www.ensanahotels.com Open in urlscan Pro
5.132.161.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ensanahotels.com/ro/ursina
Submission: On August 01 via manual (August 1st 2020, 5:18:47 am UTC) from RO

Summary HTTP 100 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 17 domains to perform 100 HTTP transactions. The main IP is 5.132.161.168, located in Austria and belongs to INTERNEX-AS, AT. The main domain is www.ensanahotels.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on November 22nd 2018. Valid for: 2 years.

This is the only time www.ensanahotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	5.132.161.168 5.132.161.168	44453 (INTERNEX-AS) (INTERNEX-AS)
1	34.197.140.245 34.197.140.245	14618 (AMAZON-AES) (AMAZON-AES)
1 12	81.95.110.109 81.95.110.109	25234 (GLOBE-AS ...) (GLOBE-AS http://www.active24.cz/)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:598:a::7... 2a02:598:a::79:33	43037 (SEZNAM-) (SEZNAM-)
1	143.204.201.13 143.204.201.13	16509 (AMAZON-02) (AMAZON-02)
6	143.204.208.219 143.204.208.219	16509 (AMAZON-02) (AMAZON-02)
7	151.101.113.62 151.101.113.62	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	35.186.195.233 35.186.195.233	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:be00:f:900d:ef80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1 2	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
5	151.101.113.182 151.101.113.182	54113 (FASTLY) (FASTLY)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
100	23

34 5.132.161.168 (Austria)

ASN44453 (INTERNEX-AS, AT)
PTR: serv26774786.secure-node.com

www.ensanahotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.140.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-140-245.compute-1.amazonaws.com

www.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 81.95.110.109 (Czech Republic) 1 redirects

ASN25234 (GLOBE-AS http://www.active24.cz/, CZ)
PTR: gds57e.active24.cz

www.zoom-letter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:598:a::79:33 (Czech Republic)

ASN43037 (SEZNAM-, CZ)

c.imedia.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-13.fra53.r.cloudfront.net

customs.affilired.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.208.219 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-219.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.113.62 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

onboard.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.195.233 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 233.195.186.35.bc.googleusercontent.com

api.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:be00:f:900d:ef80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.denomatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net

9694721.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.113.182 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-meta.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

messages.guest-experience.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	ensanahotels.com www.ensanahotels.com	1 MB
18	triptease.io onboard.triptease.io api.triptease.io static.triptease.io static-meta.triptease.io b.triptease.io messages.guest-experience.triptease.io	192 KB
12	zoom-letter.com 1 redirects www.zoom-letter.com	37 KB
6	facebook.com www.facebook.com	967 B
6	cloudfront.net d10lpsik1i8c69.cloudfront.net	99 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net 9694721.fls.doubleclick.net bid.g.doubleclick.net	2 KB
5	google-analytics.com www.google-analytics.com	47 KB
4	facebook.net connect.facebook.net	431 KB
2	google.de www.google.de	213 B
2	google.com 1 redirects www.google.com	279 B
2	imedia.cz c.imedia.cz	1 KB
1	denomatic.com cdn.denomatic.com	2 KB
1	luckyorange.net settings.luckyorange.net	1 KB
1	affilired.com customs.affilired.com	747 B
1	googleadservices.com www.googleadservices.com	12 KB
1	googletagmanager.com www.googletagmanager.com	47 KB
1	bugherd.com www.bugherd.com
100	17

	Domain	Requested by
34	www.ensanahotels.com	www.ensanahotels.com
12	www.zoom-letter.com	1 redirects www.ensanahotels.com www.zoom-letter.com
6	www.facebook.com	www.ensanahotels.com connect.facebook.net
6	d10lpsik1i8c69.cloudfront.net	www.ensanahotels.com d10lpsik1i8c69.cloudfront.net
5	api.triptease.io	onboard.triptease.io static.triptease.io
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ensanahotels.com
4	static.triptease.io	onboard.triptease.io static.triptease.io
4	onboard.triptease.io	www.ensanahotels.com onboard.triptease.io
4	connect.facebook.net	www.ensanahotels.com connect.facebook.net
3	b.triptease.io	onboard.triptease.io b.triptease.io
2	9694721.fls.doubleclick.net	1 redirects cdn.denomatic.com
2	www.google.de	www.ensanahotels.com
2	www.google.com	1 redirects www.ensanahotels.com
2	c.imedia.cz	www.googletagmanager.com www.ensanahotels.com
1	messages.guest-experience.triptease.io	static.triptease.io
1	static-meta.triptease.io	onboard.triptease.io
1	bid.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	1 redirects
1	cdn.denomatic.com	customs.affilired.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	customs.affilired.com	www.ensanahotels.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.ensanahotels.com
1	www.bugherd.com	www.ensanahotels.com
100	25

This site contains links to these domains. Also see Links.

Domain
booking.ensanahotels.com
www.facebook.com
www.youtube.com
www.sportalpen-marketing.at

Subject Issuer	Validity	Valid
www.ensanahotels.com RapidSSL RSA CA 2018	`2018-11-22` - `2020-11-21`	2 years	crt.sh
assets.bugherd.com Let's Encrypt Authority X3	`2020-06-11` - `2020-09-09`	3 months	crt.sh
zoom-letter.com Let's Encrypt Authority X3	`2020-07-01` - `2020-09-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
c.imedia.cz Let's Encrypt Authority X3	`2020-06-08` - `2020-09-06`	3 months	crt.sh
www.affilired.com GeoTrust EV RSA CA 2018	`2019-06-14` - `2020-08-12`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
q.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-17` - `2021-04-10`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-31` - `2021-07-31`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.triptease.io Sectigo RSA Organization Validation Secure Server CA	`2020-04-16` - `2022-05-07`	2 years	crt.sh
www.denomatic.com GeoTrust EV RSA CA 2018	`2019-09-30` - `2020-11-28`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.guest-experience.triptease.io Let's Encrypt Authority X3	`2020-07-07` - `2020-10-05`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.ensanahotels.com/ro/ursina
Frame ID: E6FB3221D5DB49385EE360B63051E0B8
Requests: 91 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/latest/kernel-host.html?originHost=www.ensanahotels.com
Frame ID: 5045551CDFA992BFFC6C3693C8534802
Requests: 1 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=fdf89d8
Frame ID: 325EF5D0BF9E1AFF956870BF429E1375
Requests: 3 HTTP requests in this frame

Frame: https://9694721.fls.doubleclick.net/activityi;dc_pre=COShjcqg-eoCFUvnuwgdklQIcA;src=9694721;type=visit0;cat=visit0;u1=visitor;u27=counter;u28=0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19595778820185.328
Frame ID: CC7CB4283884DCDF2D20FF09EF2FC632
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 9D9522BF15D30304C4F7AAC04D17CA55
Requests: 1 HTTP requests in this frame

Frame: https://b.triptease.io/client-side-helpers?apiKey=undefined&origin=https://www.ensanahotels.com
Frame ID: 868313897CEAD3E678F28FB3413FF0A9
Requests: 1 HTTP requests in this frame

Frame: https://b.triptease.io/?apikey=undefined&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=99c593ad-ec4c-44bd-9c6f-1b9af345f301
Frame ID: 13453591DA7B4682F5EC6703CF1A5B55
Requests: 1 HTTP requests in this frame

Frame: https://static.triptease.io/message-porter/dist/storageIframe.html
Frame ID: 8F80355C89A4ADE5A3B351BA81FD7215
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

100
Requests

98 %
HTTPS

43 %
IPv6

17
Domains

25
Subdomains

23
IPs

6
Countries

1967 kB
Transfer

5928 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://booking.ensanahotels.com/ibe/default.aspx?langid=19&hgid=1112
Title: Rezervare

Search URL Search Domain Scan URL

URL: https://booking.ensanahotels.com/ibe/change.aspx?langid=19&hgid=877
Title: Rezervarea mea

Search URL Search Domain Scan URL

URL: https://booking.ensanahotels.com/ibe/change.aspx?langid=19&hgid=1112
Title: Rezervarea mea

Search URL Search Domain Scan URL

URL: https://booking.ensanahotels.com/ibe/default.aspx?langID=19&hgid=1112&checkin=01%2F08%2F2020&checkout=08%2F08%2F2020
Title: Rezervare

Search URL Search Domain Scan URL

URL: https://booking.ensanahotels.com/ibe/index.aspx?langid=19&hotelid=14802
Title: Rezervati

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ensanahotels/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCjSzBG-8Tk39GDUgvfp_06w?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://www.sportalpen-marketing.at/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.zoom-letter.com/bhv2/www-ensanahotels-com/ HTTP 302
https://www.zoom-letter.com/klienti/www-ensanahotels-com/behavior/bhvcall2.js

Request Chain 66

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-128338515-2&cid=174774114.1596259110&jid=528796196&gjid=1394776274&_gid=1297098548.1596259110&_u=aGDAgEALQ~&z=1891563895 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128338515-2&cid=174774114.1596259110&jid=528796196&_v=j83&z=1891563895 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128338515-2&cid=174774114.1596259110&jid=528796196&_v=j83&z=1891563895&slf_rd=1&random=2897624865

