q32tE5rcyG4qDmQd_Zw==

GET
H3 200 bundle.js Show response
www.flemings-hotels.com/integration/flemings-hotels/public/js/ 9 MB
2 MB 97ms
97ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/js/bundle.js?v19d44e94291151bfdcd1444d5caca497

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cc66e8f9f632f795f3677df20755edfec2da56ce5391d3808046a63fafb05a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Mar 2023 14:32:02 GMT
server: cloudflare
etag: W/"e71c62cfca54bd653db38b1b29d4ddb3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 7a21071a9c2d9b77-FRA
x-amz-cf-id: Nb2VBS_CaU633CakhLkRSsFpwGyBk5ScBK4mHAKFYUMg_-5ObMtz9Q==

GET
H/1.1 200
OK iframeResizer.min.js Show response
api.trustyou.com/static/3rdparty/iframe-resizer/js/ 13 KB
5 KB 44ms
15ms Script
application/javascript 88.198.114.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustyou.com/static/3rdparty/iframe-resizer/js/iframeResizer.min.js
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.114.4 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: app7.trustyou.com
Software: Apache /
Resource Hash: e7954b62653e3d7d5a7b455589a7238d661dfbaebd18650bc4b9d82089ab7156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 09:59:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Feb 2018 09:07:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 5154

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 906 B
892 B 60ms
23ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onLoadCaptcha

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e57a18673369c39a2d5459f7ea0b6aafb0e2f7e5584d2bfde9850eb1e5c35768

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 572
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 09:59:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 209 KB
64 KB 70ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1871cedc94b54ba40d2e235e3cd248dcad52ec64c0beec74ef455e51e9c75466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65369
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Mar 2023 09:59:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
77 KB 70ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

019d1d21e43cf47042834c10c5c926756c497694e1e309ae1c0b82ff56e6d9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79234
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Mar 2023 09:59:37 GMT

GET
H3 200 RingsideCompressedSSm-Bold_Web.woff2
www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Ringside-Bold/ 56 KB
57 KB 112ms
111ms Font
application/font-woff2 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Ringside-Bold/RingsideCompressedSSm-Bold_Web.woff2

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1a649c2c24afe3072a5c478ca103e81a5f35f862e119d4a245b0b570f8c6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
Origin: https://www.flemings-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57592
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:45 GMT
server: cloudflare
etag: "e66afeb7e7f13ea6dee08d360e765bd7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
cf-ray: 7a21071abc569b77-FRA
x-amz-cf-id: CHghnuyVuXM2QKlRQ5dVvwBdBAYMgR34ORsEB2syVLc6ujTW7odS_g==

GET
H3 200 RingsideCompressedSSm-Book_Web.woff2
www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Ringside/ 59 KB
60 KB 80ms
80ms Font
application/font-woff2 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Ringside/RingsideCompressedSSm-Book_Web.woff2

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58e9e1b97cb14d612b4fc1e52a34e161c8d4baa8e0d37bdbf4893b4dc25069f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
Origin: https://www.flemings-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60884
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:43 GMT
server: cloudflare
etag: "99c11ed45a9131b625d5405ae73539eb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
cf-ray: 7a21071abc579b77-FRA
x-amz-cf-id: poGj-tRAsJG065F8mmzXpailpJjkDdNGIbAvRjHopjaGQqMavUZC2g==

GET
H3 200 Practice-Regular.woff2
www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Practice-Regular/ 47 KB
47 KB 122ms
122ms Font
application/font-woff2 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Practice-Regular/Practice-Regular.woff2

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02fa4759cedac98b71d5cb98f7b84390ec4ee11a86186a0e27479a50262109e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
Origin: https://www.flemings-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47968
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:43 GMT
server: cloudflare
etag: "1588782f1d98e5d15e7b8ff9e58fec2f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
cf-ray: 7a21071acc5b9b77-FRA
x-amz-cf-id: If4aNbf6fjx-c9ZY1I10ayGsHlHaJg89hK3e7mGSuVbML25PGdhE8Q==

GET
H2 200 NjA2OTY1NjUwMA Show response
tcgms.net/app/new/ Frame A6D4 42 KB
10 KB 277ms
277ms Document
text/html 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache-Coyote/1.1 /

Resource Hash

e91ed604c2d3d97848d6c56d198e5e811759af44314a44257c0fab4aa42824e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 9847
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Fri, 03 Mar 2023 09:59:37 GMT
server: Apache-Coyote/1.1
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 bm_default_info_icon.svg
www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/ 1 KB
1013 B 117ms
117ms Image
image/svg+xml 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/bm_default_info_icon.svg

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fce68f8947c03e8e8e627e6f5ba7bf0affd0cd3c55e518ff6262f5280496036b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Dec 2022 06:48:01 GMT
server: cloudflare
etag: W/"e64f434960bee7da0997c63815325573"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 7a21071adc759b77-FRA
x-amz-cf-id: T0prjmtt1aJ2uMQM6OkI4MbeF6X3VvYPp0mCJDFUB2k7fGV2ssZEWQ==

GET
H3 200 form-illustration-2.png
www.flemings-hotels.com/integration/flemings-hotels/public/images/backgrounds/ 34 KB
35 KB 111ms
110ms Image
image/png 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/backgrounds/form-illustration-2.png

