www.eastinhotelsresidences.com Open in urlscan Pro
2606:4700::6811:ba3a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.eastinhotelsresidences.com/
Effective URL:
https://www.eastinhotelsresidences.com/
Submission: On January 29 via api (January 29th 2024, 10:35:11 pm UTC) from US — Scanned from DE

Summary HTTP 121 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 58 IPs in 9 countries across 54 domains to perform 121 HTTP transactions. The main IP is 2606:4700::6811:ba3a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.eastinhotelsresidences.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 13th 2023. Valid for: a year.

This is the only time www.eastinhotelsresidences.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6811:b63a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2606:4700::68... 2606:4700::6811:ba3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b93a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	35.244.188.9 35.244.188.9	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700::68... 2606:4700::6811:b73a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
8 8	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3 5	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 14	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
4	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
4	151.101.0.217 151.101.0.217	54113 (FASTLY) (FASTLY)
2	18.197.177.71 18.197.177.71	16509 (AMAZON-02) (AMAZON-02)
1	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.244.31.25 195.244.31.25	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1	54.77.71.210 54.77.71.210	16509 (AMAZON-02) (AMAZON-02)
1	23.43.61.193 23.43.61.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.120.22.30 3.120.22.30	16509 (AMAZON-02) (AMAZON-02)
1	81.17.55.172 81.17.55.172	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2607:ae80:4::25 2607:ae80:4::25	26558 (FREEWHEEL) (FREEWHEEL)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 7	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
3 3	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.210.162.23 52.210.162.23	16509 (AMAZON-02) (AMAZON-02)
2	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.217.93.219 54.217.93.219	16509 (AMAZON-02) (AMAZON-02)
1	52.218.45.240 52.218.45.240	16509 (AMAZON-02) (AMAZON-02)
5 6	89.163.142.91 89.163.142.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	139.162.147.24 139.162.147.24	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	193.135.9.124 193.135.9.124	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	80.85.85.173 80.85.85.173	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	52.214.179.171 52.214.179.171	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	18.161.111.37 18.161.111.37	16509 (AMAZON-02) (AMAZON-02)
2 3	54.78.141.128 54.78.141.128	16509 (AMAZON-02) (AMAZON-02)
2 2	54.74.195.22 54.74.195.22	16509 (AMAZON-02) (AMAZON-02)
1 1	18.197.132.245 18.197.132.245	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.153.95 52.57.153.95	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:3c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	52.29.105.89 52.29.105.89	16509 (AMAZON-02) (AMAZON-02)
121	58

1 2606:4700::6811:b63a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.eastinhotelsresidences.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6811:ba3a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.eastinhotelsresidences.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b93a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.188.9 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:b73a (United States)

ASN13335 (CLOUDFLARENET, US)

image-tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.157.3.20 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.177.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-177-71.eu-central-1.compute.amazonaws.com

tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net

dynamic.travelclick-websolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.71.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-71-210.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.61.193 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-61-193.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.22.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-22-30.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.172 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 77.243.51.121 (Aalborg, Denmark) 6 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.118 (Loerrach, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.162.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-162-23.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.93.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-93-219.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.45.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.163.142.91 (Germany) 5 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm40.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.24 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags2.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.124 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.85.85.173 (London, United Kingdom) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li749-173.members.linode.com

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.179.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-179-171.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.161.111.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-37.mrs52.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.78.141.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-141-128.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.195.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-195-22.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.132.245 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-132-245.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.153.95 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-153-95.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:3c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.105.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-105-89.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	eastinhotelsresidences.com 2 redirects www.eastinhotelsresidences.com	651 KB
16	adform.net 4 redirects s2.adform.net — Cisco Umbrella Rank: 7060 c1.adform.net — Cisco Umbrella Rank: 583 a2.adform.net — Cisco Umbrella Rank: 8943 dmp.adform.net — Cisco Umbrella Rank: 3041	42 KB
14	galaxy.tf cdn.galaxy.tf — Cisco Umbrella Rank: 100466 image-tc.galaxy.tf — Cisco Umbrella Rank: 74948 tc.galaxy.tf — Cisco Umbrella Rank: 104651	2 MB
13	doubleclick.net 12 redirects ad.doubleclick.net — Cisco Umbrella Rank: 163 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	5 KB
9	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3581 i.vimeocdn.com — Cisco Umbrella Rank: 3376 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3504	267 KB
7	adsafety.net 6 redirects cm.adsafety.net — Cisco Umbrella Rank: 20357 tags.adsafety.net — Cisco Umbrella Rank: 83214	12 KB
7	semasio.net 6 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1382 se.semasio.net — Cisco Umbrella Rank: 18095	4 KB
7	sojern.com static.sojern.com — Cisco Umbrella Rank: 13605 beacon.sojern.com — Cisco Umbrella Rank: 6406 pixel.sojern.com — Cisco Umbrella Rank: 8511	49 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	84 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490	5 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 98 fcmatch.google.com — Cisco Umbrella Rank: 3365 analytics.google.com — Cisco Umbrella Rank: 154	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	366 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2054	2 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13701	629 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	smartstream.tv 2 redirects ads.smartstream.tv — Cisco Umbrella Rank: 28629 cm.smartstream.tv — Cisco Umbrella Rank: 228371	1 KB
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 727	648 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1780	960 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	297 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	68 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1876 vimeo.com — Cisco Umbrella Rank: 1792	11 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2112	44 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 412	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 28504	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 662	239 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1376	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	1 KB
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 544	489 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 23811	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 870	225 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 784	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 28921	380 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2043	264 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 853	265 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 451	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1074	344 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	235 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 562	638 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669	163 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4137	38 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 477	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4474	235 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 698	199 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 21472	466 B
1	google.ru www.google.ru — Cisco Umbrella Rank: 10514	408 B
1	travelclick-websolutions.com dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 122745	1 KB
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 3354	432 B
121	54

	Domain	Requested by
17	www.eastinhotelsresidences.com	2 redirects www.eastinhotelsresidences.com www.googletagmanager.com
11	c1.adform.net	4 redirects a2.adform.net c1.adform.net
11	image-tc.galaxy.tf	www.eastinhotelsresidences.com
8	cm.g.doubleclick.net	8 redirects
6	cm.adsafety.net	5 redirects c1.adform.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.eastinhotelsresidences.com
4	se.semasio.net	3 redirects c1.adform.net
4	i.vimeocdn.com	player.vimeo.com www.eastinhotelsresidences.com f.vimeocdn.com
4	f.vimeocdn.com	player.vimeo.com
4	ad.doubleclick.net	4 redirects
4	static.sojern.com	www.googletagmanager.com www.eastinhotelsresidences.com static.sojern.com
4	www.googletagmanager.com	www.eastinhotelsresidences.com www.googletagmanager.com
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	dsp.adfarm1.adition.com	3 redirects
3	uipglob.semasio.net	3 redirects
3	www.gstatic.com	f.vimeocdn.com www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.eastinhotelsresidences.com
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	www.facebook.com	static.sojern.com
2	tc.galaxy.tf	cdn.galaxy.tf
2	match.adsrvr.org	static.sojern.com c1.adform.net
2	ib.adnxs.com	1 redirects static.sojern.com
2	pixel.sojern.com	static.sojern.com
2	adservice.google.com	static.sojern.com www.eastinhotelsresidences.com
2	connect.facebook.net	beacon.sojern.com connect.facebook.net
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.smartstream.tv	1 redirects
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	x.bidswitch.net	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	a1.seadform.net	static.sojern.com
1	www.google.ru	www.eastinhotelsresidences.com
1	stats.g.doubleclick.net	www.eastinhotelsresidences.com
1	analytics.google.com	www.eastinhotelsresidences.com
1	dynamic.travelclick-websolutions.com	www.eastinhotelsresidences.com
1	vimeo.com	f.vimeocdn.com
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	a2.adform.net	s2.adform.net
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	s2.adform.net	beacon.sojern.com
1	beacon.sojern.com	static.sojern.com
1	player.vimeo.com	www.eastinhotelsresidences.com
1	cdn.galaxy.tf	www.eastinhotelsresidences.com
121	73

This site contains links to these domains. Also see Links.

Domain
949.www.travelclick-websolutions.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
www.eastinhotelsresidences.com Cloudflare Inc ECC CA-3	`2023-03-13` - `2024-03-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
cdn.galaxy.tf Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
image-tc.galaxy.tf Cloudflare Inc ECC CA-3	`2023-05-08` - `2024-05-07`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
*.galaxy.tf Amazon RSA 2048 M01	`2023-04-22` - `2024-05-20`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-12-30` - `2024-03-29`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
*.travelclick-websolutions.com Gandi Standard SSL CA 2	`2023-07-05` - `2024-07-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com.ru GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.eastinhotelsresidences.com/
Frame ID: 605E82B9BB29CF0748845753A9DADFAE
Requests: 48 HTTP requests in this frame

Frame: https://player.vimeo.com/video/157257665
Frame ID: DA3F359C4B5F0147CF348619868C0C36
Requests: 14 HTTP requests in this frame

Frame: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=
Frame ID: 219950B33BA02387058202FFA746C05D
Requests: 17 HTTP requests in this frame

Frame: https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 2387644F48AB6794CCFB7E4522FE6B4C
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Frame ID: F75C839BB1DF29B67865DDDDE3B6FBE1
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Eastin Hotels, Resorts & Residences | Deluxe & Luxury Hotels in Asiaarrow-rightarrow-leftarrow-bottomarrow-topcalendarphonewebsitedownload-arrowfacebooktwittergoogle-plustripadvisorinstagrampauseplaycrossquote-opensunMenumailmarkerclockcheckpinterestyoutubewechatlinkedintiktokline-msgwhatsappweibogallery-videotrianglehotelhotel-airlogoutarrow-downxingpersontriangle-rulerbedfloorplangoogleuploadclosecalendarguestsearchremovehotelmap-viewlist-viewvideo-playvideo-pausezoom-magnifychain-linkalertheightdimensionsmax-capacitystarreview-usertrashtagcircle-enlargecircle-videoprinterMenuBack to top

Page URL History Show full URLs

http://www.eastinhotelsresidences.com/ HTTP 301
https://www.eastinhotelsresidences.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

121
Requests

84 %
HTTPS

26 %
IPv6

54
Domains

73
Subdomains

58
IPs

9
Countries

3294 kB
Transfer

7509 kB
Size

63
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://949.www.travelclick-websolutions.com/our-hotels
Title: Eastin Hotels

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EastinHotelsResidences

Search URL Search Domain Scan URL

URL: https://twitter.com/EastinHotels

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7Lfuqt34uR_hv7NR4-25bQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.eastinhotelsresidences.com/ HTTP 301
https://www.eastinhotelsresidences.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://ad.doubleclick.net/ddm/activity/src=13483457;type=track0;cat=easti0;qty=1;cost=0;u1=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%7Cauto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%7Cauto_ga%3D979316819.1706567705%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D112167%7Cpt%3DTRACKING%7Cet%3D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=112167;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=13483457;dc_pre=CJWmmo_Ug4QDFbdXHgIdQ7gF5Q;type=track0;cat=easti0;qty=1;cost=0;u1=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%7Cauto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%7Cauto_ga%3D979316819.1706567705%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D112167%7Cpt%3DTRACKING%7Cet%3D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=112167;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=13483457;dc_pre=CJWmmo_Ug4QDFbdXHgIdQ7gF5Q;type=track0;cat=easti0;qty=1;cost=0;u1=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%7Cauto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%7Cauto_ga%3D979316819.1706567705%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D112167%7Cpt%3DTRACKING%7Cet%3D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=112167;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Request Chain 30