Request Chain 69

https://9694721.fls.doubleclick.net/activityi;src=9694721;type=visit0;cat=visit0;u1=visitor;u27=counter;u28=0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19595778820185.328 HTTP 302
https://9694721.fls.doubleclick.net/activityi;dc_pre=COShjcqg-eoCFUvnuwgdklQIcA;src=9694721;type=visit0;cat=visit0;u1=visitor;u27=counter;u28=0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19595778820185.328

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ursina Show response
www.ensanahotels.com/ro/ 91 KB
15 KB 254ms
144ms Document
text/html 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache / pimcore
Resource Hash: 142fb2e83b47098f7fa57468ff034a0b45d89a46a30b3d9bf1d41551bd125086

Request headers

:method: GET
:authority: www.ensanahotels.com
:scheme: https
:path: /ro/ursina
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 01 Aug 2020 05:18:29 GMT
server: Apache
cache-control: no-cache, private max-age=604800
x-powered-by: pimcore
content-language: ro
expires: Sat, 08 Aug 2020 05:18:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14695
content-type: text/html; charset=UTF-8

GET
H2 200 libs.css
www.ensanahotels.com/static/css/ 530 KB
67 KB 59ms
59ms Stylesheet
text/css 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/css/libs.css
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 972113b035059c4249dc6879a6c7d8ccb4a107b9d46c51c3d5f0429496980200

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 14:14:23 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 styles.css
www.ensanahotels.com/static/css/ 370 KB
42 KB 38ms
37ms Stylesheet
text/css 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/css/styles.css
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 523e1c8dd661c83187a7b832a6fcf49756606ab59baeb1d6408e2bea334af228

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 14:14:25 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 42105
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H/1.1 200
OK sidebarv2.js Show response
www.bugherd.com/ 0
0 426ms
145ms Script
text/plain 34.197.140.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bugherd.com/sidebarv2.js?apikey=v7bvzhwtmjbx5s09e4hqqa
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.140.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-140-245.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 logo.svg
www.ensanahotels.com/static/img/ 4 KB
2 KB 40ms
34ms Image
image/svg+xml 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/logo.svg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: a12e4a7932ca5978a066d2e6981cea191885d3a3f0f086b5196e11ea34b7ccfa

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Tue, 10 Jul 2018 11:26:07 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1849
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 en.svg
www.ensanahotels.com/static/img/flags/ 956 B
511 B 39ms
33ms Image
image/svg+xml 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/flags/en.svg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: d85f0f149b4390bed6624bc30ca2cbfa37d394f14474fcf81d63363ad363e284

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Tue, 05 Jun 2018 11:43:31 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 477
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 de.svg
www.ensanahotels.com/static/img/flags/ 220 B
232 B 37ms
32ms Image
image/svg+xml 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/flags/de.svg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 8d0d0a51ddf42e560ac09dd5556dff7bacce74c17f6ff9484bcf550a59482df4

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Tue, 05 Jun 2018 11:43:31 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 163
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 hu.svg
www.ensanahotels.com/static/img/flags/ 316 B
237 B 39ms
33ms Image
image/svg+xml 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/flags/hu.svg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 9de1c66f05202004cee7f0027090d2b83f35c17aad9194b4e3167b130276ac57

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Tue, 05 Jun 2018 11:43:31 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 204
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 ru.svg
www.ensanahotels.com/static/img/flags/ 297 B
236 B 39ms
33ms Image
image/svg+xml 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/flags/ru.svg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: edf2c2614a894c0acfbbbeb435a4f941eee782177a43a82f400a9264697e023e

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Tue, 05 Jun 2018 11:52:51 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 203
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 cz.svg
www.ensanahotels.com/static/img/flags/ 489 B
366 B 39ms
34ms Image
image/svg+xml 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/flags/cz.svg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 913ce2a1baa91611e8a4829a7b8a696197aa5590bfd85e90a5b8c1113b505b3f

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2019 13:04:29 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 310
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 sk.svg
www.ensanahotels.com/static/img/flags/ 2 KB
823 B 37ms
32ms Image
image/svg+xml 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/flags/sk.svg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 956bfa61f24542458b445af4d88c310fe60504991b4c85652f098ba5fe2182d8

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Tue, 05 Jun 2018 11:52:51 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 766
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 ro.svg
www.ensanahotels.com/static/img/flags/ 320 B
243 B 40ms
35ms Image
image/svg+xml 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/flags/ro.svg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 63c55736a245e5fa5e0484b4693d43e171941143fcbdb34d3aa8d4cfd6160c9d

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Tue, 05 Jun 2018 11:52:51 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 210
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 teaser-healthspahotels-6.jpeg
www.ensanahotels.com/portal/teaser-dropdown/image-thumb__3101__packageDropdown/ 14 KB
15 KB 40ms
34ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/portal/teaser-dropdown/image-thumb__3101__packageDropdown/teaser-healthspahotels-6.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 81123412fd56490127d3559000b60e772d4ca5c1e986cf63db569e0ca5d02245

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Thu, 11 Oct 2018 10:08:47 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14822
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 body-parts.png
www.ensanahotels.com/static/img/ 15 KB
16 KB 40ms
35ms Image
image/png 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/body-parts.png
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 4892dc214108cf456e26332e2f373f49e0437474fdeb715a73c523482e879776

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Tue, 20 Aug 2019 09:53:43 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15704
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 teaser-woman-w-jug-big.jpeg
www.ensanahotels.com/portal/teaser-dropdown/image-thumb__3447__packageDropdown/ 8 KB
9 KB 55ms
50ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/portal/teaser-dropdown/image-thumb__3447__packageDropdown/teaser-woman-w-jug-big.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 9efd2f4ac6ac8a07021df23c7c42e04bae590b231013bac15a70e3a041529930

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Tue, 16 Jul 2019 13:40:41 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8693
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 Hotel-104.jpeg
www.ensanahotels.com/hotels/ursina/1-the-hotel/image-thumb__4122__top_auto_88674dba59f0f28a37bb673c3b5b06ed/ 192 KB
194 KB 55ms
50ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/hotels/ursina/1-the-hotel/image-thumb__4122__top_auto_88674dba59f0f28a37bb673c3b5b06ed/Hotel-104.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 82e4214c8d35477848dedbb2f3ac78928ae0624d27373f97932d05290a048eea

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Tue, 21 Jul 2020 13:50:53 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 196988
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 taste-of-sovata.jpeg
www.ensanahotels.com/portal/packages-and-deals/image-thumb__4280__content/ 56 KB
56 KB 63ms
58ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/portal/packages-and-deals/image-thumb__4280__content/taste-of-sovata.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 30f5265e376fd44a6d8f4adcc9d4a657b59c6880e5cfc25beb9728942a567418

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Tue, 21 Jul 2020 13:56:48 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 57236
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 Hotel-78.jpeg
www.ensanahotels.com/hotels/ursina/3-rooms-suites/image-thumb__4157__gallery/ 33 KB
33 KB 56ms
52ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/hotels/ursina/3-rooms-suites/image-thumb__4157__gallery/Hotel-78.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: b7d7ab71d5664b67069820393abb1aef86a50552903684e26f84c945c503d55c

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Tue, 21 Jul 2020 13:51:53 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33798
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 Hotel-55.jpeg
www.ensanahotels.com/hotels/ursina/3-rooms-suites/image-thumb__4151__gallery/ 39 KB
39 KB 58ms
53ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/hotels/ursina/3-rooms-suites/image-thumb__4151__gallery/Hotel-55.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 2e32f4f1dbd355b89034d6e4357d6a77c8c032f363ca1a57c317bc1bd8540a1e

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Tue, 21 Jul 2020 13:58:13 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39976
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 Hotel-54.jpeg
www.ensanahotels.com/hotels/ursina/3-rooms-suites/image-thumb__4156__gallery/ 39 KB
39 KB 54ms
50ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/hotels/ursina/3-rooms-suites/image-thumb__4156__gallery/Hotel-54.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: d5e6e6b0fbb2028b97420aef10bb225fa44cfc18d90ddfcf811e18bd43ee48c9

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Tue, 21 Jul 2020 13:50:47 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39706
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 sovata-15.jpeg
www.ensanahotels.com/destinations/ro/sovata/New%20Sovata%202019/image-thumb__3815__teaserRowImage/ 33 KB
34 KB 54ms
50ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/destinations/ro/sovata/New%20Sovata%202019/image-thumb__3815__teaserRowImage/sovata-15.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 9c3f1d09e28e88573105620d3ff796cbf2f80d2dc3fd158ae941149b3bbe031e

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Thu, 09 Jan 2020 13:58:39 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 34108
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 bear-lake.jpeg
www.ensanahotels.com/destinations/ro/sovata/sights/image-thumb__1918__teaserRowImage/ 29 KB
29 KB 57ms
53ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/destinations/ro/sovata/sights/image-thumb__1918__teaserRowImage/bear-lake.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 87941a04bf85c338ac1eaa9f69ead434fe671c61985b2038de06b35994c7ec0d