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3359218fa5c5db4640b36c5f1ea6ed6784dfd8c36d06a24a790ee13915a4c756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35145
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:37 GMT
server: cloudflare
etag: "4d996ab7af6fc77fc713d907e4f77ed7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
cf-ray: 7a21071adc799b77-FRA
x-amz-cf-id: 2zhDlQYW4gvarYthLBZoeS34EoPoYiJuz0ngYTPJFiEzW8Z-FFS7pQ==

GET
H3 200 Practice-Italic.woff2
www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Practice-Italic/ 49 KB
49 KB 86ms
85ms Font
application/font-woff2 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Practice-Italic/Practice-Italic.woff2

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7937fd6e1b04aaaae3549fd2a6e2d9c7a773124879db28cf22e4cc13c1ffa0b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
Origin: https://www.flemings-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49864
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:44 GMT
server: cloudflare
etag: "ea39c9bcf709fd5ffe958cc37d3a205b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
cf-ray: 7a21071aec959b77-FRA
x-amz-cf-id: _3Xb757hzzVVbUFk3BEwAtT2RiqF_jDHHa2mSqPZoLqNIBnECMCU_w==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10790894489/ 3 KB
1 KB 93ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10790894489/?random=1677837577554&cv=11&fst=1677837577554&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&tiba=Flemings%20Newsletter%20%7C%20Flemings%20Hotels&auid=807429396.1677837578&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

765da8a3f11f229fd6636c2085ef29835311ecfbdbea2e89d61c79c3e818e634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1231
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10790794923/ 3 KB
2 KB 64ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10790794923/?random=1677837577558&cv=11&fst=1677837577558&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&tiba=Flemings%20Newsletter%20%7C%20Flemings%20Hotels&auid=807429396.1677837578&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

091b9aa462dde70e69617b42fe2a65ca956ded4850b0a2aec8994421036e441c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1230
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=COOXvYbAv_0CFWwMewodTf8OmQ;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=807429396.1677837578;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2Fnews... Show response
3510645.fls.doubleclick.net/ Frame 56F0
Redirect Chain

https://3510645.fls.doubleclick.net/activityi;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=807429396.1677837578;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2Fne...
https://3510645.fls.doubleclick.net/activityi;dc_pre=COOXvYbAv_0CFWwMewodTf8OmQ;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=807429396.1677837578;~oref=https%3A...

467 B
610 B

70ms
69ms

Document
text/html

142.251.208.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3510645.fls.doubleclick.net/activityi;dc_pre=COOXvYbAv_0CFWwMewodTf8OmQ;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=807429396.1677837578;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f6.1e100.net

Software

cafe /

Resource Hash

8abea2f8b98fc8b75ee263f890cc3f6345074dbd2021609bc28ae4aa48e24636

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 273
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 09:59:37 GMT
expires: Fri, 03 Mar 2023 09:59:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 09:59:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://3510645.fls.doubleclick.net/activityi;dc_pre=COOXvYbAv_0CFWwMewodTf8OmQ;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=807429396.1677837578;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 404 undefinedasync
www.flemings-hotels.com/ 0
0 505ms
504ms Script
text/html 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/undefinedasync

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-encoding: br
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache
cf-ray: 7a21071bedec9b77-FRA
x-amz-cf-id: LaG3rakcKxEeE28txAJVCRwsVrvEGZ32N1vuVKK9M4PQ8_DKAW1U4Q==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Mar 2023 09:59:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0ZzcnsiD7oCLXCf8cVLgjnuZcq9bc/kZNa/zQVTL7SLK60OYtQ1BaMZShMOAwCXtq2uT0Tzx10HnCne22XYxyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 859822401569438 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 63ms
61ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/859822401569438?v=2.9.97&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5af0c53b5878d54664c7bb957ac58b9bc162f338c6e29723fa5dfd9e52137e5f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Mar 2023 09:59:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 9lS+9qTNIVQHIBh0DDx+reFgXPatsQnh7DdDVCHG0rowHEZlbt12TAqSZvA6Nv3/UL2l12HgawcA7BNN4076rw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10790794923/ 42 B
327 B 26ms
26ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10790794923/?random=1677837577558&cv=11&fst=1677834000000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&tiba=Flemings%20Newsletter%20%7C%20Flemings%20Hotels&fmt=3&is_vtc=1&random=573239006&rmt_tld=0&ipr=y

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10790794923/ 42 B
108 B 135ms
56ms Image
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10790794923/?random=1677837577558&cv=11&fst=1677834000000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&tiba=Flemings%20Newsletter%20%7C%20Flemings%20Hotels&fmt=3&is_vtc=1&random=573239006&rmt_tld=1&ipr=y

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10790894489/ 42 B
108 B 28ms
26ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10790894489/?random=1677837577554&cv=11&fst=1677834000000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&tiba=Flemings%20Newsletter%20%7C%20Flemings%20Hotels&fmt=3&is_vtc=1&random=858334696&rmt_tld=0&ipr=y

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10790894489/ 42 B
455 B 108ms
54ms Image
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10790894489/?random=1677837577554&cv=11&fst=1677834000000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&tiba=Flemings%20Newsletter%20%7C%20Flemings%20Hotels&fmt=3&is_vtc=1&random=858334696&rmt_tld=1&ipr=y