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=CLIWgEIha6P3ZeMOZjtzHQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=_LpT5nkudjpxrsfeur3Ev2NqQO-rEOR6Rw4GWFn5TmnTxQp843I_Wl3whtLFGeiK&sjrn_ula=8166203250 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=CLIWgEIha6P3ZeMOZjtzHQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=_LpT5nkudjpxrsfeur3Ev2NqQO-rEOR6Rw4GWFn5TmnTxQp843I_Wl3whtLFGeiK&sjrn_ula=8166203250&google_tc= HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=_LpT5nkudjpxrsfeur3Ev2NqQO-rEOR6Rw4GWFn5TmnTxQp843I_Wl3whtLFGeiK&sjrn_ula=8166203250&google_gid=CAESEP_le85gfqh5kCbfgV7g7tk&google_cver=1

Request Chain 31

https://cm.g.doubleclick.net/pixel?google_hm=CLIWgEIha6P3ZeMOZjtzHQ&google_nid=sojern_adh HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=CLIWgEIha6P3ZeMOZjtzHQ&google_nid=sojern_adh&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDorV_bWUpl28EPmFDGGm5eDuJyjVGw740CSo4pwPLAJUySZvQGw9DMLzjBmw_CGM0nki0-AIm4x0d7VE90ozqEsykwvdbnvhCnveVcID1Pq5KhfLV4Q HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorV_bWUpl28EPmFDGGm5eDuJyjVGw740CSo4pwPLAJUySZvQGw9DMLzjBmw_CGM0nki0-AIm4x0d7VE90ozqEsykwvdbnvhCnveVcID1Pq5KhfLV4Q

Request Chain 34

https://c1.adform.net/serving/cookie/match?cid=08b21680-4221-6ba3-f765-e30e663b731d&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=08b21680-4221-6ba3-f765-e30e663b731d&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=980116805332889803&cid=08b21680-4221-6ba3-f765-e30e663b731d

Request Chain 43

https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Request Chain 44

https://ad.doubleclick.net/ddm/activity/src=9572998;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5905366579917.246 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9572998;dc_pre=CPqdoI_Ug4QDFS1MHgIdebUJBg;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5905366579917.246 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9572998;dc_pre=CPqdoI_Ug4QDFS1MHgIdebUJBg;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5905366579917.246

Request Chain 84

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=980116805332889803&expiration=1707777306 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=980116805332889803&expiration=1707777306&C=1

Request Chain 85

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=980116805332889803&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=980116805332889803&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=980116805332889803&gdpr=&sInitiator=external HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7329652485700384928&sInitiator=internal&gdpr= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=6844672575976020927&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MzI1NDI0RUI4MUNFQUJDMg&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEAGoDxorkNqN-Z9i4_TIpIw&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEAGoDxorkNqN-Z9i4_TIpIw&sInitiator=internal&google_cver=1&gdpr=

Request Chain 87

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=980116805332889803 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=980116805332889803&xl8blockcheck=1

Request Chain 92

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 93

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=980116805332889803 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM120240129221153621944c2e7b276c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=b059bd58a629c506c96ef810e385a3ae HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120240129221153621944c2e7b276c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=b059bd58a629c506c96ef810e385a3ae&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMjkyMjExNTM2MjE5NDRjMmU3YjI3NmM&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEDda-s1V_0DtufSt-4EPVHc&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7329652485700384928 HTTP 302
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7329652485700384928 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120240129221153621944c2e7b276c HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=980116805332889803

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTgwMTE2ODA1MzMyODg5ODAz HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL2lobR50CfhGTXvOou0en0&google_cver=1&google_ula=1641347,0

Request Chain 97

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=6844672575976020927&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=980116805332889803

Request Chain 100

https://a.audrte.com/a?adform_uid=980116805332889803 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aTkzNjJ6a2lLTlFRRUt3ZmNPRkVuS0tZUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 101

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=980116805332889803&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=980116805332889803&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=59929797047449190441184026890449133808&noredirect=1

Request Chain 102

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=980116805332889803 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217163104776006280444

Request Chain 103

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7329652485699598496

Request Chain 105

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=kVgtPWCd1RuAdA5

Request Chain 108

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2191761252 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=m36VmJNVC/BkrxedF7g0nu

121 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.eastinhotelsresidences.com/
Redirect Chain

http://www.eastinhotelsresidences.com/
https://www.eastinhotelsresidences.com/

73 KB
17 KB

173ms
154ms

Document
text/html

2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63bb2dc1882ddfb3446be4526a312d4db94c7a5bed74b2f78fbba1e3427f35b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84d4f23affe0904f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 22:35:04 GMT
last-modified: Mon, 29 Jan 2024 04:20:17 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
x-amz-cf-id: maH0gTZzuI6rDfJx8uwP7iOceFzmHqSVaHh9zQ6C0QrQVvHXc5HjXg==
x-amz-cf-pop: VIE50-C2
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 84d4f23aaa359186-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 29 Jan 2024 22:35:04 GMT
Expires: Mon, 29 Jan 2024 23:35:04 GMT
Location: https://www.eastinhotelsresidences.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
899 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

598dac89694017d12e812bdae67530962525b21b3d29f0c6cb54d64279476e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 22:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 22:35:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 22:35:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
540 B 38ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3333a2035912d27f9f31d7ef4d7a59aab880a4a89fa54a729dcdf1bc8bcdb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 22:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 22:35:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 22:35:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fd6673c422424e4269957d703f7552aeebed142390e9c3720fd6770a2ec7d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 22:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 22:30:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 22:35:04 GMT

GET
H2 200 main.css
www.eastinhotelsresidences.com/css/custom/919/1/main/c50055b1d15978fd61fe2fa33c510d9f/ 746 KB
104 KB 172ms
172ms Stylesheet
text/css 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/css/custom/919/1/main/c50055b1d15978fd61fe2fa33c510d9f/main.css

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

907de905a6b744a6e7c2a00312bdcad377799db75031ffa7a7f3d5520966abdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 29 Jan 2024 04:20:33 GMT
server: cloudflare
etag: W/"6ab31ef3ba1f2dbf1aeda9a6f15ddc45"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
cf-ray: 84d4f23c18ad904f-FRA
x-amz-cf-id: Q23b6DbFzvjx4iWzQ9heoR4dHqhrtb64INAHBoLY-TyiQWU1RL6f1g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 290 KB
88 KB 63ms
42ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8acbec95e03a4dfb513a65b035614b4968266c66ba4f352cf0eff104927cd58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90406
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 22:09:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 22:35:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
106 KB 48ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NX23PZH

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6ae2eabe05abea4257c23d7fe7787140961c6a420c22d8459950a39918bea6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107752
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 22:09:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 22:35:05 GMT

GET
H3 200 svg-icons.svg
www.eastinhotelsresidences.com/integration/tc-theme/public/svg/ 61 KB
19 KB 161ms
160ms Image
image/svg+xml 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/svg/svg-icons.svg

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0098006fea9999fca88a05fe38168c971d3efc2fdbe2f6eb8c34ea0d5ec64190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Jan 2024 01:56:21 GMT
server: cloudflare
etag: W/"7685c719fb52cf9d344d1986684da17f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 84d4f23d589ebb3b-FRA
x-amz-cf-id: 6Mm4v4uRRoVo7UklpxFIXS_9VvraUPeMbB9qTshz6mTN3Ie2hVkFtQ==

GET
H3 200 cookieconsent.min.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/vendor/ 19 KB
7 KB 167ms
167ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/vendor/cookieconsent.min.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 4e3b2e1fa2acb7612ea516b89c06af70.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Dec 2022 08:58:51 GMT
server: cloudflare
etag: W/"f2bc0804920974cdb94feca2936b668c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 84d4f23d58a0bb3b-FRA
x-amz-cf-id: IhgvRnuuNrYtEJfPBba7jN4QeC0bs6i3hT9dFoUs1fy-boOrJNni9A==

GET
H2 200 gms-latest.min.js Show response
cdn.galaxy.tf/asset-galaxy/js/ 149 KB
46 KB 302ms
275ms Script
application/javascript 2606:4700::6811:b93a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?vfd8388f082e45ac8d611054e1010657c

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5a86464c4b9183b213d65414690cc67a7c95322fca37b6a62ba0378c6890469

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
strict-transport-security: max-age=15768000
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 27 Dec 2023 10:34:16 GMT
server: cloudflare
etag: W/"253b9-60d7b57401258-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84d4f23d8e3135ea-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 22:35:05 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastinhotelsresidences.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:07:30 GMT
x-content-type-options: nosniff
age: 1655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 22:07:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX23PZH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 21:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2816
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 29 Jan 2024 23:48:09 GMT

GET
H3 404 undefined
www.eastinhotelsresidences.com/ 0
0 555ms
554ms Script
text/html 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/undefined

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX23PZH

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 84d4f23df909bb3b-FRA
x-amz-cf-id: Ndg4TQFb4dZ82zsE7OeZ3M7QSAEK1YgAWyQuaJt6l3H2ChgHUQTiiA==

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ 14 KB
15 KB 47ms
7ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX23PZH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a48afcdd03f4564488705ee1d770061af2c928c8b5ed5653a3dc9c95a8aab1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:34:10 GMT
age: 55
x-guploader-uploadid: ABPtcPqgqgEgkkEW-26VX9Zra4RyYV410cCggim-J1N8Nzyh4cnHpm0r-VAW1GuRVOPXyKBOXw8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
last-modified: Fri, 05 Jan 2024 16:18:13 GMT
server: UploadServer
etag: "dbb1990f7a59a25184dbe4890dded809"
x-goog-generation: 1704471493641820
x-goog-hash: crc32c=HftQZQ==, md5=27GZD3pZolGE2+SJDd7YCQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 14754
accept-ranges: bytes
expires: Mon, 29 Jan 2024 23:34:10 GMT

GET
H3 200 main.bundle.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/shared-gms-v2/js/ 212 KB
67 KB 223ms
223ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?vfd8388f082e45ac8d611054e1010657c

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46719c39391e0cde24fa1fe95637224f0a4fc999b8ab6d3c8fd765a1992bfbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Jan 2024 01:56:21 GMT
server: cloudflare
etag: W/"a2359bcb4d03ba610bae2ce19c3b3962"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 84d4f2403a8fbb3b-FRA
x-amz-cf-id: HBqbpppyvTk84cxpzY1GQYtwwZYPX7qhjzSBTiL_JCNm0pB2Ldql6A==

GET
H/1.1 200
OK 157257665 Show response
player.vimeo.com/video/ Frame DA3F 25 KB
10 KB 271ms
238ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/157257665

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87278ae8e25eb2d2e29d87fd69b603e49e2d22975a04038803918a445499af92

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eastinhotelsresidences.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84d4f240799c1c05-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 22:35:05 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230105-FRA
X-Timer: S1706567706.683603,VS0,VE219
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-6b8f8c5887-6smnh
x-content-type-options: nosniff
x-host: player-backend-6b8f8c5887-6smnh
x-player-backend: g
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1562743639-5d2593572fde2-thumb.jpg
image-tc.galaxy.tf/wijpeg-9t0hz0lkql81qhv7ulwq7u98w/ 29 KB
30 KB 621ms
562ms Image
image/jpeg 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-9t0hz0lkql81qhv7ulwq7u98w/1562743639-5d2593572fde2-thumb.jpg?width=560

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f51a9d161ee058e4ea25c31ef3b1d7ad3de51cdf961286c3c0c8067605f59dc4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
x-amz-version-id: JLCcUhTTJo3GYk9Uy_ohUGfq2bYodMfy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 eb78cbb81a4ab555c78ae1168deff6e2.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 30104
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Dec 2021 03:44:00 GMT
server: cloudflare
etag: "577d2cd614cd40a763d6bc3c8bf220a2"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f240ad8830e7-FRA
x-amz-cf-id: yj_WXc-nYNfZ3x0ZRznRr-MOJOvRsBLViZzORd2gJ8KSZ5UU3Hcjaw==