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Tue, 21 Jul 2020 14:11:16 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29805
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 sovata-city-walk.jpeg
www.ensanahotels.com/destinations/ro/sovata/New%20Sovata%202019/image-thumb__3859__teaserRowImage/ 20 KB
21 KB 57ms
53ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/destinations/ro/sovata/New%20Sovata%202019/image-thumb__3859__teaserRowImage/sovata-city-walk.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 8b6e43c7d8149628706b91086194e19701606881ba059dd9b3380c9f4cb52bda

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Thu, 09 Jan 2020 15:46:48 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20797
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 handcraft_korond.jpeg
www.ensanahotels.com/destinations/ro/sovata/sights/image-thumb__1919__teaserRowImage/ 19 KB
19 KB 57ms
53ms Image
image/jpeg 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/destinations/ro/sovata/sights/image-thumb__1919__teaserRowImage/handcraft_korond.jpeg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 54447ea920835eac92e0c473a95164985d7376b5b9cbefe41924df76ec5bccff

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
last-modified: Thu, 09 Jan 2020 15:46:48 GMT
server: Apache
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19406
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 map.svg
www.ensanahotels.com/static/img/ 31 KB
12 KB 69ms
65ms Image
image/svg+xml 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/map.svg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 7113a90a22165f6a3bb7e67df61bd7162bb1623f177a0c02bae78df5100d3c6d

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2019 05:39:20 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12023
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 scripts.js Show response
www.ensanahotels.com/static/js/ 937 KB
278 KB 38ms
38ms Script
application/javascript 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/js/scripts.js
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 3a59326e42d42946ace3ac7200017e3ca340a76f5e53dc8b04afea6acf76e422

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 14:14:27 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 clientscripts.php Show response
www.zoom-letter.com/klienti/www-ensanahotels-com/ 2 KB
990 B 166ms
58ms Script
text/html 81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/klienti/www-ensanahotels-com/clientscripts.php

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

5aa241beb08443f0dfcabfe8404bc82f62e06e32e720bdcff6633a648829b9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
status: 200
server: nginx
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 768

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
47 KB 53ms
49ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WTGNC2S

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21b0d4b57efa40485db7b759cad39c2ec9e802d99ef78eeeada712a502e1aa5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48272
x-xss-protection: 0
last-modified: Sat, 01 Aug 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Aug 2020 05:18:29 GMT

GET
H2 200 icomoon.ttf
www.ensanahotels.com/static/fonts/icomoon/ 74 KB
31 KB 50ms
50ms Font
font/ttf 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/fonts/icomoon/icomoon.ttf?q2lwm1
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: e7cd903289874d5cdd11900f74f1cb62ca6f39338bb3590f7d0ceb0d2fe02c8c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/static/css/libs.css
Origin: https://www.ensanahotels.com

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Thu, 09 Aug 2018 09:33:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/ttf
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31097
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 368226_6_0.woff2
www.ensanahotels.com/static/fonts/branding/ 48 KB
49 KB 46ms
45ms Font
font/woff2 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/fonts/branding/368226_6_0.woff2
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 11794537bf90083647a51b2063005e3efbc692a7f670914429b52593ca4bac34

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/static/css/styles.css
Origin: https://www.ensanahotels.com

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Mon, 04 Jun 2018 13:33:48 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff2
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 49469
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 368226_2_0.woff2
www.ensanahotels.com/static/fonts/branding/ 56 KB
56 KB 49ms
49ms Font
font/woff2 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/fonts/branding/368226_2_0.woff2
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 3f313484ef27d1e5b28ed8c7efc897d34a7f2cc1612da28da17f7368d2b0831e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/static/css/styles.css
Origin: https://www.ensanahotels.com

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Mon, 04 Jun 2018 13:33:48 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff2
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 56775
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 poppins-v5-latin-ext_latin-regular.woff2
www.ensanahotels.com/static/fonts/poppins/ 10 KB
10 KB 37ms
37ms Font
font/woff2 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/fonts/poppins/poppins-v5-latin-ext_latin-regular.woff2
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 091bb0de0a818620d0fa529df0edee88a5ac2244b5396edbac0a527035cf4af7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/static/css/styles.css
Origin: https://www.ensanahotels.com

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Mon, 04 Jun 2018 13:19:43 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff2
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10487
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 poppins-v5-latin-ext_latin-700.woff2
www.ensanahotels.com/static/fonts/poppins/ 10 KB
10 KB 51ms
50ms Font
font/woff2 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/fonts/poppins/poppins-v5-latin-ext_latin-700.woff2
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: f5decc210dbe7320771b5ddf86e95be8c6d74d09ac53ab756d4bebcca49c5d3f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/static/css/styles.css
Origin: https://www.ensanahotels.com

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Mon, 04 Jun 2018 13:19:43 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff2
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10527
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 membership.js Show response
www.zoom-letter.com/plugins/membership/ 18 KB
4 KB 47ms
47ms Script
text/html 81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/plugins/membership/membership.js?t=9f76e03f5c2d232ca564a87b629bdf7d43ba4041

Requested by

Host: www.zoom-letter.com
URL: https://www.zoom-letter.com/klienti/www-ensanahotels-com/clientscripts.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

c7318aa4c013792bd75d48c82661fd2ad2d640cb0d5969b551753c750231af6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
server: nginx
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=604800, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 4313

GET
H2 200 popupdesigner.js Show response
www.zoom-letter.com/plugins/popupdesigner/ 43 KB
8 KB 50ms
50ms Script
text/html 81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/plugins/popupdesigner/popupdesigner.js?t=9f76e03f5c2d232ca564a87b629bdf7d43ba4041

Requested by

Host: www.zoom-letter.com
URL: https://www.zoom-letter.com/klienti/www-ensanahotels-com/clientscripts.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

70538b931f9505fc254a91093876345de4025b30b0cdb080a72d68643b202b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
server: nginx
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
content-length: 7953
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTGNC2S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3770
date: Sat, 01 Aug 2020 04:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sat, 01 Aug 2020 06:15:39 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 83ms
34ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTGNC2S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11328
x-xss-protection: 0
server: cafe
etag: 4229961699705442162
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Aug 2020 05:18:29 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34220
x-xss-protection: 0
pragma: public
x-fb-debug: 1IPtUQtOgb1Fcvm2OWsjqESwn8gF4LckuKhrX4VuNhur+ZX2X/BIORuBOmo+VdjPr8ijKq/WKUZcIlBbAsi/5A==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 01 Aug 2020 05:18:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK retargeting.js Show response
c.imedia.cz/js/ 877 B
843 B 59ms
15ms Script
application/javascript 2a02:598:a::79:33
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://c.imedia.cz/js/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTGNC2S
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:598:a::79:33 , Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 8a71646996e8df345edcd82df30a0778b3d348350a52bf8a96c176b3c7eb1a6f

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 05:18:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Apr 2020 15:46:49 GMT
Server: nginx
ETag: W/"5e972c69-36d"
Vary: Accept-Encoding
P3P: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin: *
Cache-Control: no-cache, private, max-age=0, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Sat, 01 Aug 2020 05:18:28 GMT

GET
H2 200 / Show response
customs.affilired.com/track/ 535 B
747 B 278ms
38ms Script
text/javascript 143.204.201.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customs.affilired.com/track/?merchant=4725
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.201.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-13.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: c29a550e371e8636f4ec6a1c2727581212f2afa4e662fbd8b4989f99d1a0f7e2

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:00 GMT
content-encoding: gzip
age: 30
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="IVA SAM IND NON COR"
status: 200
content-length: 339
jb-x-cache: EXPIRED
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: YmsuijuNgzl0RUL_xcT94rUy0OI72ldF1ITzPiVK6Hjb_wbGL876Zw==
expires: Sat, 08 Aug 2020 05:18:00 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 96ms
24ms Script
application/javascript 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efae8a06e2c2688ba0844bf43025c26e2b49b781674d6a7cd0d63c27493620b6

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 04:47:39 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 13:53:22 GMT
server: AmazonS3
age: 1851
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: hMEHBM_GjXGheb7NYLyoy2cMrVocOHUiC_I7Zt6lmK5OrQKRA7tS_A==
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)

GET
H/1.1 200
OK bootstrap.js Show response
onboard.triptease.io/ 55 KB
14 KB 127ms
25ms Script
application/javascript 151.101.113.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/bootstrap.js?integrationId=01E1Y34NPSQ2D6X1C2HM9S04DY

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0627b878966e3e508c0f2eda36b2926f796799f9acbd03f77c00c33863067d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina
Origin: https://www.ensanahotels.com