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dialogs.css
www.tcgms.net/scripts/dialogs/css/ Frame A6D4 27 KB
5 KB 254ms
170ms Stylesheet
text/css 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/dialogs/css/dialogs.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2d5f55af6b26f54540a0b432dd6f4fbda74ac3391ce1c81c2da35b0eee52356e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 16 Dec 2013 19:44:34 GMT
server: Apache
etag: "6d0c-4edac0a8ccc80"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 5292

GET
H2 200 jquery-ui.min.css
www.tcgms.net/scripts/responsive/ Frame A6D4 28 KB
7 KB 216ms
132ms Stylesheet
text/css 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

235811eea35afea6661df621dcd80615b44d0abf0f4e30141bcb062c3edcecea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "6f91-525ea79777480"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 6942

GET
H2 200 jquery-ui.structure.min.css
www.tcgms.net/scripts/responsive/ Frame A6D4 14 KB
5 KB 1130ms
1046ms Stylesheet
text/css 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.structure.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c1f78372fef6004ba25f660c5e2a8377c7e057e1386281df289973abb4cebabf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "39ac-525ea79777480"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4738

GET
H2 200 jquery-ui.theme.min.css
www.tcgms.net/scripts/responsive/ Frame A6D4 13 KB
2 KB 226ms
142ms Stylesheet
text/css 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.theme.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad276a9b384daf069f7458062d26b31838d009086e6b3a5e0c69a5682063239c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "351f-525ea79777480"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2284

GET
H2 200 jquery-ui-slider-pips.css
www.tcgms.net/scripts/responsive/ Frame A6D4 11 KB
2 KB 214ms
130ms Stylesheet
text/css 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui-slider-pips.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

dff41f45bf1410d70bbaa825268ce556be0a4c1eb3c293600971e60e565a218b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "2baa-525ea79777480"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2034

GET
H2 200 jquery.mobile-1.4.5.min.css
www.tcgms.net/scripts/responsive/ Frame A6D4 203 KB
25 KB 440ms
356ms Stylesheet
text/css 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile-1.4.5.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "32a69-525ea79777480"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 25215

GET
H2 200 jquery.mobile.custom.theme.min.css
www.tcgms.net/scripts/responsive/ Frame A6D4 12 KB
2 KB 222ms
139ms Stylesheet
text/css 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.theme.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

291e4ceacea80004276a4500a661d05acd5912b405fb13a2fe5fa6fc4c676eee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "3071-525ea79777480"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2243

GET
H2 200 jquery.mobile.custom.structure.min.css
www.tcgms.net/scripts/responsive/ Frame A6D4 66 KB
10 KB 220ms
137ms Stylesheet
text/css 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.structure.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8964e438a1f1a01489df821e32816d1651550b39b55b783ad7f5d85e43c6247b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "10953-525ea79777480"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 9788

GET
H2 200 intlTelInput.css
www.tcgms.net/scripts/responsive/intlTelInput/ Frame A6D4 21 KB
3 KB 250ms
168ms Stylesheet
text/css 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/intlTelInput/intlTelInput.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a06428ba01c0ceafa7d68c9c6cf720ae3543831c878ca0c66dc38ad74eb5c74b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 06 Dec 2016 03:58:21 GMT
server: Apache
etag: "54a4-542f56a489b33"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3187

GET
H2 200 jquery-1.11.1.min.js Show response
www.tcgms.net/scripts/responsive/ Frame A6D4 94 KB
33 KB 1138ms
1055ms Script
application/javascript 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-1.11.1.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "1762a-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 33266

GET
H2 200 custom-jquery-scripts.js Show response
www.tcgms.net/scripts/responsive/ Frame A6D4 112 B
286 B 251ms
169ms Script
application/javascript 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/custom-jquery-scripts.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4018d80284d0b380e6f0187eea93cd2006c976d7990a9a59234bbb3f7e4d48a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 07 Dec 2015 18:15:35 GMT
server: Apache
etag: "70-52652d7e77fc0"
content-type: application/javascript
accept-ranges: bytes
content-length: 112

GET
H2 200 jquery-ui.min.js Show response
www.tcgms.net/scripts/responsive/ Frame A6D4 235 KB
63 KB 492ms
409ms Script
application/javascript 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a8bd2ffb1e86cd8ab362d0c57f12860bc2b35b243d9f9a9ed63b663ca2ae82ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "3ab26-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 jquery-ui-slider-pips.js Show response
www.tcgms.net/scripts/responsive/ Frame A6D4 22 KB
5 KB 263ms
180ms Script
application/javascript 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui-slider-pips.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d14a1b9791657bcd13c89ddc2d2bfcddc5491c377ebf7b4ef6a86c5b89eb18c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "59d3-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4630

GET
H2 200 jquery.mobile.custom.min.js Show response
www.tcgms.net/scripts/responsive/ Frame A6D4 181 KB
51 KB 409ms
327ms Script
application/javascript 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

77db1e92623f53f39a92474ff79429f547485f839dc0b30bc33a5f65ce880da8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "2d37a-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 iframeResizer.contentWindow.min.js Show response
www.tcgms.net/scripts/responsive/ Frame A6D4 13 KB
5 KB 1077ms
995ms Script
application/javascript 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/iframeResizer.contentWindow.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Dec 2015 13:44:33 GMT
server: Apache
etag: "3445-525ea79683240"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5005

GET
H2 200 intlTelInput.min.js Show response
www.tcgms.net/scripts/responsive/intlTelInput/ Frame A6D4 22 KB
9 KB 307ms
225ms Script
application/javascript 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/intlTelInput/intlTelInput.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ffc992202755637f8b6d51b4f61d30e3b47fc797403d923a9cd618a47c6ca184