GET
H2 200 bedroom-5772286-1920.jpg
image-tc.galaxy.tf/wijpeg-a5rn1j4b7j7qmnxwlmf4x9mri/ 27 KB
28 KB 582ms
523ms Image
image/jpeg 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-a5rn1j4b7j7qmnxwlmf4x9mri/bedroom-5772286-1920.jpg?width=560

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

326f3659de1153f0d59c9258fdd63b7dfd6dd26f2c9c3e9adc4b87f71b122a7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
x-amz-version-id: p3ZbulCSb8GNz76hT6XB_agsFBjsB.dz
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 27728
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Apr 2023 04:43:41 GMT
server: cloudflare
etag: "fe1d77173af456bf40699cc0d0301d84"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f240ad8930e7-FRA
x-amz-cf-id: JkfF9FFnBltIL9_T8MIW7pasaB_HBOiRMurISPo5aYc4sT-JLrUjpw==

GET
H2 200 one-bed-room-suite-18.jpg
image-tc.galaxy.tf/wijpeg-6jv5nqlw3aaekxp8f0w3b7k69/ 36 KB
36 KB 591ms
532ms Image
image/jpeg 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-6jv5nqlw3aaekxp8f0w3b7k69/one-bed-room-suite-18.jpg?width=560

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cac7b96ee4613e4181c1c60478189c5b47667e30fffadea2e23fdc4d88e25c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
x-amz-version-id: yMebH.tUoEe6c4BMoRWnzOxXKqZ0gnZR
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 12d69f39c905d1c9441d392eddc25066.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 36834
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Apr 2023 04:43:41 GMT
server: cloudflare
etag: "489fcc58b605c91fe942c59bafa41392"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f240ad8630e7-FRA
x-amz-cf-id: aQv2EfLyobZpMimUBHljN94vDzzRRth4po8qCTPX6JcnCZSBnbDtkw==

GET
H3 200 galaxy-helpers.js Show response
www.eastinhotelsresidences.com/frontend/galaxy-helpers/public/ 59 KB
22 KB 118ms
118ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-4e56d709-2f8d-4345-be01-b9defd5f92d5

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5c77bdb4cbbd984503cf66fee883735866d05e4b433a03d09c7a502cfc4eb1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 4e3b2e1fa2acb7612ea516b89c06af70.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Jan 2024 03:55:15 GMT
server: cloudflare
etag: W/"9b85ee3bce6207f2c19f4381101ff4fe"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 84d4f2404a94bb3b-FRA
x-amz-cf-id: 3Q-76or_vQSdZDlkDtX67ENnD2onzvOYvpgx9EmQMnrTEeZzkrX8ZQ==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastinhotelsresidences.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 12:54:27 GMT
x-content-type-options: nosniff
age: 34838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 12:54:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastinhotelsresidences.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:28:30 GMT
x-content-type-options: nosniff
age: 515195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:28:30 GMT

GET
H3 200 bundle.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/ 1 MB
378 KB 201ms
201ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?vfd8388f082e45ac8d611054e1010657c

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1731c1bd93b605b0a77f2cd3cacb1934140d056edd4f27050dd1c050de51ae59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 4e3b2e1fa2acb7612ea516b89c06af70.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Jan 2024 01:56:16 GMT
server: cloudflare
etag: W/"8936c98d5f97c83446ea60e0228f6be9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 84d4f2411b20bb3b-FRA
x-amz-cf-id: Zt4BK7K3Y61G2gd9siNi6zyHxiKTAM0EkYEFMGG7TTs1LsR4Z1gzAw==

GET
H2 200 43.html Show response
static.sojern.com/cip/c/ Frame 2199 8 KB
8 KB 8ms
7ms Document
text/html 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 774ddabd59e81ed871019ed258dcc19b11900b30128173ffb730fb46ae855bd2

Request headers

Referer: https://www.eastinhotelsresidences.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 8414
content-type: text/html
date: Mon, 29 Jan 2024 21:57:41 GMT
etag: "b32d1a04b6e0a8fa34a301196cfa1b9b"
expires: Mon, 29 Jan 2024 22:57:41 GMT
last-modified: Wed, 25 Oct 2023 08:20:46 GMT
server: UploadServer
x-goog-generation: 1698222046345267
x-goog-hash: crc32c=hXIy2Q== md5=sy0aBLbgqPo0owEZbPobmw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8414
x-guploader-uploadid: ABPtcPo7JGSuU-yNxLZTvd5Nw4wTKbcnfgdVSrrKgNvdGL38--khU_YIfc8meNFlwcw1YXVf_yZHOJpe

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame 2199 18 KB
18 KB 12ms
11ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 21:57:41 GMT
age: 2244
x-guploader-uploadid: ABPtcPqB0EDSvBfPsG0wNZbBziNZDwKG29LKiWAkVn9Ho5hN51TslR7hpNFpviXY7jI1xQ-a0vw2oHtD
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Mon, 29 Jan 2024 22:57:41 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame 2199 4 KB
4 KB 14ms
13ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 21:57:11 GMT
age: 2274
x-guploader-uploadid: ABPtcPoQHI6qP2ojM-kMxHdaTPqCaYKsxgRaNap6YDAuWHYEP6UU_CMA70YsAdBcRPKeLs3PvdmjY2FxLA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
last-modified: Mon, 06 Nov 2023 11:24:16 GMT
server: UploadServer
etag: "2b163d716f1c21a97c6c0251b281d84b"
x-goog-generation: 1699269856296451
x-goog-hash: crc32c=/7KU3A==, md5=KxY9cW8cIal8bAJRsoHYSw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4169
accept-ranges: bytes
expires: Mon, 29 Jan 2024 22:57:11 GMT

GET
H2 200 43 Show response
beacon.sojern.com/pixel/cp/ Frame 2199 8 KB
3 KB 68ms
17ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/43?f_v=cp_v3_js&p_v=4&f_v=cp_v3_js&cid=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%7Cauto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%7Cauto_ga%3D979316819.1706567705%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D112167%7Cpt%3DTRACKING%7Cet%3D&p_v=4&version=5&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=&domain=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&s=ccid_ga%7Cccid_auto&ccid=979316819.1706567705%7Czpjpn-i230o-kuz6p-b9tvn-dj75h
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 1baa217c09359506ad7cd3014e5e248716f7bde5cf253c4b257bd8153c3b770e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:05 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 2199 81 KB
31 KB 106ms
21ms Script
application/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/cp/43?f_v=cp_v3_js&p_v=4&f_v=cp_v3_js&cid=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%7Cauto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%7Cauto_ga%3D979316819.1706567705%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D112167%7Cpt%3DTRACKING%7Cet%3D&p_v=4&version=5&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=&domain=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&s=ccid_ga%7Cccid_auto&ccid=979316819.1706567705%7Czpjpn-i230o-kuz6p-b9tvn-dj75h
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx0000053bcca4dd019c109-00646c8ee1-32950a8f-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2199 213 KB
58 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/cp/43?f_v=cp_v3_js&p_v=4&f_v=cp_v3_js&cid=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%7Cauto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%7Cauto_ga%3D979316819.1706567705%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D112167%7Cpt%3DTRACKING%7Cet%3D&p_v=4&version=5&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=&domain=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&s=ccid_ga%7Cccid_auto&ccid=979316819.1706567705%7Czpjpn-i230o-kuz6p-b9tvn-dj75h

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05e0d95e16595bcc9b3c0e4f2a0f1a455630f8ab577f682676162e3c87aefe20

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 Jan 2024 22:35:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57161
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: wr2/YqGcNGb6ZHvbxtLu3DJk85p+Z4+xizh7nz6O7D/MHW5x9T/V4GxjCj494X2mriDybWR6J4FPMrPO5wqYLg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

src=13483457;dc_pre=CJWmmo_Ug4QDFbdXHgIdQ7gF5Q;type=track0;cat=easti0;qty=1;cost=0;u1=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhot...
adservice.google.com/ddm/fls/z/ Frame 2199
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=13483457;type=track0;cat=easti0;qty=1;cost=0;u1=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.eas...
https://ad.doubleclick.net/ddm/activity/src=13483457;dc_pre=CJWmmo_Ug4QDFbdXHgIdQ7gF5Q;type=track0;cat=easti0;qty=1;cost=0;u1=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto...
https://adservice.google.com/ddm/fls/z/src=13483457;dc_pre=CJWmmo_Ug4QDFbdXHgIdQ7gF5Q;type=track0;cat=easti0;qty=1;cost=0;u1=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_...

42 B
401 B

148ms
41ms

Image
image/gif

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=13483457;dc_pre=CJWmmo_Ug4QDFbdXHgIdQ7gF5Q;type=track0;cat=easti0;qty=1;cost=0;u1=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%7Cauto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%7Cauto_ga%3D979316819.1706567705%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D112167%7Cpt%3DTRACKING%7Cet%3D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=112167;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=

Protocol

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 29 Jan 2024 22:35:06 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"3719481343387117103"}],"aggregatable_trigger_data":[{"filters":{"14":["15842433"]},"key_piece":"0x3ca9f8eeb383fd06","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xfb82510935a2a9ab","not_filters":{"14":["15842433"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["15842433"]},"key_piece":"0x8bcb537af8e305c9","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x937671e8bd5c8ff8","not_filters":{"14":["15842433"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"13838151962059507637","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"3719481343387117103","filters":{"14":["15842433"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"3719481343387117103","filters":{"14":["15842433"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"3719481343387117103","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"3719481343387117103","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["13483457"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=13483457;dc_pre=CJWmmo_Ug4QDFbdXHgIdQ7gF5Q;type=track0;cat=easti0;qty=1;cost=0;u1=s%3Dccid_ga%7Cccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D4%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%7Cauto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%7Cauto_ga%3D979316819.1706567705%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D112167%7Cpt%3DTRACKING%7Cet%3D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u19=112167;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 2199
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=CLIWgEIha6P3ZeMOZjtzHQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=_LpT5nkudjpxrsfeur3Ev2NqQO-rEOR6Rw4GWFn5TmnTxQp843I...
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=CLIWgEIha6P3ZeMOZjtzHQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=_LpT5nkudjpxrsfeur3Ev2NqQO-rEOR6Rw4GWFn5TmnTxQp843I...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=_LpT5nkudjpxrsfeur3Ev2NqQO-rEOR6Rw4GWFn5TmnTxQp843I_Wl3whtLFGeiK&sjrn_ula=8166203250&google_gid=CAESEP_le85gfqh5kCbfgV7g7tk&google_cver=1

42 B
274 B

49ms
17ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=_LpT5nkudjpxrsfeur3Ev2NqQO-rEOR6Rw4GWFn5TmnTxQp843I_Wl3whtLFGeiK&sjrn_ula=8166203250&google_gid=CAESEP_le85gfqh5kCbfgV7g7tk&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=_LpT5nkudjpxrsfeur3Ev2NqQO-rEOR6Rw4GWFn5TmnTxQp843I_Wl3whtLFGeiK&sjrn_ula=8166203250&google_gid=CAESEP_le85gfqh5kCbfgV7g7tk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 2199
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=CLIWgEIha6P3ZeMOZjtzHQ&google_nid=sojern_adh
https://cm.g.doubleclick.net/pixel?google_hm=CLIWgEIha6P3ZeMOZjtzHQ&google_nid=sojern_adh&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDorV_bWUpl28EPmFDGGm5eDuJyjVGw740CSo4pwPLAJUySZvQGw9DMLzjBmw_CGM0nki0-AIm4x0d7VE90ozqEsykwvdbnvhCnveVcID1Pq5KhfLV4Q
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorV_bWUpl28EPmFDGGm5eDuJyjVGw740CSo4pwPLAJUySZvQGw9DMLzjBmw_CGM0nki0-AIm4x0d7VE90ozqEsykwvdbnvhCnveVcID1Pq5KhfLV4Q