Response headers

Content-Encoding: gzip
Vary: Accept-Encoding
Age: 127
X-GUploader-UploadID: AAANsUlMlyRXmHvxn134_pXKnA9Di-C8wv1fOAH6Mk0H7LhIUNzvF0JYVROLs2Cn5im39A6TXrbwcnwy_ApDUt7ZphAzJ2ferg
x-goog-stored-content-encoding: gzip
Connection: keep-alive
x-goog-meta-build-version: 2915.24077
X-Served-By: cache-hhn4054-HHN
X-Timer: S1596259110.018840,VS0,VE0
ETag: "9e83c872261b808edef7a84d3ad1b690"
pseudo-session-id: 36180b6fdaab17263234a34a2e4da6bd329ef3f99c2b7f1690d1d721f7ec433c
x-goog-generation: 1596186434143997
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=600,no-transform
X-Cache-Hits: 2
Date: Sat, 01 Aug 2020 05:18:30 GMT
Via: 1.1 varnish
x-goog-meta-git-hash: f65272ff7e2ba18dfcb1fad3468a6ef032d415b4
X-Cache: HIT
x-goog-storage-class: MULTI_REGIONAL
backend-url: /bootstrap/v2915.24077/bootstrap.js
x-goog-metageneration: 1
Content-Length: 12831
Last-Modified: Fri, 31 Jul 2020 09:07:14 GMT
Server: UploadServer
Strict-Transport-Security: max-age=31557600
x-goog-hash: crc32c=a54NEQ==, md5=noPIciYbgI7e96hNOtG2kA==
pseudo-device-id: 2c7a47f3c2a0ca5c9eadc6a16ca28c1eaaacd90289c16d2c8c2d15081f47e5d7
Expires: Fri, 31 Jul 2020 09:33:40 GMT
x-goog-stored-content-length: 12831
Accept-Ranges: bytes

GET
H2

200

bhvcall2.js Show response
www.zoom-letter.com/klienti/www-ensanahotels-com/behavior/
Redirect Chain

https://www.zoom-letter.com/bhv2/www-ensanahotels-com/
https://www.zoom-letter.com/klienti/www-ensanahotels-com/behavior/bhvcall2.js

2 KB
800 B

57ms
57ms

Script
text/html

81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/klienti/www-ensanahotels-com/behavior/bhvcall2.js

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

23750e2bb5341524bbc6ebaccca185170d6a0cae9110b8cd3f07eb99e7a22bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
server: nginx
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=604800, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 598

Redirect headers

status: 302
date: Sat, 01 Aug 2020 05:18:29 GMT
server: nginx
content-length: 261
location: https://www.zoom-letter.com/klienti/www-ensanahotels-com/behavior/bhvcall2.js
content-type: text/html; charset=iso-8859-1

GET
H2 200 info.svg
www.ensanahotels.com/static/img/ 1017 B
598 B 32ms
32ms Image
image/svg+xml 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensanahotels.com/static/img/info.svg
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: d81b05d0b2894ad14b4f3cbd3de7b9b3e44b2364d3d712be66f5e1e828db22af

Request headers

Referer: https://www.ensanahotels.com/static/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 14:21:05 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 541
expires: Sun, 01 Aug 2021 05:18:29 GMT

GET
H2 200 fpmodule.js Show response
www.zoom-letter.com/admin/fingerprint/ 33 KB
10 KB 49ms
49ms Script
text/html 81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/admin/fingerprint/fpmodule.js

Requested by

Host: www.zoom-letter.com
URL: https://www.zoom-letter.com/plugins/membership/membership.js?t=9f76e03f5c2d232ca564a87b629bdf7d43ba4041

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

12f0e7d8a182cee63e8f102c5a3a47ebba756b3149d88f1bc17db8a404fff270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: gzip
server: nginx
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=604800, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 10167

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 70 KB
28 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WFFFFL7&t=gtm15&cid=174774114.1596259110

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b512038b04216c90352baeada27b09de463a595dcdc5e20ea3a9ab50d9259e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:29 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28047
x-xss-protection: 0
last-modified: Sat, 01 Aug 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Aug 2020 05:18:29 GMT

GET
H2 200 371815163769118 Show response
connect.facebook.net/signals/config/ 522 KB
133 KB 74ms
74ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/371815163769118?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b730ba9d3efd805fe1700a108bb501c6c1b350cef60b053cc6f0ce7bf69b029a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: HujDPah6+dhY7gg6+8klNoy9K7rCPt6dbZ7s1qJgZ66zeoJhXGpMKv/ZFdxn1JTz1LaJXnEYXODmMBVLyyWUzw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 01 Aug 2020 05:18:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/714419903/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/714419903/?random=1596259110012&cv=9&fst=1596259110012&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina&tiba=Hotel%20Ursina%2C%20Ensana%20Health%20Spa%20Hotels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aa478151ff62b7db8522cbbff1a0dea359f74f6b3e661dd8f7c5c1139ab1a1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1031
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 2 KB
1 KB 286ms
218ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina&s=182787

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

945e35067bb7b21856d6e276646aad4d45da2a369fa6481b01e231e52d5040c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.ensanahotels.com
access-control-allow-credentials: true
cf-ray: 5bbd194e2eb00c21-AMS
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
cf-request-id: 044a0e24d800000c21c1bc0200000001

GET
H/1.1 200
Ok retargeting
c.imedia.cz/ 43 B
563 B 11ms
10ms Image
image/gif 2a02:598:a::79:33
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.imedia.cz/retargeting?id=16627&category=&itemId=&url=https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:598:a::79:33 , Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 05:18:30 GMT
Content-Encoding: deflate
Server: nginx
Vary: Accept-Encoding
P3P: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
Cache-Control: private, max-age=0, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif

GET
H2 200 membership.css
www.zoom-letter.com/plugins/membership/ 141 B
389 B 46ms
46ms Stylesheet
text/css 81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/plugins/membership/membership.css

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/static/js/scripts.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

51a36b6a11a9dc97622ec5bed03dd0b12feec726a6153338a39183f74699b035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 27 Jul 2017 12:00:58 GMT
server: nginx
etag: "8d-5554b51519e76-gzip"
x-frame-options: ALLOWALL
content-type: text/css
status: 200
cache-control: max-age=604800, public, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 125

GET
H2 200 popupdesigner.css
www.zoom-letter.com/plugins/popupdesigner/ 1 KB
657 B 43ms
42ms Stylesheet
text/css 81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/plugins/popupdesigner/popupdesigner.css

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/static/js/scripts.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

f2a29e0390be4b80096455fd1e9e431ccb9c08e1cff63308709082e3dfbf576f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 14 Mar 2019 15:57:22 GMT
server: nginx
etag: "5c6-5840ffa4e24c1-gzip"
x-frame-options: ALLOWALL
content-type: text/css
status: 200
cache-control: max-age=604800, public, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 392

GET
H2 200 revolution.extension.slideanims.min.js Show response
www.ensanahotels.com/static/slider-revolution/revolution/js/extensions/ 28 KB
7 KB 33ms
33ms XHR
application/javascript 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/slider-revolution/revolution/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/static/js/scripts.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: 528240420dedd03c508141f501169017954b9724ca8334ccf96582ecdad4f5e2

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.ensanahotels.com/ro/ursina
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 09:06:26 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6876
expires: Sun, 01 Aug 2021 05:18:30 GMT

GET
H2 200 revolution.extension.navigation.min.js Show response
www.ensanahotels.com/static/slider-revolution/revolution/js/extensions/ 25 KB
7 KB 33ms
33ms XHR
application/javascript 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/slider-revolution/revolution/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/static/js/scripts.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: fe1591e3534594f770789ebbf62b4d8657f735f87f8576fe8dca2d807b4d7079

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.ensanahotels.com/ro/ursina
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 09:06:26 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7036
expires: Sun, 01 Aug 2021 05:18:30 GMT

GET
H2 200 revolution.extension.parallax.min.js Show response
www.ensanahotels.com/static/slider-revolution/revolution/js/extensions/ 11 KB
3 KB 32ms
32ms XHR
application/javascript 5.132.161.168
INTERNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensanahotels.com/static/slider-revolution/revolution/js/extensions/revolution.extension.parallax.min.js?version=5.4.8
Requested by: Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/static/js/scripts.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.132.161.168 , Austria, ASN44453 (INTERNEX-AS, AT),
Reverse DNS: serv26774786.secure-node.com
Software: Apache /
Resource Hash: a0ad9ea15f682280df7d61d146435e6954f235f0bf9e4a783d0eeb65d1ed8400

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.ensanahotels.com/ro/ursina
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 09:06:26 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3236
expires: Sun, 01 Aug 2021 05:18:30 GMT

POST
H2 200 ajax_data.php Show response
www.zoom-letter.com/plugins/membership/ 22 B
244 B 175ms
112ms XHR
text/html 81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/plugins/membership/ajax_data.php

Requested by

Host: www.zoom-letter.com
URL: https://www.zoom-letter.com/plugins/membership/membership.js?t=9f76e03f5c2d232ca564a87b629bdf7d43ba4041

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

c5aeadda61522e4b2914118fa2e1a67169fda859a61cfbe0839ac51866770c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryT5BgrUqjYPXxph2D

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
server: nginx
status: 200
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public, must-revalidate
strict-transport-security: max-age=31536000

POST
H2 200 ajax_data.php Show response
www.zoom-letter.com/plugins/popupdesigner/ 79 B
412 B 127ms
119ms XHR
text/html 81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/plugins/popupdesigner/ajax_data.php