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 06 Dec 2016 03:58:21 GMT
server: Apache
etag: "56bf-542f56a48a2f5"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9108

GET
H2 200 utils.js Show response
www.tcgms.net/scripts/responsive/intlTelInput/ Frame A6D4 233 KB
51 KB 342ms
261ms Script
application/javascript 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/intlTelInput/utils.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3d5c31a7e56cfc12b784ae9f7d946c74b9f0e301032ddc6b786a83c3be2773db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 06 Dec 2016 03:58:21 GMT
server: Apache
etag: "3a41e-542f56a48aeac"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 qrcode.min.js Show response
www.tcgms.net/scripts/responsive/ Frame A6D4 19 KB
7 KB 1080ms
999ms Script
application/javascript 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/qrcode.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NjA2OTY1NjUwMA?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Feb 2017 12:04:19 GMT
server: Apache
etag: "4dd7-5491d4be08778"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7007

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=859822401569438&ev=PageView&dl=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&rl=&if=false&ts=1677837577766&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677837577765.41632661&it=1677837577625&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Mar 2023 09:59:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=COOXvYbAv_0CFWwMewodTf8OmQ;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=*;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32...
adservice.google.com/ddm/fls/z/ Frame 56F0 42 B
401 B 85ms
49ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COOXvYbAv_0CFWwMewodTf8OmQ;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=*;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00

Requested by

Host: 3510645.fls.doubleclick.net
URL: https://3510645.fls.doubleclick.net/activityi;dc_pre=COOXvYbAv_0CFWwMewodTf8OmQ;src=3510645;type=websi050;cat=webi123;ord=1;num=7134484378996;gtm=45He3310;auiddc=807429396.1677837578;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3510645.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lobby-im-selection-05.jpg
image-tc.galaxy.tf/wijpeg-74cqcdijc3o73yy51vbhv85tc/ 291 KB
291 KB 492ms
491ms Image
image/jpeg 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-74cqcdijc3o73yy51vbhv85tc/lobby-im-selection-05.jpg?width=3840

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

562d42bd0dca295478975689303b17ad07bc6d2f3ebe3cbf42a6b302d718f921

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
x-amz-version-id: OoUjfRbWrjm7gENkMtSAeeUklPuvkZAz
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
cf-cache-status: DYNAMIC
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 297658
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Feb 2022 02:40:31 GMT
server: cloudflare
etag: "1e2db259aae829eda0f7a1ac59b6be68"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a21071f9bd32bba-FRA
x-amz-cf-id: AmFPgx4bE4_kqe9OyohdoASKv_RdwHqQITV89cbi4KfI94xunDVkgA==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ 408 KB
163 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadCaptcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Origin: https://www.flemings-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166391
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 09:04:33 GMT

POST
H/1.1 200
OK 1 Show response
dynamic.travelclick-websolutions.com/token/ 686 B
1 KB 326ms
128ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/token/1

Requested by

Host: cdn.galaxy.tf
URL: https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v19d44e94291151bfdcd1444d5caca497

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

c5b0c0ba1acecc2e0e5353111ad66bb55a8c7737cb7812c0656b8716faaaad2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 09:59:38 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-03
Content-Length: 555
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 invisible.js Show response
www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 6252 35 KB
15 KB 13ms
12ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677830400
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91e6659fa8fa7aa220677f1c7478213036b68350ffb5d5839c24b95ea959b85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a21071fbb129b77-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 369350
api.tsa-db.com/v1/data/BID/ Frame 0
0 55ms
9ms Preflight
application/json 2600:9000:223f:e200:16:41f8:18c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tsa-db.com/v1/data/BID/369350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e200:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.flemings-hotels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: *
access-control-max-age: 86400
age: 8051
cache-control: max-age=86400, s-maxage=86400, proxy-revalidate
content-length: 0
content-type: application/json
date: Fri, 03 Mar 2023 07:45:27 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-apigw-id: BMbPpGxSDoEFgkQ=
x-amz-cf-id: DMjCMTTDq8EUDIv55SkW5yDenDucuulxMietbmcMQHWOcX_rI_M2jw==
x-amz-cf-pop: FRA56-P5
x-amzn-requestid: 8468433b-aef9-4147-ae89-79cfd660a93e
x-cache: Hit from cloudfront

GET
H2 200 369350 Show response
api.tsa-db.com/v1/data/BID/ 659 B
1 KB 9ms
8ms XHR
application/json 2600:9000:223f:e200:16:41f8:18c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tsa-db.com/v1/data/BID/369350
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e200:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 51421b6614b6f64a093b89713160032c17539dcd2f2a251e92c9ca26180440f9

Request headers

Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Mar 2023 09:53:27 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 371
x-amzn-trace-id: Root=1-6401c397-2ea23a79137f8be10ff83c66;Sampled=0
x-amzn-requestid: 7bb75d7f-380f-473f-b80e-fc2ed5bced6e
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
access-control-allow-credentials: true
x-amz-apigw-id: BMt_tEZcjoEFjnQ=
content-length: 659
x-amz-cf-id: Y3BZsAlnJBig4Oug7uNoNhwd0TWL4q3TIsR-TxEiaam1-56Y-GJt8g==