170 B
432 B

143ms
53ms

Image
image/png

2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDorV_bWUpl28EPmFDGGm5eDuJyjVGw740CSo4pwPLAJUySZvQGw9DMLzjBmw_CGM0nki0-AIm4x0d7VE90ozqEsykwvdbnvhCnveVcID1Pq5KhfLV4Q

Requested by

Protocol

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorV_bWUpl28EPmFDGGm5eDuJyjVGw740CSo4pwPLAJUySZvQGw9DMLzjBmw_CGM0nki0-AIm4x0d7VE90ozqEsykwvdbnvhCnveVcID1Pq5KhfLV4Q
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidnb
ib.adnxs.com/ Frame 2199 43 B
700 B 35ms
7ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=_LpT5nkudjpxrsfeur3Ev2NqQO-rEOR6Rw4GWFn5TmnTxQp843I_Wl3whtLFGeiK

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:05 GMT
an-x-request-uuid: 0f0cc8b8-9444-487b-995e-8889c0a3c085
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.201; 80.255.10.201; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2199 70 B
149 B 99ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=_LpT5nkudjpxrsfeur3Ev2NqQO-rEOR6Rw4GWFn5TmnTxQp843I_Wl3whtLFGeiK&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

202

adf
pixel.sojern.com/idsync/ Frame 2199
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=08b21680-4221-6ba3-f765-e30e663b731d&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=08b21680-4221-6ba3-f765-e30e663b731d&party=1296
https://pixel.sojern.com/idsync/adf?adfid=980116805332889803&cid=08b21680-4221-6ba3-f765-e30e663b731d

0
209 B

31ms
30ms

Image
text/plain

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=980116805332889803&cid=08b21680-4221-6ba3-f765-e30e663b731d
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/c/43.html?f_v=cp_v3_js&p_v=4&version=5&auto_url=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&auto_ccid=zpjpn-i230o-kuz6p-b9tvn-dj75h&auto_ga=979316819.1706567705&e_eml=null&auto_eml=YjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&auto_eml_count=1&auto_eml_domain=OTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=112167&pt=TRACKING&et=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 22:35:06 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=980116805332889803&cid=08b21680-4221-6ba3-f765-e30e663b731d
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 777941750775110 Show response
connect.facebook.net/signals/config/ Frame 2199 52 KB
11 KB 97ms
96ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/777941750775110?v=2.9.143&r=stable&domain=www.eastinhotelsresidences.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b08302fdcd391cbc694428a30c5060e56c6b3e72854ed780b2d9de1530aca12e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 Jan 2024 22:35:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: utFa+ClzUg2eNoP38+uoyOpRxSLQ1NnpdsRLUFy4VhSAmWkuHx4Yo3YcnUt1E5ZMHE5L3yO7Wf2TV9lFfot0bA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.27.4/js/ Frame DA3F 549 KB
133 KB 46ms
6ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.4/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/157257665
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d575343cf1ae9f9aab1230eb9407fa33d9c7842abe377887a72bcf025e810929

Request headers

Referer
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100098-IAD, cache-fra-eddf8230069-FRA
date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 20792
x-timer: S1706567706.052028,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 135658
x-cache-hits: 2, 7354

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.27.4/js/ Frame DA3F 413 KB
99 KB 54ms
14ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.4/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/157257665
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3b2c0b4d812521c0a474dff2d09a82ab423fdd995f6308e7380f8003db6bbaf7

Request headers

Referer
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200132-IAD, cache-fra-eddf8230069-FRA
date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 20792
x-timer: S1706567706.052123,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101601
x-cache-hits: 2, 9885

GET
H2 200 player.css
f.vimeocdn.com/p/4.27.4/css/ Frame DA3F 207 KB
22 KB 46ms
7ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.4/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/157257665
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 88ffb2dbced05dc550c0c5f7295e43cc245d23c679639356033547376fd07c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000173-IAD, cache-fra-eddf8230029-FRA
date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 20792
x-timer: S1706567706.052141,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21875
x-cache-hits: 2, 10523

GET
H2 200 928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d
i.vimeocdn.com/video/ Frame DA3F 620 B
1023 B 36ms
8ms Image
image/avif 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/157257665
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c0ad48ce8c18e7f01c447c7dcfea992c0990b0d90e843a4327fa15f883fef5ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 704201
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 620
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210090-DFW, cache-fra-etou8220061-FRA
x-timer: S1706567706.041228,VS0,VE2
etag: "59fe3f9248a0cf677a86d3c2c57c9042"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 36, 1

GET
H3 200 7334-bf8b2e19798a78acb85f.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/ 5 KB
2 KB 111ms
110ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/7334-bf8b2e19798a78acb85f.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?vfd8388f082e45ac8d611054e1010657c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dd7af1e4f9db2bf265936bded3d0cb2f8c46c3ced0e1b88f327ff786794c02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Jan 2024 01:56:34 GMT
server: cloudflare
etag: W/"0505a5c217d912f0445ee1bcae7752eb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 84d4f242ecb3bb3b-FRA
x-amz-cf-id: nrldUw0ql8Ib0wGWQGibrbrF09rXaXeTYapiAF8IJrl56DPlUlyzgA==

GET
H3 200 svg-icons.svg Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/svg/ 61 KB
19 KB 114ms
114ms XHR
image/svg+xml 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/svg/svg-icons.svg

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?vfd8388f082e45ac8d611054e1010657c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0098006fea9999fca88a05fe38168c971d3efc2fdbe2f6eb8c34ea0d5ec64190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Jan 2024 01:56:21 GMT
server: cloudflare
etag: W/"7685c719fb52cf9d344d1986684da17f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 84d4f2430cccbb3b-FRA
x-amz-cf-id: 8qQzPv1nKiRJD5GdcEYrEQpIL9JR8pEsanFNjT1IgNC7X_JsiG3prw==

GET
H2 200 gms Show response
tc.galaxy.tf/token/oauth2/ 733 B
880 B 31ms
31ms XHR
application/json 18.197.177.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tc.galaxy.tf/token/oauth2/gms
Requested by: Host: cdn.galaxy.tf
URL: https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?vfd8388f082e45ac8d611054e1010657c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.197.177.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-177-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6155017ccaef10c979d55cc784681eb9ed90e582fdb9d6462cddea98a09a3446

Request headers

Referer: https://www.eastinhotelsresidences.com/
X-Galaxy-Key: da2302ffd81a1fd83deedf8321e53bbf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 22:35:06 GMT
content-length: 733
apigw-requestid: SUs0Ji-KFiAEJ4A=, SUs0IjOZFiAEMmg=
content-type: application/json

GET
H3

200

main.js Show response
www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 2387
Redirect Chain

https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 KB
3 KB

13ms
13ms

Script
application/javascript

2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb614aa8d0a8b01430a200496785fd7cbf2c185b7743ce44def6119470d85bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84d4f243bd68bb3b-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 29 Jan 2024 22:35:06 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 84d4f2433cf8bb3b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

src=9572998;dc_pre=CPqdoI_Ug4QDFS1MHgIdebUJBg;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5905366579917.246
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9572998;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5905366579917.246?
https://ad.doubleclick.net/ddm/activity/src=9572998;dc_pre=CPqdoI_Ug4QDFS1MHgIdebUJBg;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5905366579917.246?
https://adservice.google.com/ddm/fls/z/src=9572998;dc_pre=CPqdoI_Ug4QDFS1MHgIdebUJBg;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5905366579917.246

42 B
107 B

43ms
42ms

Image
image/gif

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9572998;dc_pre=CPqdoI_Ug4QDFS1MHgIdebUJBg;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5905366579917.246

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 29 Jan 2024 22:35:06 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2564992584463518895"}],"aggregatable_trigger_data":[{"filters":{"14":["8810741"]},"key_piece":"0x7bd1a4bd6bc150b7","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x8953929ecb1d4a7b","not_filters":{"14":["8810741"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["8810741"]},"key_piece":"0x7c84e12be4ff25f0","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xe3e10f796a5d3198","not_filters":{"14":["8810741"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"12154342532336044572","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2564992584463518895","filters":{"14":["8810741"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"2564992584463518895","filters":{"14":["8810741"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"2564992584463518895","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"2564992584463518895","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["9572998"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=9572998;dc_pre=CPqdoI_Ug4QDFS1MHgIdebUJBg;type=invmedia;cat=hk_gl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5905366579917.246
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4341-a46585c1f9fa1b58fe91.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/ 26 KB
7 KB 110ms
110ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/4341-a46585c1f9fa1b58fe91.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?vfd8388f082e45ac8d611054e1010657c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d7056da36fdfe616de6045feed40cd3b52d23ab8b2c33a1f4910cb94b439533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 4e3b2e1fa2acb7612ea516b89c06af70.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Jan 2024 01:56:29 GMT
server: cloudflare
etag: W/"b6515e67d2c352f17cacabf492d188f6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 84d4f2433cffbb3b-FRA
x-amz-cf-id: -oBnilnM32ynHMNSoljSzm5QmCcn4XWaEm1twqHVc_kI79maA3ZRWA==

GET
H3 200 header-one-5f3a5f2b0da066d69214.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/ 7 KB
3 KB 136ms
136ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/header-one-5f3a5f2b0da066d69214.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?vfd8388f082e45ac8d611054e1010657c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2bc6601fe071aa4635d7bc42ca68c387a6ea49782876a625ea47bad99d8720b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 4e3b2e1fa2acb7612ea516b89c06af70.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Jan 2024 01:56:40 GMT
server: cloudflare
etag: W/"0aa29fece032a2fd271bdcb079410ecf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 84d4f2433d00bb3b-FRA
x-amz-cf-id: 3y8RysyZ9NHERc4xSYQ509oXbQEd2wY4IcuY-sn4Q3vnAPsLAR97ag==

GET
H2 200 one-bed-room-suite-7.jpg
image-tc.galaxy.tf/wijpeg-blnfm9y0b6lpnebq2tfmgx2oo/ 269 KB
270 KB 564ms
564ms Image
image/jpeg 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-blnfm9y0b6lpnebq2tfmgx2oo/one-bed-room-suite-7.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9b535e5bbdb29b0f17910af51dd9fb3f853891092c93c4594b4f52c2edc8fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
x-amz-version-id: H3VphO5xmPdMlTYEl57bI6FWNM..mVVk
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 13676fca7076b460ad3ad018e40a51da.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 275533
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 09:02:02 GMT
server: cloudflare
etag: "60fc492b267d7266d9a12b97dafbbd58"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f2436f5d30e7-FRA
x-amz-cf-id: S_7nPfMLr6qYucVLy3bz-yt8xwMHWXZiftP6WwduwG09FwQMC3-eSw==

GET
H2 200 / Show response
a2.adform.net/Serving/TrackPoint/ Frame 2199 878 B
1 KB 299ms
90ms Script
text/javascript 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?pm=3184705&ADFPageName=Eastin%20Hotel%20And%20Residences%20Hanoi%20--%20TRACKING%20360487&ADFdivider=%7C&ord=109345000498&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fc%2F43.html%3Ff_v%3Dcp_v3_js%26p_v%3D4%26version%3D5%26auto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%26auto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%26auto_ga%3D979316819.1706567705%26e_eml%3Dnull%26auto_eml%3DYjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t%26auto_eml_count%3D1%26auto_eml_domain%3DOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t%26ws%3D1600x1200%26tz%3D-60%26n%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%26hpid%3D112167%26pt%3DTRACKING%26et%3D&CPref=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8fb145097617f8fc4eeb0e4c78f0fdad982e7252ecae7c68b467c1eecab38c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 718
expires: -1