Requested by

Host: www.zoom-letter.com
URL: https://www.zoom-letter.com/plugins/popupdesigner/popupdesigner.js?t=9f76e03f5c2d232ca564a87b629bdf7d43ba4041

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

0df7a095c56c4a737e6617b503bcc0ac98bca6f9b86775c9d2e3a9cfb7f4297f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryEuwN83MiKZBTDUIu

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx
status: 200
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 96
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 04:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1790
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Sat, 01 Aug 2020 05:48:40 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/714419903/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/714419903/?random=1596259110012&cv=9&fst=1596258000000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&frm=0&url=https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina&tiba=Hotel%20Ursina%2C%20Ensana%20Health%20Spa%20Hotels&async=1&fmt=3&is_vtc=1&random=511609752&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 05:18:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/714419903/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/714419903/?random=1596259110012&cv=9&fst=1596258000000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&frm=0&url=https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina&tiba=Hotel%20Ursina%2C%20Ensana%20Health%20Spa%20Hotels&async=1&fmt=3&is_vtc=1&random=511609752&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 05:18:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity Show response
api.triptease.io/identity-service/ 158 B
818 B 263ms
124ms Fetch
application/json 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/identity-service/identity
Requested by: Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01E1Y34NPSQ2D6X1C2HM9S04DY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.195.186.35.bc.googleusercontent.com
Software: nginx/1.11.3 /
Resource Hash: 17e4bd50024f1e8751f49e501d3ca948fae8812664354fc0ccb2a2fce9cd7dcc

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
via: 1.1 google
last-modified: Sat, 01 Aug 2020 05:18:30 GMT
server: nginx/1.11.3
etag: W/eyJ1c2VySWQiOiI5OWM1OTNhZC1lYzRjLTQ0YmQtOWM2Zi0xYjlhZjM0NWYzMDEiLCJzZXNzaW9uSWQiOiI0ZTRmODk0Mi0yZTA5LTQzMDgtOTBmOC1jNjRjZDM3OTg0MDIiLCJ2YWxpZEZyb20iOiIxNTk2MjU5MTEwNjA2In0=
status: 200
p3p: policyref="/p3p/policy.xml", CP="NON DEV PSA IVA IVD HIS OTP OUR OTR IND UNI NAV INT STA PUR"
access-control-allow-origin: https://www.ensanahotels.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
alt-svc: clear
content-length: 158
expires: -1

GET
H/1.1 200
OK kernel-host.html
onboard.triptease.io/kernel/latest/ Frame 5045 0
0 70ms
23ms Document
text/html 151.101.113.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/latest/kernel-host.html?originHost=www.ensanahotels.com

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01E1Y34NPSQ2D6X1C2HM9S04DY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Host: onboard.triptease.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ensanahotels.com/ro/ursina
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina

Response headers

Connection: keep-alive
Content-Length: 203
X-GUploader-UploadID: AAANsUkATAjpPbPwpj5LSZ8bw_i18CiLETMQnVH_-4Y3lkYk_y33x4UAsLl5TrZj_V1PHGeVcgcXe58UE2_eS6wvN_Q
Cache-Control: public, max-age=600
Expires: Fri, 31 Jul 2020 23:29:56 GMT
Last-Modified: Fri, 31 Jul 2020 15:31:42 GMT
ETag: "bddcf39e971d24054da999b988f8dee3"
x-goog-generation: 1596209502174258
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 203
x-goog-meta-git-hash: d6d7557737287928a8318067d44c2eb2d28aeaa1
x-goog-meta-build-version: 2928.24233
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
x-goog-hash: crc32c=tzAWAQ== md5=vdzznpcdJAVNqZm5iPje4w==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Server: UploadServer
Accept-Ranges: bytes
Date: Sat, 01 Aug 2020 05:18:30 GMT
Via: 1.1 varnish
Age: 428
X-Served-By: cache-hhn4031-HHN
X-Cache: HIT
X-Cache-Hits: 5
X-Timer: S1596259111.504779,VS0,VE0
Vary: Accept-Encoding
backend-url: /kernel/v2928.24233/kernel-host.html
pseudo-device-id: 5143d74a0e984ed9832f412ed31647406c7815874d8369987fff9d957903953d
pseudo-session-id: f5a5c6f891905a403494b06e518d20e92929e43d13eb316f02d3b5fcd17f1e39
Strict-Transport-Security: max-age=31557600

GET
H2 200 fpmodule.js Show response
www.zoom-letter.com/admin/fingerprint/ 33 KB
10 KB 50ms
50ms Script
text/html 81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/admin/fingerprint/fpmodule.js?_=1596259109765

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/static/js/scripts.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

12f0e7d8a182cee63e8f102c5a3a47ebba756b3149d88f1bc17db8a404fff270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
server: nginx
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=604800, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 10167

GET
H2 200 258-ce9bfc310d1f.js Show response
cdn.denomatic.com/drs/ 4 KB
2 KB 168ms
8ms Script
application/javascript 2600:9000:214f:be00:f:900d:ef80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.denomatic.com/drs/258-ce9bfc310d1f.js
Requested by: Host: customs.affilired.com
URL: https://customs.affilired.com/track/?merchant=4725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:be00:f:900d:ef80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 71d224c8a7a5736e1bc821020c82962a33f7d92f03d822eb6594b2c92892dc48

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 31 Jul 2020 07:30:24 GMT
content-encoding: gzip
age: 78486
x-cache: Hit from cloudfront
status: 200
content-length: 1217
jb-x-cache: HIT
last-modified: Thu, 30 Jan 2020 12:30:31 GMT
server: nginx
etag: "110c-59d5a9f775661-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: OgXWT59mb70xfugP1S-P61oeLcI1Fv8fx0LeYdrCEJR1axjB3I9WNA==

GET
H2 200 2451462208301390 Show response
connect.facebook.net/signals/config/ 522 KB
132 KB 82ms
81ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2451462208301390?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a72b9155e27ee7a08fd8f0a4bb749240f84bcd35e8d506e469ddacced46ce274

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: tZrU++uRfrYf4HffNrclhibZ4h9Fu0d3LVW+jCkCnUCUrHDrRGP9PwDllbqcl4fzf7JZcWCVhCToyN++ys8uzA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 01 Aug 2020 05:18:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame 325E 286 KB
92 KB 94ms
42ms Script
application/javascript 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=fdf89d8
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48319b8fc3f8116efd14ba55509e26e8f3a8331bd3346c3c311d586a3a52a849

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://www.ensanahotels.com

Response headers

date: Sat, 01 Aug 2020 04:38:52 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2379
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 11 Jun 2020 13:53:21 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 8tWnJJWeg0uH20irmerepF4nxk3C-AH1At5izy2DkH0dIhBvw-lPfQ==

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
6ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=1307686933&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina&ul=en-us&de=UTF-8&dt=Hotel%20Ursina%2C%20Ensana%20Health%20Spa%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEALQ~&jid=528796196&gjid=1394776274&cid=174774114.1596259110&tid=UA-128338515-2&_gid=1297098548.1596259110&gtm=2wg7m1WTGNC2S&cd5=GA1.2.174774114.1596259110&cd8=&cd12=ro&cd13=homepage&cd15=Session%20not%20reached%20BE&z=1332176550

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jul 2020 04:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1989912
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-128338515-2&cid=174774114.1596259110&jid=528796196&gjid=1394776274&_gid=1297098548.1596259110&_u=aGDAgEALQ~&z=1891563895
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128338515-2&cid=174774114.1596259110&jid=528796196&_v=j83&z=1891563895
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128338515-2&cid=174774114.1596259110&jid=528796196&_v=j83&z=1891563895&slf_rd=1&random=2897624865

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128338515-2&cid=174774114.1596259110&jid=528796196&_v=j83&z=1891563895&slf_rd=1&random=2897624865

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 05:18:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 Aug 2020 05:18:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128338515-2&cid=174774114.1596259110&jid=528796196&_v=j83&z=1891563895&slf_rd=1&random=2897624865
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sendfingerprint.php Show response
www.zoom-letter.com/klienti/www-ensanahotels-com/behavior/ajax/ 655 B
687 B 50ms
50ms XHR
text/html 81.95.110.109
GLOBE-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zoom-letter.com/klienti/www-ensanahotels-com/behavior/ajax/sendfingerprint.php?visit%5Burl%5D=aHR0cHM6Ly93d3cuZW5zYW5haG90ZWxzLmNvbS9yby91cnNpbmE%3D&visit%5Btype%5D=cGFnZV92aXNpdA%3D%3D&visit%5Bfp%5D=16dc585aeb85214a383c82e3a6bb86f1&bhvclient=www-ensanahotels-com

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/static/js/scripts.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.95.110.109 , Czech Republic, ASN25234 (GLOBE-AS http://www.active24.cz/, CZ),

Reverse DNS

gds57e.active24.cz

Software

nginx /

Resource Hash

4e069862d70651c33a45f7c64965885d970c5bf45a378b46288db2e8eb5b157c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 05:18:30 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx
status: 200
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 370
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 272118573156927 Show response
connect.facebook.net/signals/config/ 522 KB
133 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/272118573156927?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fcdce5d1f800c952ea9b8212e211b2b888c3f330c93fe921ce5b9aab29b2641b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 7bXc0yPU9mxZ1AzGAsH19cZMvquoLnhdCdvpsoHIyoTdPceMONQYjuYLcv314MGf8TXg0S2jqniDUrtWhzVk7w==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 01 Aug 2020 05:18:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=COShjcqg-eoCFUvnuwgdklQIcA;src=9694721;type=visit0;cat=visit0;u1=visitor;u27=counter;u28=0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19595778820185.328
9694721.fls.doubleclick.net/ Frame CC7C
Redirect Chain

https://9694721.fls.doubleclick.net/activityi;src=9694721;type=visit0;cat=visit0;u1=visitor;u27=counter;u28=0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19595778820185.328?
https://9694721.fls.doubleclick.net/activityi;dc_pre=COShjcqg-eoCFUvnuwgdklQIcA;src=9694721;type=visit0;cat=visit0;u1=visitor;u27=counter;u28=0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;or...