GET
H3 200 down-arrow-head-sm.png
www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/ 251 B
676 B 111ms
110ms Image
image/png 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/down-arrow-head-sm.png

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58f1e19458d16afbd89a03103832d3e5cb4be73e49723eaea8fc60baa3a4fe98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 251
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:41 GMT
server: cloudflare
etag: "80ac92094562ebba0148d532ba845bf8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
cf-ray: 7a21071fdb259b77-FRA
x-amz-cf-id: cCXVMllqhKKYPR_R0Nb_fNyh_zCbwGy1ftHG1gca_ppaZlUUti5esA==

GET
H3 200 down-arrow-head-black.png
www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/ 230 B
658 B 81ms
80ms Image
image/png 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/down-arrow-head-black.png

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb3a1ca037b6d51cc737131d8156df29ff02852690656c9068a0acb5e3573c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 230
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:41 GMT
server: cloudflare
etag: "fc97430977357247e34cf585b9015b5c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
cf-ray: 7a21071feb339b77-FRA
x-amz-cf-id: TkI3d-3VL8Kp2Vibx3eWNJFr91oS89XbkyYvtUjsXT6cvwI7QOh66A==

GET
H3 200 left-arrow.png
www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/ 242 B
670 B 85ms
84ms Image
image/png 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/left-arrow.png

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3000a1f92a8cfcd17c13323aee766905256c11b1f33e279f0ca4c3a77dd30c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 242
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:34:11 GMT
server: cloudflare
etag: "b6b15e028b601dd413fe880f634aaad8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
cf-ray: 7a2107200b5a9b77-FRA
x-amz-cf-id: qOC8Xn5b_5FYXnfcjaMBHVX-jjIh4yhAQ42myo7ZlRnzXLX4setpkA==

GET
H3 200 right-arrow.png
www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/ 328 B
758 B 75ms
74ms Image
image/png 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/right-arrow.png

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbfbbf0c2b2d2a0247cc87d46008fa902a0bb13ea03ebd2b08e1e5e9b9dd011f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 328
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:34:13 GMT
server: cloudflare
etag: "3e5a460ad4ff936924acbed3f66714dc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
cf-ray: 7a2107200b5b9b77-FRA
x-amz-cf-id: Yai_h_qU6T_hNbFMOdHjS6vENnQJNPV_C-sEYQbJ_sDLHOhNXF80lw==

GET
H3 200 initPersonalization.bundle.js Show response
www.flemings-hotels.com/frontend/galaxy-helpers/public/ 20 KB
8 KB 102ms
101ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/frontend/galaxy-helpers/public/initPersonalization.bundle.js?ver=9e12c2ffed8b366e72d7

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-676494c8-7126-41cd-8b37-49a9ecd71ccc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7022cad501999201306c3542290df7945db17d5249478c3b8295b4e4d85ba6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Nov 2022 10:36:02 GMT
server: cloudflare
etag: W/"b7eaa1851b39189f3089e87af9633eb2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 7a2107200b719b77-FRA
x-amz-cf-id: HuT-7hyEnpfYSwBt5fvREhSx7mI2mj7F2bJyqlAWPD2YNbb6kCsyxg==

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=859822401569438&ev=Microdata&dl=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&rl=&if=false&ts=1677837578272&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Flemings%20Newsletter%20%7C%20Flemings%20Hotels%20%22%2C%22meta%3Adescription%22%3A%22Melden%20Sie%20sich%20bei%20unserem%20Flemings%20Newsletter%20an%20und%20verpassen%20Sie%20keine%20Hotelangebote%20unserer%20H%C3%A4user%20in%20Deutschland%20und%20%C3%96sterreich.%20%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Flemings%20Hotels%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%22%2C%22og%3Atitle%22%3A%22Flemings%20Newsletter%20%7C%20Flemings%20Hotels%20%22%2C%22og%3Adescription%22%3A%22Melden%20Sie%20sich%20bei%20unserem%20Flemings%20Newsletter%20an%20und%20verpassen%20Sie%20keine%20Hotelangebote%20unserer%20H%C3%A4user%20in%20Deutschland%20und%20%C3%96sterreich.%20%22%2C%22og%3Alocale%22%3A%22de_DE%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.flemings-hotels.com%2F%22%2C%22name%22%3A%22Home%22%7D%7D%2C%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A2%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%22%2C%22name%22%3A%22Newsletter%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.97&r=stable&ec=1&o=30&fbp=fb.1.1677837577765.41632661&it=1677837577625&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Mar 2023 09:59:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Mar 2023 08:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6288
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Mar 2023 10:14:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3R5SJEDWK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9354b277e249464052b8307191f964b27ddb5f00d7dbbc76fb786f470dca11b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74216
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Mar 2023 09:59:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
78 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YV6V62NPF3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0ce3ffea894adcbd64b7dbb8df6b31b59ec33e4fe3e6881a79ce266dbe3f962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Mar 2023 09:59:38 GMT