GET
H2 200 /
www.facebook.com/tr/ Frame 2199 0
185 B 82ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=777941750775110&ev=PageView&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fc%2F43.html%3Ff_v%3Dcp_v3_js%26p_v%3D4%26version%3D5%26auto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%26auto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%26auto_ga%3D979316819.1706567705%26e_eml%3Dnull%26auto_eml%3DYjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t%26auto_eml_count%3D1%26auto_eml_domain%3DOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t%26ws%3D1600x1200%26tz%3D-60%26n%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%26hpid%3D112167%26pt%3DTRACKING%26et%3D&rl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&if=true&ts=1706567706147&sw=1600&sh=1200&v=2.9.143&r=stable&a=trplsojern&ec=0&o=4126&ler=other&cdl=API_unavailable&it=1706567705990&coo=false&tm=1&exp=e2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 29 Jan 2024 22:35:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 2199 0
31 B 82ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=777941750775110&ev=Tracking&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fc%2F43.html%3Ff_v%3Dcp_v3_js%26p_v%3D4%26version%3D5%26auto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%26auto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%26auto_ga%3D979316819.1706567705%26e_eml%3Dnull%26auto_eml%3DYjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t%26auto_eml_count%3D1%26auto_eml_domain%3DOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t%26ws%3D1600x1200%26tz%3D-60%26n%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%26hpid%3D112167%26pt%3DTRACKING%26et%3D&rl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&if=true&ts=1706567706148&cd[content_type]=hotel&cd[content_ids]=%5B%22112167%22%5D&cd[value]=0&cd[purchase_value]=0&cd[custom_param1]=s%253Dccid_ga%257Cccid_auto%257Cf_v%253Dcp_v3_js%257Cp_v%253D4%257Cversion%253D5%257Cauto_url%253Dhttps%25253A%25252F%25252Fwww.eastinhotelsresidences.com%25252F%257Cauto_ccid%253Dzpjpn-i230o-kuz6p-b9tvn-dj75h%257Cauto_ga%253D979316819.1706567705%257Cauto_eml_count%253D1%257Cws%253D1600x1200%257Ctz%253D-60%257Cn%253Dtf%25253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%25253D%25253D%257Chpid%253D112167%257Cpt%253DTRACKING%257Cet%253D&sw=1600&sh=1200&v=2.9.143&r=stable&a=trplsojern&ec=1&o=4126&ler=other&cdl=API_unavailable&it=1706567705990&coo=false&tm=2&exp=e2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 29 Jan 2024 22:35:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 204 gms
tc.galaxy.tf/token/oauth2/ Frame 0
0 88ms
8ms Preflight 18.197.177.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tc.galaxy.tf/token/oauth2/gms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.197.177.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-177-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-galaxy-key
Access-Control-Request-Method: GET
Origin: https://www.eastinhotelsresidences.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-galaxy-key,x-referer-override
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT
access-control-allow-origin: *
apigw-requestid: SUs0IiSBliAEM3A=
date: Mon, 29 Jan 2024 22:35:06 GMT

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame DA3F 2 KB
1 KB 7ms
7ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/157257665
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230029-FRA
date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 755318
x-timer: S1706567706.166844,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 8, 213033

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DA3F 4 KB
2 KB 59ms
38ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 22:35:06 GMT

GET
H2 200 928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d
i.vimeocdn.com/video/ Frame DA3F 5 KB
5 KB 7ms
7ms Image
image/avif 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d?mw=900&mh=506
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a133b69184f833347f657b9246b79b5e3672a0b20b8c5d5de299fad9d4f1e3fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 479054
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 5326
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210168-DFW, cache-fra-etou8220061-FRA
x-timer: S1706567706.187891,VS0,VE1
etag: "0986e8acde4b57cd59f454cc9a729c93"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame DA3F 0
142 B 131ms
109ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=353e14d9675627176dc14f7ce7533e52a07106fd1706567705
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 29 Jan 2024 22:35:06 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame DA3F 0
925 B 329ms
306ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=353e14d9675627176dc14f7ce7533e52a07106fd1706567705

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 29 Jan 2024 10:35:06 GMT
Date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kjyo7100089-IAD, cache-fra-eddf8230139-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1706567706.227849,VS0,VE284
x-backend-proxy: webproxy8
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-5957687644-fflp2
Accept-Ranges: bytes
CF-RAY: 84d4f243d9cd4daa-FRA
X-Cache-Hits: 0, 0

POST
H3 200 84d4f23affe0904f Show response
www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2387 0
321 B 26ms
25ms XHR
text/plain 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/h/g/jsd/r/84d4f23affe0904f
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: br
server: cloudflare
cf-ray: 84d4f2445e01bb3b-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d
i.vimeocdn.com/video/ Frame DA3F 5 KB
5 KB 7ms
6ms Image
image/avif 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d?mw=900&mh=506
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a133b69184f833347f657b9246b79b5e3672a0b20b8c5d5de299fad9d4f1e3fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 479054
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 5326
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210168-DFW, cache-fra-etou8220061-FRA
x-timer: S1706567706.306819,VS0,VE0
etag: "0986e8acde4b57cd59f454cc9a729c93"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d
i.vimeocdn.com/video/ Frame DA3F 620 B
691 B 7ms
6ms Image
image/avif 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/928109124-f8750685772c5ceb5b4e2a6364ffd6669652400e4138889facfe998927c31b2c-d?mw=80&q=85
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c0ad48ce8c18e7f01c447c7dcfea992c0990b0d90e843a4327fa15f883fef5ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 704201
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 620
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210090-DFW, cache-fra-etou8220061-FRA
x-timer: S1706567706.321552,VS0,VE0
etag: "59fe3f9248a0cf677a86d3c2c57c9042"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 36, 2

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame DA3F 35 KB
12 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 29 Jan 2024 22:35:06 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame DA3F 50 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 30 Jan 2024 10:30:26 GMT

GET
H2 200 logo-mobile.png
image-tc.galaxy.tf/wipng-b4sotz3pgkmtdyyym35ds08c2/ 3 KB
4 KB 491ms
491ms Image
image/png 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-b4sotz3pgkmtdyyym35ds08c2/logo-mobile.png?width=500

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc75b7b203cb5e92d83655298e99f4fd5acb30159dce2adb2ed96688de5950fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
x-amz-version-id: .25exx9KApW5h0aVzcgGe34Tk7hex03c
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 3557
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Oct 2021 03:56:42 GMT
server: cloudflare
etag: "c927c63d311fbd34a52e770a15627d4c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f244982530e7-FRA
x-amz-cf-id: lUwpq7qI3AuKdsz6YxiGjXPnGbzFLT3FTOWKpXxoECyWW3gBtbyRIA==

POST
H/1.1 200
OK 919 Show response
dynamic.travelclick-websolutions.com/view/ 2 KB
1 KB 727ms
407ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/view/919

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?vfd8388f082e45ac8d611054e1010657c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

268ec58a5e139e667adcfccc25c7d8f948b4f0085c09938e75bbeb90c6596d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.eastinhotelsresidences.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 22:35:06 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-03
Content-Length: 737
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 chunk-tc-GMS-2dfc9597184b46f4ed71.js Show response
www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/ 4 KB
2 KB 164ms
164ms Script
application/javascript 2606:4700::6811:ba3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/chunk/chunk-tc-GMS-2dfc9597184b46f4ed71.js

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/integration/tc-theme/public/js/bundle.js?vfd8388f082e45ac8d611054e1010657c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc018b15933a38b35be9bc63f711ad7d5bb35799f20a19f419cb75618aa40ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Oct 2023 10:46:27 GMT
server: cloudflare
etag: W/"9565a5538b22532439a98f644dcb9b57"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 84d4f244de5dbb3b-FRA
x-amz-cf-id: kpHaGStSNQlD8fXkt4BS7ja5ax_Hl7O8gMIBEyMD1B3DNPqdn8OcFQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
88 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1PTC8F8MTT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX23PZH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3dc0e20cb24e592bf7e833ec9c1cfc63299bee6a8be6d771bd89d70af1757d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89777
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 22:35:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
218 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1749407618&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&ul=en-us&de=UTF-8&dt=Eastin%20Hotels%2C%20Resorts%20%26%20Residences%20%7C%20Deluxe%20%26%20Luxury%20Hotels%20in%20Asia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=errors%20tracking&ea=API%20Query%20ID%20not%20discovered%20.%20Galaxy%20site&el=www.eastinhotelsresidences.com&_u=aGDACEABBAAAACAAI~&jid=2012949457&gjid=644148645&cid=979316819.1706567705&tid=UA-162681275-3&_gid=331239652.1706567705&_r=1&_slc=1&gtm=45He41o0n81TL2MM4Bv830021505&gcd=11l1l1l1l1&dma=0&cd34=%7C&cd36=%7C&cd41=GTM-TL2MM4B&cd42=75&z=1689483792

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eastinhotelsresidences.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eastinhotelsresidences.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 21:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2817
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 29 Jan 2024 23:48:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3R5SJEDWK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd0a8eaa28930dd9d90affc84e5aea945c2215c8b8cc40c830949dbe5030723a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86505
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 22:35:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1749407618&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&ul=en-us&de=UTF-8&dt=Eastin%20Hotels%2C%20Resorts%20%26%20Residences%20%7C%20Deluxe%20%26%20Luxury%20Hotels%20in%20Asia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACAEK~&jid=1014617414&gjid=290958116&cid=979316819.1706567705&tid=UA-162681275-1&_gid=331239652.1706567705&_r=1&_slc=1&gtm=45He41o0n81TL2MM4Bv830021505&cd13=essentials&cd14=th1&gcd=11l1l1l1l1&dma=0&cg1=web&cg2=not_applicable&cd15=hd1&cd16=ft3&cd19=tvs_no&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&cd39=not_applicable&cd40=eastinhotelsresidences.com&cd41=GTM-TL2MM4B&cd42=75&cd54=be4&cd59=0&z=1154838806

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eastinhotelsresidences.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eastinhotelsresidences.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
264 B 37ms
15ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1PTC8F8MTT&gtm=45je41o0v884511534z8812304874&_p=1706567705174&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=979316819.1706567705&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1706567706&sct=1&seg=0&dl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&dt=Eastin%20Hotels%2C%20Resorts%20%26%20Residences%20%7C%20Deluxe%20%26%20Luxury%20Hotels%20in%20Asia&en=page_view&_fv=1&_ss=1&ep.page_subsection=not_applicable&ep.page_language=en&up.user_logged_in_session=no&tfd=1824
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eastinhotelsresidences.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
264 B 59ms
20ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1PTC8F8MTT&cid=979316819.1706567705&gtm=45je41o0v884511534z8812304874&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eastinhotelsresidences.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ru/ads/ 42 B
408 B 42ms
18ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1PTC8F8MTT&cid=979316819.1706567705&gtm=45je41o0v884511534z8812304874&aip=1&dma=0&gcd=11l1l1l1l1&z=839096004