0
0

38ms
38ms

Document
text/html

172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9694721.fls.doubleclick.net/activityi;dc_pre=COShjcqg-eoCFUvnuwgdklQIcA;src=9694721;type=visit0;cat=visit0;u1=visitor;u27=counter;u28=0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19595778820185.328?

Requested by

Host: cdn.denomatic.com
URL: https://cdn.denomatic.com/drs/258-ce9bfc310d1f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9694721.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COShjcqg-eoCFUvnuwgdklQIcA;src=9694721;type=visit0;cat=visit0;u1=visitor;u27=counter;u28=0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19595778820185.328?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensanahotels.com/ro/ursina
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 01 Aug 2020 05:18:30 GMT
expires: Sat, 01 Aug 2020 05:18:30 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 334
x-xss-protection: 0
set-cookie: IDE=AHWqTUnmHkou1oyKPzk21qOCZByXZT0gtZY1_IdMK050WZwwSb05UqbUnug2Qefj; expires=Mon, 01-Aug-2022 05:18:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 01 Aug 2020 05:18:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9694721.fls.doubleclick.net/activityi;dc_pre=COShjcqg-eoCFUvnuwgdklQIcA;src=9694721;type=visit0;cat=visit0;u1=visitor;u27=counter;u28=0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19595778820185.328?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK default.js Show response
onboard.triptease.io/integrations/ 191 KB
47 KB 29ms
29ms Script
application/javascript 151.101.113.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/integrations/default.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01E1Y34NPSQ2D6X1C2HM9S04DY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bd4b85aac9a9a216ee1df1e844eb775a43dc3f6ac4e42afe17cd74607cfa5e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina
Origin: https://www.ensanahotels.com

Response headers

Content-Encoding: gzip
Vary: Accept-Encoding
Age: 451
X-GUploader-UploadID: AAANsUnWcL1htcolCqwuDgGFgCBpE6EdxdwSOE_fok1Dj5GYgsw-T7rcqty7Ic5E6UfqJYu2VkYttwSvowb1IUkmB1s2Qg2Z5w
x-goog-stored-content-encoding: gzip
Connection: keep-alive
x-goog-meta-build-version: 2928.24233
X-Served-By: cache-hhn4054-HHN
X-Timer: S1596259111.699334,VS0,VE0
ETag: "051bfae3c2b3811b1af779d8b432938c"
pseudo-session-id: 36180b6fdaab17263234a34a2e4da6bd329ef3f99c2b7f1690d1d721f7ec433c
x-goog-generation: 1596209577295588
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
Cache-Control: public, max-age=600,no-transform
X-Cache-Hits: 3
Date: Sat, 01 Aug 2020 05:18:30 GMT
Via: 1.1 varnish
x-goog-meta-git-hash: d6d7557737287928a8318067d44c2eb2d28aeaa1
X-Cache: HIT
x-goog-storage-class: MULTI_REGIONAL
backend-url: /integrations/v2928.24233/default.js
x-goog-metageneration: 1
Content-Length: 46696
Last-Modified: Fri, 31 Jul 2020 15:32:57 GMT
Server: UploadServer
Strict-Transport-Security: max-age=31557600
x-goog-hash: crc32c=MHro5g==, md5=BRv648KzgRsa93nYtDKTjA==
pseudo-device-id: 2c7a47f3c2a0ca5c9eadc6a16ca28c1eaaacd90289c16d2c8c2d15081f47e5d7
Expires: Fri, 31 Jul 2020 15:44:18 GMT
x-goog-stored-content-length: 46696
Accept-Ranges: bytes

GET
H2 200 /
www.facebook.com/tr/ 44 B
376 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=371815163769118&ev=PageView&dl=https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina&rl=&if=false&ts=1596259110703&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1596259110702.520653123&it=1596259109994&coo=false&rqm=GET

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 01 Aug 2020 05:18:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
211 B 20ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2451462208301390&ev=PageView&dl=https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina&rl=&if=false&ts=1596259110705&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1596259110702.520653123&it=1596259109994&coo=false&rqm=GET

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 01 Aug 2020 05:18:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
211 B 21ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272118573156927&ev=PageView&dl=https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina&rl=&if=false&ts=1596259110706&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1596259110702.520653123&it=1596259109994&coo=false&rqm=GET

Requested by

Host: www.ensanahotels.com
URL: https://www.ensanahotels.com/ro/ursina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 01 Aug 2020 05:18:30 GMT

GET
H2 200 pixel
bid.g.doubleclick.net/xbbe/ Frame 9D95 0
0 98ms
35ms Document
text/html 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bid.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=KAE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensanahotels.com/ro/ursina
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnmHkou1oyKPzk21qOCZByXZT0gtZY1_IdMK050WZwwSb05UqbUnug2Qefj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 Aug 2020 05:18:30 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
2 KB 28ms
27ms Image
image/png 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 29 Jun 2020 01:25:02 GMT
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 13:53:21 GMT
server: AmazonS3
age: 2865209
etag: "2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1283
x-amz-cf-id: zvnzhHdymn0wk8nRfeszvAT7tCQ7-8Ucme9vkr59ixo1EA0pY9UU0A==

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 28ms
27ms Image
image/png 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 03:48:09 GMT
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 13:53:22 GMT
server: AmazonS3
age: 3029422
etag: "35ce74c31e3ef54462a234340af702d7"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: N2QOhLHTmI-hZ-Eosz4UQxSxLECKxVip4V5Hjk8HAnGpTLLGuiFasw==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
620 B 28ms
27ms Image
image/png 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 29 Jun 2020 02:55:19 GMT
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 13:53:21 GMT
server: AmazonS3
age: 2859792
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 277
x-amz-cf-id: Vl3JlxqBEiMmcOJgm2CK9QUWRqMEUfNeBM-FaK1l5ykEJjr4-hlZZQ==

GET
H2 200 collect
www.google-analytics.com/ 35 B
90 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=1307686933&t=timing&_s=2&dl=https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina&ul=en-us&de=UTF-8&dt=Hotel%20Ursina%2C%20Ensana%20Health%20Spa%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1695&pdt=15&dns=37&rrt=1&srt=144&tcp=73&dit=716&clt=716&_gst=787&_gbt=869&_cst=359&_cbt=727&_u=aHDAiEALR~&jid=&gjid=&cid=174774114.1596259110&tid=UA-128338515-2&_gid=1297098548.1596259110&gtm=2wg7m1WTGNC2S&cd5=GA1.2.174774114.1596259110&cd8=&cd12=ro&cd13=homepage&cd15=Session%20not%20reached%20BE&z=1890476026

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jul 2020 04:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1989912
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK analytics.js Show response
onboard.triptease.io/ 20 KB
7 KB 23ms
23ms Script
application/javascript 151.101.113.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/analytics.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/integrations/default.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fd5518a930a1416626dd2852e0bfea2d81c23dfe090d356ddff170fc2721d363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina
Origin: https://www.ensanahotels.com