GET
H3 200 pica.js
www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6252 25 KB
9 KB 13ms
13ms Other
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bff9b7d7a5876e9401e553a9d22728dba9768beb6ebecc47d4c14a9a85abb27f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a2107206bdd9b77-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 49ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3R5SJEDWK4&gtm=45je3310&_p=1741031063&cid=1777477374.1677837578&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677837578&sct=1&seg=0&dl=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&dt=Flemings%20Newsletter%20%7C%20Flemings%20Hotels&en=page_view&_fv=1&_nsi=1&_ss=1&ep.hotel_name=not_applicable&ep.hotel_id=not_applicable&ep.hotel_bid=369350&ep.hotel_brand_name=Flemings%20Hotels&ep.hotel_chain_id=FLE&ep.hotel_city=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_sub_brand_name=not_applicable&ep.hotel_tc_region=not_applicable&ep.hotel_booking_engine=not_applicable&ep.page_has_tvs=no&ep.page_language=de&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.site_cms=galaxy&ep.site_galaxy_product=custom&ep.site_tvs=tvs_no&ep.hotel_property_type=group_property&ep.hotel_star_rating=not_applicable&ep.hotel_room_types_count=not_applicable&epn.site_number_of_languages=2&ep.site_global_product=web&ep.page_content_group=not_applicable&ep.site_be_version=be4&epn.page_tvs_videos_count=0&up.user_logged_in=no
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flemings-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YV6V62NPF3&gtm=45je3310&_p=1741031063&cid=1777477374.1677837578&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1677837578&sct=1&seg=0&dl=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&dt=Flemings%20Newsletter%20%7C%20Flemings%20Hotels&en=page_view&_fv=1&_ss=1&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.page_content_group=not_applicable&ep.page_full_url=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&ep.page_language=de&ep.page_containing_tvs=no&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_brand_name=not_applicable&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&ep.hotel_star_rating=not_applicable&ep.hotel_property_type=group_property&ep.hotel_booking_engine_provider=not_applicable&up.user_logged_in_session=no
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flemings-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 21ms
20ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1741031063&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&ul=en-us&de=UTF-8&dt=Flemings%20Newsletter%20%7C%20Flemings%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=1768620035&gjid=1697789519&cid=1777477374.1677837578&tid=UA-162681275-1&_gid=675395953.1677837578&_r=1&_slc=1&gtm=45He3310n81TL2MM4B&cg1=web&cg2=not_applicable&cg3=group_property&cd1=369350&cd2=FLE&cd3=Flemings%20Hotels&cd4=not_applicable&cd5=not_applicable&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd10=not_applicable&cd11=not_applicable&cd12=galaxy&cd13=custom&cd19=tvs_no&cd20=not_applicable&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=2&cd25=de&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&cd39=not_applicable&cd40=flemings-hotels.com&cd41=GTM-TL2MM4B&cd42=62&cd54=be4&cd59=0&z=2010757730

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flemings-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 21ms
21ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1741031063&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&ul=en-us&de=UTF-8&dt=Flemings%20Newsletter%20%7C%20Flemings%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=564722564&gjid=350400349&cid=1777477374.1677837578&tid=UA-10492420-1&_gid=675395953.1677837578&_r=1&_slc=1&gtm=45He3310n81PC9F8W6&cg1=not_applicable&cd1=not_set&cd2=not_applicable&cd3=not_applicable&cd4=not_applicable&cd5=https%3A%2F%2Fwww.flemings-hotels.com%2Fnewsletter%3Fpl%3D136i39y35n38a32i32334g3b33be34g37i32l00&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=de&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd13=not_applicable&cd14=no&cd20=no&z=1482650756

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flemings-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 66ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-10492420-1&cid=1777477374.1677837578&jid=564722564&gjid=350400349&_gid=675395953.1677837578&_u=YCDACEABBAAAACAEK~&z=415855707

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Mar 2023 09:59:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flemings-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 7a210715ec00363c Show response
www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6252 2 B
395 B 35ms
35ms XHR
text/plain 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/cv/result/7a210715ec00363c
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677830400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Mar 2023 09:59:38 GMT
content-encoding: br
server: cloudflare
cf-ray: 7a210722feea9b77-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-10492420-1&cid=1777477374.1677837578&jid=564722564&_u=YCDACEABBAAAACAEK~&z=78745617

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 64ms
63ms Image
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-10492420-1&cid=1777477374.1677837578&jid=564722564&_u=YCDACEABBAAAACAEK~&z=78745617

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 09:59:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajax-loader.gif
www.tcgms.net/scripts/responsive/images/ Frame A6D4 6 KB
6 KB 196ms
196ms Image
image/gif 104.70.84.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcgms.net/scripts/responsive/images/ajax-loader.gif

Requested by

Host: www.tcgms.net
URL: https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.theme.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-190.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 23 Nov 2015 20:11:52 GMT
server: Apache
etag: "1862-5253ad5fcd200"
content-type: image/gif
cache-control: max-age=300
accept-ranges: bytes
content-length: 6242
expires: Fri, 03 Mar 2023 10:04:39 GMT

GET
DATA 200
OK truncated
/ Frame A6D4 491 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b34342ec404b196c30262ebcf2cc15d14299ef083a974f4a87d8ad00f8208141

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ Frame A6D4 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 file.png
image-tc.galaxy.tf/wipng-7tdxgisykidvpxtb6xcpnnh0l/ 42 KB
42 KB 541ms
541ms Image
image/png 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-7tdxgisykidvpxtb6xcpnnh0l/file.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718da8fbbe01f93258d41e6cfae4aae4902aa7d78bd324978bdc2a49c2743783