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3R5SJEDWK4&gtm=45je41o0v888369804z8830021505&_p=1706567705174&gcd=11l1l1l1l1&dma=0&cid=979316819.1706567705&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&sid=1706567706&sct=1&seg=0&dt=Eastin%20Hotels%2C%20Resorts%20%26%20Residences%20%7C%20Deluxe%20%26%20Luxury%20Hotels%20in%20Asia&en=page_view&_fv=1&_ss=1&ep.page_has_tvs=no&ep.page_footer=ft3&ep.page_header=hd1&ep.page_language=en&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.site_galaxy_product=essentials&ep.page_template=th1&ep.site_tvs=tvs_no&epn.site_number_of_languages=2&ep.site_global_product=web&ep.page_content_group=not_applicable&ep.site_be_version=be4&epn.page_tvs_videos_count=0&up.user_logged_in=no&tfd=1843
Requested by: Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eastinhotelsresidences.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame F75C 4 KB
2 KB 24ms
24ms Document
text/html 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3184705&ADFPageName=Eastin%20Hotel%20And%20Residences%20Hanoi%20--%20TRACKING%20360487&ADFdivider=%7C&ord=109345000498&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fc%2F43.html%3Ff_v%3Dcp_v3_js%26p_v%3D4%26version%3D5%26auto_url%3Dhttps%253A%252F%252Fwww.eastinhotelsresidences.com%252F%26auto_ccid%3Dzpjpn-i230o-kuz6p-b9tvn-dj75h%26auto_ga%3D979316819.1706567705%26e_eml%3Dnull%26auto_eml%3DYjJjZjQ2NmIyYzIzZDY4MDRiZjY2ZjY2NWJkNGVkY2NAOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t%26auto_eml_count%3D1%26auto_eml_domain%3DOTQ5Lnd3dy50cmF2ZWxjbGljay13ZWJzb2x1dGlvbnMuY29t%26ws%3D1600x1200%26tz%3D-60%26n%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%26hpid%3D112167%26pt%3DTRACKING%26et%3D&CPref=https%3A%2F%2Fwww.eastinhotelsresidences.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8f796e86df3ba1220e8e63bae4eaaa67fa15a83a7301a579dcf9e4d4125bc216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://static.sojern.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 22:35:06 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ Frame 2199 35 B
466 B 132ms
18ms Image
image/gif 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=980116805332889803&stamp=ja8g22tgUwwDvP-67D9Y4w2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 plf
c1.adform.net/imatch/ Frame F75C 0
384 B 21ms
20ms Image
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame F75C 43 B
199 B 106ms
32ms Image
image/gif 54.77.71.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=980116805332889803&Expiration=1707777306
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.77.71.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-71-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 22:35:06 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame F75C 0
235 B 67ms
29ms Image
text/plain 23.43.61.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.61.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-61-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 22:35:06 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 28 Jan 2024 22:35:06 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame F75C 0
214 B 43ms
11ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame F75C 0
38 B 40ms
7ms Image
text/plain 3.120.22.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=980116805332889803&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.22.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-22-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
content-length: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F75C 43 B
163 B 185ms
13ms Image
image/gif 81.17.55.172
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=980116805332889803&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.172 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame F75C 43 B
638 B 123ms
28ms Image
image/gif 2607:ae80:4::25
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 22:35:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1706567706554052-565

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame F75C 43 B
235 B 88ms
15ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 22:35:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F75C
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=980116805332889803&expiration=1707777306
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=980116805332889803&expiration=1707777306&C=1

43 B
345 B

21ms
20ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=980116805332889803&expiration=1707777306&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVuFe7LUA3SCzIKOSSjmUCO0w%2B83l%2FqJTvo8%2FZ0t47PzvUl%2B8z%2F26bIinr19GzYYirwPUTGGJwjakbzBt73PmpwkDY1kOp2YuTEhGuiEmLrL6vXaGekKhC%2BMjzEQQq%2B9kUSWK21z%2FNPDNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d4f2461906911f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfFNthgeYqWwYFzoAKOdy4cJGL6BCCYol8bbz%2BbkUMySlHtYLG315HyDMecGVcJfETr4GCEIryfS1h9YNNJj9SDZ55aP3fmoAEgCHLQHmJp3CU7JeV8kMQsU0Jh1egwRDBEe6cVlJeh4mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=980116805332889803&expiration=1707777306&C=1
cache-control: no-cache
cf-ray: 84d4f245f8f0911f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame F75C
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=980116805332889803&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=980116805332889803&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=980116805332889803&gdpr=&sInitiator=external
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7329652485700384928&sInitiator=internal&gdpr=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=6844672575976020927&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MzI1NDI0RUI4MUNFQUJDMg&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEAGoDxorkNqN-Z9i4_TIpIw&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEAGoDxorkNqN-Z9i4_TIpIw&sInitiator=internal&google_cver=1&gdpr=

0
415 B

25ms
25ms

Image
text/plain

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEAGoDxorkNqN-Z9i4_TIpIw&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Server: 77.243.51.121 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:05 GMT
uip-status: Ok
frontend-id: 06
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
frontend-id: 3
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEAGoDxorkNqN-Z9i4_TIpIw&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame F75C 0
344 B 48ms
8ms Image
text/plain 3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=980116805332889803&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 22:35:06 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

/
loadm.exelator.com/load/ Frame F75C
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=980116805332889803
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=980116805332889803&xl8blockcheck=1

0
93 B

1030ms
1030ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=980116805332889803&xl8blockcheck=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:07 GMT
server: nginx
server-timing: total;dur=1.001
etag: "60ec6d76-0"

Redirect headers

date: Mon, 29 Jan 2024 22:35:11 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=980116805332889803&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame F75C 0
98 B 48ms
16ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=980116805332889803/gdpr=/ Frame F75C 49 B
265 B 99ms
30ms Image
image/gif 52.210.162.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=980116805332889803/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.162.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-162-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.28.4
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame F75C 62 B
218 B 198ms
176ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 29 Jan 2024 22:35:06 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame F75C 43 B
264 B 37ms
17ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame F75C
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

103ms
36ms

Image
image/gif

52.218.45.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Server: 52.218.45.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 22:35:07 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: V257EBW9TAA9VAE2
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: zUsXM6keSIcO4Cg6zwdbmPwc+cILxlbprxwY6m4nN/0zW0Ts23VJ464XPD9fo7Tyeh+wcOREpPs=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 29 Jan 2024 22:35:06 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame F75C
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=980116805332889803
https://tags.adsafety.net/v1/cm?cm_uid=CM120240129221153621944c2e7b276c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=b059bd58a629c506c96ef810e385a3ae
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120240129221153621944c2e7b276c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=b059bd58a629c506c96ef810e385a3ae&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMjkyMjExNTM2MjE5NDRjMmU3YjI3NmM&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEDda-s1V_0DtufSt-4EPVHc&gdpr_consent=&gdpr=0&google_cver=1
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7329652485700384928
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7329652485700384928
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120240129221153621944c2e7b276c
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=980116805332889803

43 B
2 KB

14ms
14ms

Image
image/gif

89.163.142.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Server: 89.163.142.91 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm40.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 22:35:06 GMT
Last-Modified: Mon, 29 Jan 2024 22:35:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=980116805332889803
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F75C 0
338 B 97ms
28ms Image
text/plain 52.214.179.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.179.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-179-171.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n014-dub-prod.krxd.net
date: Mon, 29 Jan 2024 22:35:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=44 t=1706567706
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame F75C 0
384 B 26ms
24ms Image
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame F75C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTgwMTE2ODA1MzMyODg5ODAz
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL2lobR50CfhGTXvOou0en0&google_cver=1&google_ula=1641347,0

35 B
599 B

21ms
21ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL2lobR50CfhGTXvOou0en0&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL2lobR50CfhGTXvOou0en0&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame F75C
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=6844672575976020927&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=980116805332889803

43 B
1 KB

7ms
6ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=980116805332889803

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
an-x-request-uuid: 366bcc0a-ba3b-4fea-b690-45c3f562d7de
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.201; 80.255.10.201; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=980116805332889803
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame F75C 0
225 B 137ms
12ms Image
text/html 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 22:35:06 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame F75C 43 B
444 B 88ms
23ms Image
image/gif 18.161.111.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.111.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-111-37.mrs52.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 19:21:58 GMT
Via: 1.1 5e061de75f6666d04b790352c63b08c0.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: MRS52-P4
Age: 11588
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: iV8Co44y606Owq4l5FskxewqjB6vXM_7UPwDUhP2M74cNrWJh_6OMg==

GET
H/1.1

200

p
a.audrte.com/ Frame F75C
Redirect Chain

https://a.audrte.com/a?adform_uid=980116805332889803
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aTkzNjJ6a2lLTlFRRUt3ZmNPRkVuS0tZUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

29ms
29ms

Image
image/png

54.78.141.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: HTTP/1.1
Server: 54.78.141.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-141-128.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 22:35:06 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 29 Jan 2024 22:35:06 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame F75C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=980116805332889803&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=980116805332889803&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirec...
https://c1.adform.net/serving/cookie/match?party=1007&cid=59929797047449190441184026890449133808&noredirect=1

35 B
599 B

21ms
21ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=59929797047449190441184026890449133808&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-irl1-2-v054-07d021e8c.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: r3lUMth8SZg=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=59929797047449190441184026890449133808&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame F75C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=980116805332889803
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217163104776006280444

35 B
590 B

54ms
21ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217163104776006280444

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217163104776006280444
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame F75C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7329652485699598496

35 B
590 B

21ms
21ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7329652485699598496

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7329652485699598496
Date: Mon, 29 Jan 2024 22:35:06 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame F75C 62 B
430 B 146ms
146ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 29 Jan 2024 22:35:06 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame F75C
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=kVgtPWCd1RuAdA5

35 B
599 B

22ms
21ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=kVgtPWCd1RuAdA5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 22:35:06 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-05557567c5646faef@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=kVgtPWCd1RuAdA5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F75C 70 B
148 B 34ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame F75C 43 B
1 KB 41ms
7ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=980116805332889803

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame F75C
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2191761252
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=m36VmJNVC/BkrxedF7g0nu

35 B
599 B

21ms
21ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=m36VmJNVC/BkrxedF7g0nu

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 22:35:05 GMT
via: 1.1 google
last-modified: Mon, 29 Jan 2024 22:35:06 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=m36VmJNVC/BkrxedF7g0nu
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F75C 23 B
163 B 78ms
34ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 29 Jan 2024 22:35:06 GMT
pragma: no-cache
date: Mon, 29 Jan 2024 22:35:06 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 204 /
s.ad.smaato.net/c/ Frame F75C 0
239 B 62ms
20ms Image
text/plain 2600:9000:211e:3c00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
cache-control: no-cache, must-revalidate
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: OyvXaubAriuxslZ_f8gGv9MZRlkIOlR_pfCyXZjGX4yH-X2uLNZb-w==
x-cache: Miss from cloudfront

GET
H2 200 980116805332889803
match.contentexchange.me/adform/ Frame F75C 0
49 B 68ms
16ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/980116805332889803?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame F75C 37 B
140 B 42ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=980116805332889803&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame F75C 0
44 B 27ms
6ms Image
text/plain 52.29.105.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=980116805332889803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.105.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-105-89.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
server: awselb/2.0

GET
H2 200 plf
c1.adform.net/imatch/ Frame F75C 0
384 B 23ms
22ms Image
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=980116805332889803&agencyId=8579&advertiserId=2178593&src=tp&rnd=533424
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H3 200 ehcm-bedroom-mood.jpg
image-tc.galaxy.tf/wijpeg-57qh7k530e8jgz0md66hl4akc/ 80 KB
80 KB 575ms
575ms Image
image/jpeg 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-57qh7k530e8jgz0md66hl4akc/ehcm-bedroom-mood.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193162428dec979db75071042607f6358e84947adfca955bfb870baa01c5c451

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:07 GMT
x-amz-version-id: JzjCSW1_j_tvU2jMcb1L9SjRA5WyeucG
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 780489eb078b12b535ed56179d4e97fe.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 81639
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 05:27:39 GMT
server: cloudflare
etag: "b39af1a3b31d851ebbf6a90cac47fd1e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f2489c5b9b3f-FRA
x-amz-cf-id: OPXb_4wwkP-43GU03Ek-KGS0kbgEetiJWcHaqSt3TQMhY7Rz5_YqBg==

GET
H3 200 ehcm-bedroom-mood.jpg
image-tc.galaxy.tf/wijpeg-57qh7k530e8jgz0md66hl4akc/ 80 KB
80 KB 514ms
513ms Image
image/jpeg 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-57qh7k530e8jgz0md66hl4akc/ehcm-bedroom-mood.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193162428dec979db75071042607f6358e84947adfca955bfb870baa01c5c451