Response headers

Content-Encoding: gzip
Vary: Accept-Encoding
Age: 341
X-GUploader-UploadID: AAANsUkxpH2ZIj1B1tNTh_QR_dO9ffeIH15uFsyO_T0rWwJpN1gWhDeuA3i-YAW6wB3QiMRmOWw_FDCbm7eMXbgU5MChMjLMpg
x-goog-stored-content-encoding: gzip
Connection: keep-alive
x-goog-meta-build-version: 2928.24233
X-Served-By: cache-hhn4054-HHN
X-Timer: S1596259111.999422,VS0,VE0
ETag: "2f6fa613817418313b860f0c029d04ff"
pseudo-session-id: 36180b6fdaab17263234a34a2e4da6bd329ef3f99c2b7f1690d1d721f7ec433c
x-goog-generation: 1596209464971930
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
Cache-Control: public, max-age=600,no-transform
X-Cache-Hits: 3
Date: Sat, 01 Aug 2020 05:18:30 GMT
Via: 1.1 varnish
x-goog-meta-git-hash: d6d7557737287928a8318067d44c2eb2d28aeaa1
X-Cache: HIT
x-goog-storage-class: MULTI_REGIONAL
backend-url: /analytics/v2928.24233/analytics.js
x-goog-metageneration: 1
Content-Length: 6110
Last-Modified: Fri, 31 Jul 2020 15:31:04 GMT
Server: UploadServer
Strict-Transport-Security: max-age=31557600
x-goog-hash: crc32c=XSc9Qw==, md5=L2+mE4F0GDE7hg8MAp0E/w==
pseudo-device-id: 2c7a47f3c2a0ca5c9eadc6a16ca28c1eaaacd90289c16d2c8c2d15081f47e5d7
Expires: Fri, 31 Jul 2020 23:40:34 GMT
x-goog-stored-content-length: 6110
Accept-Ranges: bytes

GET
H2 200 paperboy.js Show response
static.triptease.io/paperboy/latest/ 199 KB
60 KB 97ms
25ms Script
application/javascript 151.101.113.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.triptease.io/paperboy/latest/paperboy.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/integrations/default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.182 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c9b3714d140d29f1329c247b5433735e6e6978e0111bc7cd2b0d1f849c155150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina
Origin: https://www.ensanahotels.com

Response headers

content-encoding: gzip
vary: Accept-Encoding
age: 25
x-guploader-uploadid: AAANsUlpCGaNZM7ATgGIc6QEjGYjcuFn__XOB-CYVVNSr0yx-UEivYTSzyeGXxckoqAdKZ0Blyr9ti7xdtmQyquES5sYtb4g3Q
status: 200
x-goog-stored-content-encoding: gzip
x-goog-meta-build-version: 1839.767
x-served-by: cache-hhn4070-HHN
x-timer: S1596259111.072418,VS0,VE1
etag: "e34294e4c103c266eb08b13b7803c676"
pseudo-session-id: 7fc8215af39e079d978a3946cd53da9ccab8ad652f2471015d52a2d34342dc44
x-goog-generation: 1595932881880649
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=600,no-transform
x-cache-hits: 1
date: Sat, 01 Aug 2020 05:18:31 GMT
via: 1.1 varnish
x-goog-meta-git-hash: b443b6606df7377300231b61448750a969381e89
x-cache: HIT
x-goog-storage-class: STANDARD
backend-url: /paperboy/v1839.767/paperboy.js
x-goog-metageneration: 1
content-length: 60486
last-modified: Tue, 28 Jul 2020 10:41:21 GMT
server: UploadServer
strict-transport-security: max-age=31557600
x-goog-hash: crc32c=A1Us1Q==, md5=40KU5MEDwmbrCLE7eAPGdg==
pseudo-device-id: 2c7a47f3c2a0ca5c9eadc6a16ca28c1eaaacd90289c16d2c8c2d15081f47e5d7
expires: Tue, 28 Jul 2020 10:55:28 GMT
x-goog-stored-content-length: 60486
surrogate-key-debug: paperboy paperboy-paperboy paperboy-js
accept-ranges: bytes

GET
H2 200 bootstrap-message-engine.js Show response
static.triptease.io/message-porter/dist/ 135 KB
43 KB 97ms
24ms Script
application/javascript 151.101.113.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/integrations/default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.182 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ae395910db70e7e56ce4f47b78033388bdcb7caf52a0d4ff3d230fba8b9f4dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina
Origin: https://www.ensanahotels.com

Response headers

content-encoding: gzip
vary: Accept-Encoding
age: 25
x-guploader-uploadid: AAANsUkdaTRxPSqUT2by0RLIQrMKx2v_GexZOpM_xcp2HCMJqx1Wv7xtwXxxwvkZcjG0VpBTCDGm7LuHqFKGppLUAA
status: 200
x-goog-stored-content-encoding: identity
x-served-by: cache-hhn4070-HHN
x-timer: S1596259111.072403,VS0,VE1
etag: "1a422e8658f69ee5269f4c0f93f41eb7"
pseudo-session-id: 7fc8215af39e079d978a3946cd53da9ccab8ad652f2471015d52a2d34342dc44
x-goog-generation: 1594743257311205
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, Surrogate-Control=86400, max-age=600
x-cache-hits: 1
date: Sat, 01 Aug 2020 05:18:31 GMT
via: 1.1 varnish
x-goog-meta-goog-reserved-file-mtime: 1594742971
x-cache: HIT
x-goog-storage-class: STANDARD
backend-url: /message-porter/dist/bootstrap-message-engine.js
x-goog-metageneration: 2
content-length: 42783
last-modified: Tue, 14 Jul 2020 16:14:17 GMT
server: UploadServer
strict-transport-security: max-age=31557600
x-goog-hash: crc32c=VGqmDg==, md5=GkIuhlj2nuUmn0wPk/Qetw==
pseudo-device-id: 2c7a47f3c2a0ca5c9eadc6a16ca28c1eaaacd90289c16d2c8c2d15081f47e5d7
expires: Tue, 14 Jul 2020 16:24:22 GMT
x-goog-stored-content-length: 138353
surrogate-key-debug: message-porter message-porter-bootstrap-message-engine message-porter-js
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.js Show response
static-meta.triptease.io/client/ 50 KB
16 KB 97ms
25ms Script
text/plain 151.101.113.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-meta.triptease.io/client/main.js
Requested by: Host: onboard.triptease.io
URL: https://onboard.triptease.io/integrations/default.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.182 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 562c564811d314df2909abe92bb378220b78fd21b61f21dca30cfb2ac36431fa

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina
Origin: https://www.ensanahotels.com

Response headers

date: Sat, 01 Aug 2020 05:18:31 GMT
via: 1.1 google, 1.1 varnish
age: 2176
x-envoy-upstream-healthchecked-cluster: client.management
x-cache: HIT
status: 200
x-envoy-upstream-service-time: 3
content-encoding: gzip
content-length: 15674
x-served-by: cache-hhn4022-HHN
server: istio-envoy
x-timer: S1596259111.072830,VS0,VE0
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600,stale-while-revalidate=1800
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK application.js Show response
b.triptease.io/ 3 KB
3 KB 84ms
23ms Script
application/javascript 151.101.113.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://b.triptease.io/application.js
Requested by: Host: onboard.triptease.io
URL: https://onboard.triptease.io/integrations/default.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 899e2905d6a605e8eddaf1856524669210deccd096983e02f34355e4b07c28b2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina
Origin: https://www.ensanahotels.com

Response headers

Date: Sat, 01 Aug 2020 05:18:31 GMT
Via: 1.1 google, 1.1 varnish
Age: 364
X-Served-By: cache-hhn4037-HHN
X-Cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1596259111.062106,VS0,VE0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
Content-Length: 2996
X-Cache-Hits: 52

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 25ms
25ms Stylesheet
text/css 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=fdf89d8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 13:53:26 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 13:53:21 GMT
server: AmazonS3
age: 4375507
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: rt8emxd27M4yNeXGd2go2hvyFLGWtg2LyMChRDFXdIBfmksfW7t6Ew==
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)

GET
BLOB 200
OK cac0b6d2-f09a-4127-adc9-b23da929206d
https://www.ensanahotels.com/ Frame 325E 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ensanahotels.com/cac0b6d2-f09a-4127-adc9-b23da929206d
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=fdf89d8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK 49366ab0-d953-4728-872f-8231803b5b90
https://www.ensanahotels.com/ Frame 325E 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ensanahotels.com/49366ab0-d953-4728-872f-8231803b5b90
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=fdf89d8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83c9688107b373823973bcf48dd284bfbca6d5c23153b86bbd8512cec1404a3d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31224

GET
H/1.1 200
OK client-side-helpers
b.triptease.io/ Frame 8683 0
0 69ms
24ms Document
text/html 151.101.113.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://b.triptease.io/client-side-helpers?apiKey=undefined&origin=https://www.ensanahotels.com
Requested by: Host: b.triptease.io
URL: https://b.triptease.io/application.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: b.triptease.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ensanahotels.com/ro/ursina
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: triptease-session-id=4e4f8942-2e09-4308-90f8-c64cd3798402; triptease-user-id=99c593ad-ec4c-44bd-9c6f-1b9af345f301
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
Via: 1.1 google 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 01 Aug 2020 05:18:31 GMT
Age: 2144
X-Served-By: cache-hhn4056-HHN
X-Cache: HIT
X-Cache-Hits: 6
X-Timer: S1596259111.238995,VS0,VE0

GET
H/1.1 200
OK /
b.triptease.io/ Frame 1345 0
0 192ms
145ms Document
text/html 151.101.113.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://b.triptease.io/?apikey=undefined&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=99c593ad-ec4c-44bd-9c6f-1b9af345f301
Requested by: Host: b.triptease.io
URL: https://b.triptease.io/application.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: b.triptease.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ensanahotels.com/ro/ursina
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: triptease-session-id=4e4f8942-2e09-4308-90f8-c64cd3798402; triptease-user-id=99c593ad-ec4c-44bd-9c6f-1b9af345f301
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina