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:44 GMT
x-amz-version-id: WrG4gMnNiMXZeLN3_KFQDDEnxTEkGqTk
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 d9b4f7932dd39e3cb7eccebd62e86aae.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: BCN50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42542
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 20 Dec 2022 10:11:31 GMT
server: cloudflare
etag: "aa2c212d526700fd0de3e8b9a8d45c7c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a210740bc163a6e-FRA
x-amz-cf-id: M5X9rmpJaY3kRquNqGNl0PrV3ZdF8YnYTC8ofZEfwoX6tafys6hPeg==

GET
H3 200 logo-header.svg
image-tc.galaxy.tf/wisvg-47mb3rv9uuaif5oivatbeuyj2/ 5 KB
2 KB 563ms
562ms Image
image/svg+xml 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-47mb3rv9uuaif5oivatbeuyj2/logo-header.svg?width=392

Requested by

Host:
URL: webpack-internal:///./src/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f50bcd7dbcf2a6c6aa63cd5fe368d98f94a1b3a7bc2758046eaab4558a9e25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:59:44 GMT
x-amz-version-id: 5HE2Nv1O1IxrnAnG.mMFZO4dlIkXTLqT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 0fe442b3ab446989870fb1ebd9e1d01a.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: BCN50-P2
cf-cache-status: DYNAMIC
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 03:48:54 GMT
server: cloudflare
etag: W/"4723d460444af6e8c145e61a8d9c344e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
cf-ray: 7a210740bc1c3a6e-FRA
x-amz-cf-id: g7YEmCoU3ScHy1fOpkW6a3hcm_E08OEiuCIeNsSpbS-Qfiyq2IvBSA==