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:08 GMT
x-amz-version-id: JzjCSW1_j_tvU2jMcb1L9SjRA5WyeucG
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 e34b146b2a4038019e9b2a95fac837fc.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 81639
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 05:27:39 GMT
server: cloudflare
etag: "b39af1a3b31d851ebbf6a90cac47fd1e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f24d4fec9b3f-FRA
x-amz-cf-id: 9l7F6mN2AWiLmWo5c3WjwH5qcK24TYrCnH4jmR2f-7jNqv61MvN_lw==

GET
H3 200 thanac-4-4-187329-1-006be2.jpg
image-tc.galaxy.tf/wijpeg-72fbcfgrmgt18sv7imhrqr80a/ 289 KB
290 KB 569ms
569ms Image
image/jpeg 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-72fbcfgrmgt18sv7imhrqr80a/thanac-4-4-187329-1-006be2.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d1e2226c4a11e8e8195adac73c99be79e4e0ccb8906f623280e2b62d599874f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:08 GMT
x-amz-version-id: 6NuVI_vbyWN4_MI_obqRxIUCVGwKD.AD
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 780489eb078b12b535ed56179d4e97fe.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 295866
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 05:27:46 GMT
server: cloudflare
etag: "e2cf92f19e8ffaf4ac75f58e2baf2987"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f24d4ff59b3f-FRA
x-amz-cf-id: Mg6MTj3T63-yEyEo1obmtOPzisjmpzv95BMDNpfbAc7lLoyc3KS_9Q==

GET
H3 200 egpb-overall-3.jpg
image-tc.galaxy.tf/wijpeg-9yxay60nixm6j1gr0t1dk8bct/ 409 KB
410 KB 547ms
547ms Image
image/jpeg 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-9yxay60nixm6j1gr0t1dk8bct/egpb-overall-3.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3fc9e30ebefb6628ae3defc470ac95c102d3808a67a19d9e4a8b40379820be

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:09 GMT
x-amz-version-id: M3c9nRx5o9WPzytA6ZH.50UcBGTHa4q1
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 e34b146b2a4038019e9b2a95fac837fc.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 418708
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Jul 2023 07:42:05 GMT
server: cloudflare
etag: "f28ad5c0f6d16101244cb11e351541d4"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f2528b839b3f-FRA
x-amz-cf-id: jZGMAxbMoNrVFE71TdxZKzl4gfL5pdnKEDytR066TPe7nFSOpC6yLw==

GET
H3 200 ehcbi-lobby-10-1-b4e3bd.jpg
image-tc.galaxy.tf/wijpeg-afq5q8o9utujn9nga4gfz20m0/ 186 KB
186 KB 586ms
586ms Image
image/jpeg 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-afq5q8o9utujn9nga4gfz20m0/ehcbi-lobby-10-1-b4e3bd.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c696612d402ffb390d8975b68cb0babf3acaf61125d6aa0a9a04fc2b714a10fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:10 GMT
x-amz-version-id: xAlkGjE3owGfxhkuOfUaCR4gvRE7EfVm
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 780489eb078b12b535ed56179d4e97fe.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 189971
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 05:27:51 GMT
server: cloudflare
etag: "945e16167a6b37f3961b1f5702b2b9d5"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f2583fc79b3f-FRA
x-amz-cf-id: PnGJOMwi6dztd4vl-RAea5UkqA70SZW8a_lzYZMBip9iZdnsA30JUg==

GET
H3 200 eghv-executive-lounge-2.jpg
image-tc.galaxy.tf/wijpeg-jk7mzpkjeg0s9kbota674wx6/ 237 KB
238 KB 547ms
546ms Image
image/jpeg 2606:4700::6811:b73a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-jk7mzpkjeg0s9kbota674wx6/eghv-executive-lounge-2.jpg?width=1920

Requested by

Host: www.eastinhotelsresidences.com
URL: https://www.eastinhotelsresidences.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b73a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65b80a34255909871b2be7b2d2a63570c991b992b1fd196f7f719eae22b15da1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eastinhotelsresidences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:35:10 GMT
x-amz-version-id: rHAjfhUeSyl6zCljQri42z5Oibtyr7Ue
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 e34b146b2a4038019e9b2a95fac837fc.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 242851
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 04:32:51 GMT
server: cloudflare
etag: "fa6b8087b4a982f8248b87e5e1df55d6"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 84d4f25d8bdc9b3f-FRA
x-amz-cf-id: NSpB61DVyKS4XOBQxR6pDeUHGckW0yVMH7y7mrd1otBihS5Q5EojhA==