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tcgms.net/tr	1969-12-31 23:59:59	Name: GMS_REDIRECT Value: FC8FDE1CCCA0E097C93592AAC469985A
tcgms.net/	1970-01-20 10:47:09	Name: 9547360029925 Value: b865bd3376408
.flemings-hotels.com/	1970-01-20 12:13:33	Name: _gcl_au Value: 1.1.807429396.1677837578
.flemings-hotels.com/	1970-01-20 12:13:33	Name: _fbp Value: fb.1.1677837577765.41632661
.doubleclick.net/	1970-01-20 19:25:33	Name: IDE Value: AHWqTUnrbLrmakESg3-oCclc7ziGgQVrmiu4VXsKlWo46VmWVt1njmu_vwDd0cbRhqk
.flemings-hotels.com/	1970-01-20 19:39:57	Name: _ga_3R5SJEDWK4 Value: GS1.1.1677837578.1.0.1677837578.0.0.0
.flemings-hotels.com/	1970-01-20 19:39:57	Name: _ga_YV6V62NPF3 Value: GS1.1.1677837578.1.0.1677837578.0.0.0
.flemings-hotels.com/	1970-01-20 19:39:57	Name: _ga Value: GA1.2.1777477374.1677837578
.flemings-hotels.com/	1970-01-20 10:05:23	Name: _gid Value: GA1.2.675395953.1677837578
.flemings-hotels.com/	1970-01-20 10:03:57	Name: _gat_tct Value: 1
.flemings-hotels.com/	1970-01-20 10:03:57	Name: _gat_UA-10492420-1 Value: 1
www.flemings-hotels.com/	1970-01-20 10:03:59	Name: galaxy-session-cookie-de Value: true
.www.flemings-hotels.com/	1970-01-20 10:03:59	Name: __cf_bm Value: 7QMiqpkPOovBWqZDM8G3Ha5VGPqm.IiM4ED8LwHytxw-1677837578-0-AZNpDw5DMev6xzSIr+UugjGFa2u8yxs/4pnWB2NtHjYGXyY8RTT1soJT3ZG4Xx8QWGo/MorPU6738qMaHnuAPpdU0zdPP82Hxm0knp22AaEqgG8uuLLYprGP91OkVUVlA2lorbSY0MHU0VYEbqExqh0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.flemings-hotels.com/undefinedasync Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.flemings-hotels.com/newsletter?pl=136i39y35n38a32i32334g3b33be34g37i32l00(Line 1299) Message: Refused to execute script from 'https://www.flemings-hotels.com/undefinedasync' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3510645.fls.doubleclick.net
adservice.google.com
api.trustyou.com
api.tsa-db.com
app.secureprivacy.ai
cdn.galaxy.tf
connect.facebook.net
dynamic.travelclick-websolutions.com
googleads.g.doubleclick.net
image-tc.galaxy.tf
region1.google-analytics.com
stats.g.doubleclick.net
tcgms.net
www.facebook.com
www.flemings-hotels.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.tcgms.net
104.70.84.190
142.251.208.102
172.67.71.189
195.244.31.25
2001:4860:4802:32::36
2600:9000:223f:e200:16:41f8:18c0:93a1
2606:4700::6811:b63a
2606:4700::6811:ba3a
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9c
2a00:1450:400d:803::2003
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
88.198.114.4
019d1d21e43cf47042834c10c5c926756c497694e1e309ae1c0b82ff56e6d9aa
02fa4759cedac98b71d5cb98f7b84390ec4ee11a86186a0e27479a50262109e0
091b9aa462dde70e69617b42fe2a65ca956ded4850b0a2aec8994421036e441c
14cc66e8f9f632f795f3677df20755edfec2da56ce5391d3808046a63fafb05a
1871cedc94b54ba40d2e235e3cd248dcad52ec64c0beec74ef455e51e9c75466
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
235811eea35afea6661df621dcd80615b44d0abf0f4e30141bcb062c3edcecea
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
291e4ceacea80004276a4500a661d05acd5912b405fb13a2fe5fa6fc4c676eee
2d5f55af6b26f54540a0b432dd6f4fbda74ac3391ce1c81c2da35b0eee52356e
3000a1f92a8cfcd17c13323aee766905256c11b1f33e279f0ca4c3a77dd30c75
3359218fa5c5db4640b36c5f1ea6ed6784dfd8c36d06a24a790ee13915a4c756
3d5c31a7e56cfc12b784ae9f7d946c74b9f0e301032ddc6b786a83c3be2773db
4018d80284d0b380e6f0187eea93cd2006c976d7990a9a59234bbb3f7e4d48a3
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
51421b6614b6f64a093b89713160032c17539dcd2f2a251e92c9ca26180440f9
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
562d42bd0dca295478975689303b17ad07bc6d2f3ebe3cbf42a6b302d718f921
58e9e1b97cb14d612b4fc1e52a34e161c8d4baa8e0d37bdbf4893b4dc25069f5
58f1e19458d16afbd89a03103832d3e5cb4be73e49723eaea8fc60baa3a4fe98
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
5af0c53b5878d54664c7bb957ac58b9bc162f338c6e29723fa5dfd9e52137e5f
6be8c702ecf7e676b3f8124253d6c97eb1cb0ab1c7d5a267983461f54658c4d4
7022cad501999201306c3542290df7945db17d5249478c3b8295b4e4d85ba6eb
718da8fbbe01f93258d41e6cfae4aae4902aa7d78bd324978bdc2a49c2743783
765da8a3f11f229fd6636c2085ef29835311ecfbdbea2e89d61c79c3e818e634
77db1e92623f53f39a92474ff79429f547485f839dc0b30bc33a5f65ce880da8
7937fd6e1b04aaaae3549fd2a6e2d9c7a773124879db28cf22e4cc13c1ffa0b2
7c80ab1f6ee79aed37e6d575473b4b5d4fa43655d61c94ec19e176962cfbb584
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
82f50bcd7dbcf2a6c6aa63cd5fe368d98f94a1b3a7bc2758046eaab4558a9e25
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8964e438a1f1a01489df821e32816d1651550b39b55b783ad7f5d85e43c6247b
8abea2f8b98fc8b75ee263f890cc3f6345074dbd2021609bc28ae4aa48e24636
9354b277e249464052b8307191f964b27ddb5f00d7dbbc76fb786f470dca11b9
a06428ba01c0ceafa7d68c9c6cf720ae3543831c878ca0c66dc38ad74eb5c74b
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc
a8bd2ffb1e86cd8ab362d0c57f12860bc2b35b243d9f9a9ed63b663ca2ae82ca
ad276a9b384daf069f7458062d26b31838d009086e6b3a5e0c69a5682063239c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34342ec404b196c30262ebcf2cc15d14299ef083a974f4a87d8ad00f8208141
b45e4a5049146af2d13f095faf4857790d38a2b5b0949c391ef539fba7698c36
bbfbbf0c2b2d2a0247cc87d46008fa902a0bb13ea03ebd2b08e1e5e9b9dd011f
bff9b7d7a5876e9401e553a9d22728dba9768beb6ebecc47d4c14a9a85abb27f
c1f78372fef6004ba25f660c5e2a8377c7e057e1386281df289973abb4cebabf
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c5b0c0ba1acecc2e0e5353111ad66bb55a8c7737cb7812c0656b8716faaaad2e
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cb3a1ca037b6d51cc737131d8156df29ff02852690656c9068a0acb5e3573c45
cd2e6e286b2c1237bdf2cc4b970bf6c3930c9e405d69f68f3231044cfa405a0c
ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c
d0ce3ffea894adcbd64b7dbb8df6b31b59ec33e4fe3e6881a79ce266dbe3f962
d14a1b9791657bcd13c89ddc2d2bfcddc5491c377ebf7b4ef6a86c5b89eb18c7
dc1a649c2c24afe3072a5c478ca103e81a5f35f862e119d4a245b0b570f8c6ce
dff41f45bf1410d70bbaa825268ce556be0a4c1eb3c293600971e60e565a218b
e1af5c26a6ca0cf6e1efcd25d203b5d1b890d8d2756d58ca0cfdfafa2f488576
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57a18673369c39a2d5459f7ea0b6aafb0e2f7e5584d2bfde9850eb1e5c35768
e7954b62653e3d7d5a7b455589a7238d661dfbaebd18650bc4b9d82089ab7156
e91e6659fa8fa7aa220677f1c7478213036b68350ffb5d5839c24b95ea959b85
e91ed604c2d3d97848d6c56d198e5e811759af44314a44257c0fab4aa42824e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fce68f8947c03e8e8e627e6f5ba7bf0affd0cd3c55e518ff6262f5280496036b
ffc992202755637f8b6d51b4f61d30e3b47fc797403d923a9cd618a47c6ca184

www.flemings-hotels.com Open in urlscan Pro 2606:4700::6811:ba3a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

74 %IPv6

15 Domains

21 Subdomains

20 IPs

4 Countries

3642 kBTransfer

14377 kBSize

13 Cookies

5 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.flemings-hotels.com Open in urlscan Pro
2606:4700::6811:ba3a Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

21
Subdomains

20
IPs

4
Countries

3642 kB
Transfer

14377 kB
Size

13
Cookies

76 HTTP transactions
3 data transactions