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eastinhotelsresidences.com/	1970-01-20 18:04:14	Name: _gid Value: GA1.2.331239652.1706567705
.vimeo.com/	1970-01-20 18:02:49	Name: __cf_bm Value: N0bELBHLzFctcN53YccP_YqrqwBylXhYPW9LC.a68lk-1706567705-1-AVPIz32JdtXIYu3Pz1//zEPAZeJABVkfPalE+OsK4hmk1gwOUnR5uujvsZwH7SUgk6rdu7LedFiJY58lOc/kRDs=
.adnxs.com/	1970-01-21 03:38:47	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 03:24:23	Name: IDE Value: AHWqTUmxGCkdXdIv261--kEEOIyuSsi6pur4XM9e_rAuTcYfjCmSA84g2t-wBOIvrxQ
.adform.net/	1970-01-20 18:47:26	Name: C Value: 1
.adform.net/	1970-01-20 19:29:11	Name: uid Value: 980116805332889803
.sojern.com/	1970-01-21 02:48:23	Name: gid Value: CAESEP_le85gfqh5kCbfgV7g7tk
.sojern.com/	1970-01-21 02:48:23	Name: cid Value: 08b21680-4221-6ba3-f765-e30e663b731d#1706486400000
.doubleclick.net/	1970-01-20 18:45:59	Name: ar_debug Value: 1
.sojern.com/	1970-01-21 02:48:23	Name: adfid Value: 980116805332889803
.vimeo.com/	1970-01-21 03:38:47	Name: vuid Value: pl366518344.234613890
.www.eastinhotelsresidences.com/	1970-01-21 02:48:23	Name: cf_clearance Value: tcAB8Gu2a03AAVfAxQrNmu2M0YRV8izvPSxpR_3eREQ-1706567706-1-AY1HCef8B+5RTM1UhCCuOHSM1r9EpKnpbnSvl5nqXs1zd9kG0MPPTi4jp29LzjMsiCEr3R6XJEtAa1moL9qo9oU=
www.eastinhotelsresidences.com/	1969-12-31 23:59:59	Name: __tcet Value: 1706567706
.eastinhotelsresidences.com/	1970-01-20 18:02:47	Name: _gat_UA-162681275-3 Value: 1
.eastinhotelsresidences.com/	1970-01-20 18:02:47	Name: _gat_tct Value: 1
.adform.net/	1970-01-20 19:29:11	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 18:04:14	Name: CM Value: 1\|1
.eastinhotelsresidences.com/	1970-01-21 03:38:47	Name: _ga_1PTC8F8MTT Value: GS1.1.1706567706.1.0.1706567706.60.0.0
.eastinhotelsresidences.com/	1970-01-21 03:38:47	Name: _ga Value: GA1.1.979316819.1706567705
.eastinhotelsresidences.com/	1970-01-21 03:38:47	Name: _ga_3R5SJEDWK4 Value: GS1.1.1706567706.1.0.1706567706.0.0.0
.adform.net/	1970-01-20 18:22:57	Name: CM14 Value: 1706654106_1706567706_1706567706_1_Hu7u4e4e4R7u4e4REREeEREREA
.eyeota.net/	1970-01-20 18:02:48	Name: SERVERID Value: 24042~DM
.casalemedia.com/	1970-01-21 02:48:23	Name: CMID Value: ZbgoGld2uKeDsyrye4Kp2wAA
.casalemedia.com/	1970-01-20 20:12:23	Name: CMPS Value: 5298
.casalemedia.com/	1970-01-20 20:12:23	Name: CMPRO Value: 5298
.seadform.net/	1970-01-20 19:29:11	Name: uid Value: 980116805332889803
.adnxs.com/	1970-01-20 20:12:23	Name: XANDR_PANID Value: oTJs5pUuUcMVjwS3SozxIzZKwGqZskCChYoJVoUKQtnUw0JOiA4zhmN_cRjy1WoaZbVkhozIipAf9VbB-6jNexUNwO0_n61VNSm94068QkY.
.adnxs.com/	1970-01-20 20:12:23	Name: uuid2 Value: 6844672575976020927
.ads.stickyadstv.com/	1970-01-20 19:29:11	Name: uid-bp-617 Value: 980116805332889803
.ads.stickyadstv.com/	1970-01-20 18:45:59	Name: UID Value: fffefacc22f15034722fae5c3c1426f
.semasio.net/	1970-01-21 02:48:23	Name: SEUNCY Value: 325424EB81CEABC2
cm.adsafety.net/	1970-01-21 02:48:23	Name: UID Value: CM120240129221153621944c2e7b276c
.adsafety.net/	1970-01-21 02:48:23	Name: cm_uid Value: CM120240129221153621944c2e7b276c
.adnxs.com/	1970-01-20 20:12:23	Name: anj Value: dTM7k!M4/YErk#WF']wIg2GTwd<7pl!]tbPl1MO?+q([.UbW'yN^Ei-Os981_(xdHSGu-zqga>cGdD0[%p[s>%q)3R8vnqa
.exelator.com/	1970-01-20 20:55:35	Name: EE Value: "60c6326bcf0e834ba28eb6764483d0c5"
.exelator.com/	1970-01-20 20:55:35	Name: ud Value: "eJxrXxzq6XKLQcHMINnM2MgsKTnNINXC2CQp0cgiNcnM3MzExMI4xSDZdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kYvr4qKUNMZFJcWngo%252BtXgcAOrQnhQ%253D%253D"
tags.adsafety.net/	1970-01-21 02:48:23	Name: UID Value: b059bd58a629c506c96ef810e385a3ae
tags.adsafety.net/	1970-01-21 02:48:23	Name: DID Value: b059bd58a629c506c96ef810e385a3ae
tags.adsafety.net/	1970-01-21 02:48:23	Name: IDT Value: 100
tags.adsafety.net/	1970-01-21 02:48:23	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 18:45:59	Name: block_reset Value: 1
.adsafety.net/	1970-01-21 02:48:23	Name: ct_uid Value: b059bd58a629c506c96ef810e385a3ae
.adsafety.net/	1970-01-21 02:48:23	Name: ct_did Value: b059bd58a629c506c96ef810e385a3ae
.adsafety.net/	1970-01-21 02:48:23	Name: ct_idt Value: 100
cm.adsafety.net/	1970-01-21 02:48:23	Name: permanent Value: 1
.krxd.net/	1970-01-20 22:21:59	Name: _kuid_ Value: QEMPt4JV
ads.smartstream.tv/	1970-01-21 02:48:23	Name: DID Value: b059bd58a629c506c96ef810e385a3ae
ads.smartstream.tv/	1970-01-21 02:48:23	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 02:48:23	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 18:45:59	Name: cm_uid Value: CM120240129221153621944c2e7b276c
.agkn.com/	1970-01-21 02:48:23	Name: ab Value: 0001%3A4HQI6oJZtTjTQpQw8IZcWgFbBktmPapX
.audrte.com/	1970-01-20 18:24:23	Name: arcki2 Value: i9362zkiKNQQEKwfcOFEnKKYQ!20220908!1706567706781!ip#80.255.10.201
.audrte.com/	1970-01-20 18:24:23	Name: arcki2_adform Value: 980116805332889803!20220908!1706567706781
.adfarm1.adition.com/	1970-01-20 20:12:23	Name: UserID1 Value: 7329652485700384928
.w55c.net/	1970-01-21 03:33:02	Name: wfivefivec Value: kVgtPWCd1RuAdA5
.w55c.net/	1970-01-20 18:45:59	Name: matchadform Value: 5
.audrte.com/	1970-01-20 18:24:23	Name: arcki2_ddp2 Value: i9362zkiKNQQEKwfcOFEnKKYQ!20220908!1706567706839
.demdex.net/	1970-01-20 22:21:59	Name: demdex Value: 59929797047449190441184026890449133808
.weborama.fr/	1970-01-21 03:28:42	Name: AFFICHE_W Value: Bpzgpn7emDUG44
.dpm.demdex.net/	1970-01-20 22:21:59	Name: dpm Value: 59929797047449190441184026890449133808
.bluekai.com/	1970-01-20 22:24:52	Name: bku Value: aG/99OGGrsDBpzQY
.bluekai.com/	1970-01-20 22:24:52	Name: bkpa Value: KJy9/xeKd02pSUHknp1p1p90wtkAwEAT1eWhBMQyBE1p1MQTmEQy1y19kVA/YQ==
cm.adsafety.net/	1970-01-21 02:48:23	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaL25qQzQrczVwcWdyMDRhOU5MZ0hJRldNdWR2cFNsL0U3MW5odTA0U1NGK21Qc0NQMGZpWmsyRjhaQ3NXQkg3RmE0WXJJSzlXMEpUZ29rY1pWYkc1YWR6QXQ5eUcrYXdlMmpGR0c5cm5MQkVCQWlsdXJ0MVM4NVp6QWV6MDd4YTNKSnZwaEM0RE1aMnQwdFFmT2pKL3JvQW9EOHdQL3BjWmRPTEZSTk1ubnl0ak52ODNkYjRrcnZZUkNLVW9nMzJTTkFkemJDUnFxNzJRNGEyR1lUQmFmUzJ5NlFFNzBybjZZWlNSRzVLOS9JMVR0Wmgzb2Q1Ui9GSzM3ZmpVVnh3WUVKd2U0Nzh6ZnN2dzR3L0ZURkpqUHZkQ0xlcUtxYjJkb01hUm9yMUF2MWFFdUZJZGJZY3dWVWNFNUVnY29mS3hYQ1h3Mkh0SjdHZWFuVWkrcmd4Uzc3M3ZHSFNhcStyTWFrUnBtdG9WTmpsNUMzZHdKNFoyK3dxVktaQ2N5bkdvSjZSaExNTisyR2ZuS2ZmWC9KbUhBTWJKVVYyOHNUMGFMMWJjeGdGVzM0Tk5GLzJYVVFZeVU3NWp4NUM4cG5mN2pleThIVEdYTkhwL1pnd2ZsaGpjK0g3bE9sRWJwUGFWRS9UdGppczBJbEp3eERwaFhtNmZndGN2YlIwcUJ3QVVyWmVuOVA2c1poaGgxK0ZubXVTNEFzQmllTjVxRUw5aDVjUm1FRGpWWTZ2N1htRHVobTN2QjE4R0MwNzROUWpXSFkvZUd0STR6bHpDZmJhK3lOV2o1S3g3dnI4QmJrUEpmbFcxNG1ndnpNemRpYzBaYzBibVJ6SG5nRktNcFBXUGFaVGR5TFhkeHRYMW9adEJTVE1kZXk0bFpoQTZYcEptSGFQME01eWNuMkFFSis5RFZGaUYwd25KWTQ5a2haSDcrUnpVb29LU0NrUVhpakJDSmg1NWZGNDhJTGJ4ZHZSWWJ1TWpyYk5rTThTOU1Bbmptdzh2aXVLbUx6Yk9jVml3THhCQUZDb0h2bElTYk9UOU1FM2k0TWV6YXU1eENGOVREQTNEUXg3dVYzWTZEdDF2bDVodEJxbUhkRU9qcWlzT0tNVVhaUm9FMklJTGhQcVBLOE1icnFZTnRabU1VTWZTbGxWZTAzcG9NN0pyUkl0UExYQ3NYOXBtRTJQbENZMzR4YTFpVVpxWlFwY0k5enNHVUFvOGduQTBCNk15WDJrRE1STzdORE8vMFJ4OFowVTdBa3hnWWdQYzFoaDNNdCtQZkV0Tk82b0FsVFJaOFJsYnkzdVhnRjgwSG1XN1psM2NDUi81Q0laaDZKaQ%3D%3D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.eastinhotelsresidences.com/undefined Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.eastinhotelsresidences.com/ Message: Refused to execute script from 'https://www.eastinhotelsresidences.com/undefined' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://connect.facebook.net/signals/config/777941750775110?v=2.9.143&r=stable&domain=www.eastinhotelsresidences.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=980116805332889803 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=980116805332889803/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
analytics.google.com
api.adrtx.net
beacon.krxd.net
beacon.sojern.com
c1.adform.net
cdn.galaxy.tf
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamic.travelclick-websolutions.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
f.vimeocdn.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image-tc.galaxy.tf
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pixel.sojern.com
player.vimeo.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
static.sojern.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
tc.galaxy.tf
token.rubiconproject.com
uipglob.semasio.net
vimeo.com
www.eastinhotelsresidences.com
www.facebook.com
www.google-analytics.com
www.google.ru
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.18.36.155
107.178.244.119
139.162.147.24
142.250.184.198
146.75.118.109
15.197.193.217
151.101.0.217
162.159.128.61
162.159.138.60
162.19.138.83
172.217.16.194
18.161.111.37
18.197.132.245
18.197.177.71
185.167.164.43
193.135.9.124
195.244.31.25
198.47.127.205
2.16.97.41
2001:4860:4802:36::181
23.43.61.193
2600:9000:211e:3c00:1b:5138:8a40:93a1
2606:4700::6811:b63a
2606:4700::6811:b73a
2606:4700::6811:b93a
2606:4700::6811:ba3a
2607:ae80:4::25
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:806::200e
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.120.22.30
3.125.70.222
34.120.202.204
34.98.64.218
35.190.24.218
35.214.149.91
35.244.174.68
35.244.188.9
37.157.2.229
37.157.2.248
37.157.3.20
37.252.172.123
46.19.11.36
52.210.162.23
52.214.179.171
52.218.45.240
52.29.105.89
52.57.153.95
54.217.93.219
54.74.195.22
54.77.71.210
54.78.141.128
54.78.254.47
69.173.144.138
72.246.169.24
76.223.111.18
77.243.51.121
80.85.85.173
81.17.55.172
85.114.159.118
89.163.142.91
0098006fea9999fca88a05fe38168c971d3efc2fdbe2f6eb8c34ea0d5ec64190
05e0d95e16595bcc9b3c0e4f2a0f1a455630f8ab577f682676162e3c87aefe20
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14cac7b96ee4613e4181c1c60478189c5b47667e30fffadea2e23fdc4d88e25c
1731c1bd93b605b0a77f2cd3cacb1934140d056edd4f27050dd1c050de51ae59
193162428dec979db75071042607f6358e84947adfca955bfb870baa01c5c451
1baa217c09359506ad7cd3014e5e248716f7bde5cf253c4b257bd8153c3b770e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
268ec58a5e139e667adcfccc25c7d8f948b4f0085c09938e75bbeb90c6596d93
2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
326f3659de1153f0d59c9258fdd63b7dfd6dd26f2c9c3e9adc4b87f71b122a7b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3333a2035912d27f9f31d7ef4d7a59aab880a4a89fa54a729dcdf1bc8bcdb81c
3b2c0b4d812521c0a474dff2d09a82ab423fdd995f6308e7380f8003db6bbaf7
46719c39391e0cde24fa1fe95637224f0a4fc999b8ab6d3c8fd765a1992bfbcc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d7056da36fdfe616de6045feed40cd3b52d23ab8b2c33a1f4910cb94b439533
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
598dac89694017d12e812bdae67530962525b21b3d29f0c6cb54d64279476e67
5fd6673c422424e4269957d703f7552aeebed142390e9c3720fd6770a2ec7d3a
6155017ccaef10c979d55cc784681eb9ed90e582fdb9d6462cddea98a09a3446
63bb2dc1882ddfb3446be4526a312d4db94c7a5bed74b2f78fbba1e3427f35b3
65b80a34255909871b2be7b2d2a63570c991b992b1fd196f7f719eae22b15da1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e9b535e5bbdb29b0f17910af51dd9fb3f853891092c93c4594b4f52c2edc8fe
774ddabd59e81ed871019ed258dcc19b11900b30128173ffb730fb46ae855bd2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87278ae8e25eb2d2e29d87fd69b603e49e2d22975a04038803918a445499af92
88ffb2dbced05dc550c0c5f7295e43cc245d23c679639356033547376fd07c3b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8acbec95e03a4dfb513a65b035614b4968266c66ba4f352cf0eff104927cd58c
8d1e2226c4a11e8e8195adac73c99be79e4e0ccb8906f623280e2b62d599874f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f796e86df3ba1220e8e63bae4eaaa67fa15a83a7301a579dcf9e4d4125bc216
8fb145097617f8fc4eeb0e4c78f0fdad982e7252ecae7c68b467c1eecab38c40
907de905a6b744a6e7c2a00312bdcad377799db75031ffa7a7f3d5520966abdb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9dd7af1e4f9db2bf265936bded3d0cb2f8c46c3ced0e1b88f327ff786794c02c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a133b69184f833347f657b9246b79b5e3672a0b20b8c5d5de299fad9d4f1e3fb
a2bc6601fe071aa4635d7bc42ca68c387a6ea49782876a625ea47bad99d8720b
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a48afcdd03f4564488705ee1d770061af2c928c8b5ed5653a3dc9c95a8aab1fc
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b08302fdcd391cbc694428a30c5060e56c6b3e72854ed780b2d9de1530aca12e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3dc0e20cb24e592bf7e833ec9c1cfc63299bee6a8be6d771bd89d70af1757d1
b5a86464c4b9183b213d65414690cc67a7c95322fca37b6a62ba0378c6890469
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd0a8eaa28930dd9d90affc84e5aea945c2215c8b8cc40c830949dbe5030723a
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c0ad48ce8c18e7f01c447c7dcfea992c0990b0d90e843a4327fa15f883fef5ac
c696612d402ffb390d8975b68cb0babf3acaf61125d6aa0a9a04fc2b714a10fc
cb614aa8d0a8b01430a200496785fd7cbf2c185b7743ce44def6119470d85bcb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d575343cf1ae9f9aab1230eb9407fa33d9c7842abe377887a72bcf025e810929
d5c77bdb4cbbd984503cf66fee883735866d05e4b433a03d09c7a502cfc4eb1b
da3fc9e30ebefb6628ae3defc470ac95c102d3808a67a19d9e4a8b40379820be
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ae2eabe05abea4257c23d7fe7787140961c6a420c22d8459950a39918bea6f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f51a9d161ee058e4ea25c31ef3b1d7ad3de51cdf961286c3c0c8067605f59dc4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc018b15933a38b35be9bc63f711ad7d5bb35799f20a19f419cb75618aa40ec2
fc75b7b203cb5e92d83655298e99f4fd5acb30159dce2adb2ed96688de5950fd

www.eastinhotelsresidences.com Open in urlscan Pro 2606:4700::6811:ba3a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

84 %HTTPS

26 %IPv6

54 Domains

73 Subdomains

58 IPs

9 Countries

3294 kBTransfer

7509 kBSize

63 Cookies

4 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.eastinhotelsresidences.com Open in urlscan Pro
2606:4700::6811:ba3a Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

84 %
HTTPS

26 %
IPv6

54
Domains

73
Subdomains

58
IPs

9
Countries

3294 kB
Transfer

7509 kB
Size

63
Cookies

121 HTTP transactions
1 data transactions