Response headers

Connection: keep-alive
Content-Length: 93
cache-control: max-age=600
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
Via: 1.1 google 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 01 Aug 2020 05:18:31 GMT
Age: 0
X-Served-By: cache-hhn4072-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1596259111.240083,VS0,VE122

GET
H2 200 01E1Y34MNG1SYPTXV58 Show response
static.triptease.io/config-service/config/ 189 B
461 B 23ms
23ms XHR
application/json 151.101.113.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.triptease.io/config-service/config/01E1Y34MNG1SYPTXV58?merged=true&languages=ro%2Cen

Requested by

Host: static.triptease.io
URL: https://static.triptease.io/paperboy/latest/paperboy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.182 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

b7dffc8e7c98287e9abe0f6276342e645990ca71c892bb56dc1b43214e1cae68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:31 GMT
via: 1.1 google, 1.1 varnish
vary: Accept-Encoding
age: 11819
x-cache: HIT
status: 200
backend-url: /config-service/config/01E1Y34MNG1SYPTXV58?merged=true&languages=ro%2Cen
content-encoding: gzip
content-length: 162
pseudo-session-id: 7fc8215af39e079d978a3946cd53da9ccab8ad652f2471015d52a2d34342dc44
x-served-by: cache-hhn4070-HHN
server: nginx/1.11.3
x-timer: S1596259111.196095,VS0,VE1
strict-transport-security: max-age=31557600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
surrogate-key-debug: config-service config-service-01E1Y34MNG1SYPTXV58 config-service-?merged=true&languages=ro%2Cen
accept-ranges: bytes
pseudo-device-id: 2c7a47f3c2a0ca5c9eadc6a16ca28c1eaaacd90289c16d2c8c2d15081f47e5d7
x-cache-hits: 1

POST
H2 200 event
api.triptease.io/zappy/ 0
124 B 137ms
137ms Other
text/plain 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/zappy/event?eventType=PageStart
Requested by: Host: static.triptease.io
URL: https://static.triptease.io/paperboy/latest/paperboy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.195.186.35.bc.googleusercontent.com
Software: nginx/1.11.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 01 Aug 2020 05:18:31 GMT
via: 1.1 google
server: nginx/1.11.3
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ensanahotels.com
alt-svc: clear
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
109 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryi3HesTvt3atMK1CH

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 01 Aug 2020 05:18:31 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.ensanahotels.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7yBqykVXAgLqusy6

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 01 Aug 2020 05:18:31 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.ensanahotels.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAYdjM6JkkTMrAY0t

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 01 Aug 2020 05:18:31 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.ensanahotels.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 event
api.triptease.io/zappy/ 0
43 B 130ms
130ms Other
text/plain 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/zappy/event?eventType=PageOpen&eventType1=AppEvent&eventName1=Page%20Metrics&eventAppName1=spaceInvaders
Requested by: Host: static.triptease.io
URL: https://static.triptease.io/paperboy/latest/paperboy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.195.186.35.bc.googleusercontent.com
Software: nginx/1.11.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 01 Aug 2020 05:18:31 GMT
via: 1.1 google
server: nginx/1.11.3
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ensanahotels.com
alt-svc: clear
content-length: 0

GET
H2 200 storageIframe.html
static.triptease.io/message-porter/dist/ Frame 8F80 0
0 73ms
25ms Document
text/html 151.101.113.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.triptease.io/message-porter/dist/storageIframe.html

Requested by

Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.182 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

:method: GET
:authority: static.triptease.io
:scheme: https
:path: /message-porter/dist/storageIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensanahotels.com/ro/ursina
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: triptease-session-id=4e4f8942-2e09-4308-90f8-c64cd3798402; triptease-user-id=99c593ad-ec4c-44bd-9c6f-1b9af345f301
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensanahotels.com/ro/ursina

Response headers

status: 200
x-guploader-uploadid: AAANsUkB7tJARqnURsYXX7UZhae7h6QBrnntlFnbdKCH_BDQ6p1XQL_3Xxyr--JC98mvVc45b3sDDjUgLBr0hfMWl60
cache-control: public, Surrogate-Control=86400, max-age=600
expires: Sat, 01 Aug 2020 02:26:51 GMT
last-modified: Wed, 17 Jun 2020 15:29:52 GMT
etag: "28c1512e0ab48e1743c1b601423d1e55"
x-goog-generation: 1592407792271429
x-goog-metageneration: 32
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4973
x-goog-meta-goog-reserved-file-mtime: 1592407707
content-type: text/html
x-goog-hash: crc32c=z6zvgQ== md5=KMFRLgq0jhdDwbYBQj0eVQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
content-encoding: gzip
accept-ranges: bytes
date: Sat, 01 Aug 2020 05:18:33 GMT
via: 1.1 varnish
age: 25
x-served-by: cache-hhn4037-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1596259113.257684,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
backend-url: /message-porter/dist/storageIframe.html
pseudo-device-id: 5143d74a0e984ed9832f412ed31647406c7815874d8369987fff9d957903953d
pseudo-session-id: 3130ce0bf424af4fa8d78a9471f18894d7835f7a7c81b366c460cb90d07cc22e
surrogate-key-debug: message-porter message-porter-storageIframe message-porter-html
timing-allow-origin: *
content-length: 1772

GET
H2 200 messages Show response
messages.guest-experience.triptease.io/01E1Y34MNG1SYPTXV58/ 110 B
462 B 771ms
667ms Fetch
application/json 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://messages.guest-experience.triptease.io/01E1Y34MNG1SYPTXV58/messages?language=ro
Requested by: Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 690afdb5eefef99ce82aa09af376e3624b3fca77250e3cdef7f9b2bd9571ef9a

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 05:18:34 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200
x-city: kaiseraugst
content-length: 110
x-served-by: cache-hhn4039-HHN
access-control-allow-origin: https://www.ensanahotels.com
server: Google Frontend
vary: Origin
content-type: application/json; charset=utf-8
x-region-code: AG
access-control-expose-headers: X-Country-Code, X-Region-Code
cache-control: no-cache,max-age=0
access-control-allow-credentials: true
tt_host: messages.guest-experience.triptease.io
accept-ranges: bytes
x-country-code: CH
x-cache-hits: 0

POST
H2 200 event
api.triptease.io/zappy/ 0
43 B 131ms
131ms Other
text/plain 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/zappy/event?eventName=load&eventAppName=messageEngine
Requested by: Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.195.186.35.bc.googleusercontent.com
Software: nginx/1.11.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 01 Aug 2020 05:18:34 GMT
via: 1.1 google
server: nginx/1.11.3
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ensanahotels.com
alt-svc: clear
content-length: 0

POST
H2 200 event
api.triptease.io/zappy/ 0
43 B 132ms
132ms Other
text/plain 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/zappy/event?eventName=propensityToConvert&eventAppName=messageEngine
Requested by: Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.195.186.35.bc.googleusercontent.com
Software: nginx/1.11.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ensanahotels.com/ro/ursina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 01 Aug 2020 05:18:34 GMT
via: 1.1 google
server: nginx/1.11.3
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ensanahotels.com
alt-svc: clear
content-length: 0

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 04:55:31	Name: IDE Value: AHWqTUnmHkou1oyKPzk21qOCZByXZT0gtZY1_IdMK050WZwwSb05UqbUnug2Qefj
.ensanahotels.com/	1970-01-19 15:43:31	Name: __lotl Value: https%3A%2F%2Fwww.ensanahotels.com%2Fro%2Fursina
.triptease.io/	1970-01-19 20:09:55	Name: triptease-user-id Value: 99c593ad-ec4c-44bd-9c6f-1b9af345f301
.ensanahotels.com/	1970-01-19 11:24:19	Name: _lorid Value: 182787-1596259110207-001af4e3f94eb0aa
.ensanahotels.com/	1970-01-19 20:09:55	Name: _lo_v Value: 1
.ensanahotels.com/	1970-01-20 04:55:31	Name: _lo_uid Value: 182787-1596259110207-ddbdab34ac4929fe
.ensanahotels.com/	1970-01-19 11:25:45	Name: _gid Value: GA1.2.1297098548.1596259110
www.ensanahotels.com/	1970-01-19 11:24:44	Name: triptease-identity-data Value: eyJzZXNzaW9uSWQiOiI0ZTRmODk0Mi0yZTA5LTQzMDgtOTBmOC1jNjRjZDM3OTg0MDIiLCJ1c2VySWQiOiI5OWM1OTNhZC1lYzRjLTQ0YmQtOWM2Zi0xYjlhZjM0NWYzMDEiLCJpc0ZyZXNoVXNlciI6dHJ1ZSwiaXNGcmVzaFNlc3Npb24iOnRydWV9
.ensanahotels.com/	1970-01-20 04:55:31	Name: _ga Value: GA1.2.174774114.1596259110
.ensanahotels.com/	1970-01-19 13:33:55	Name: _fbp Value: fb.1.1596259110702.520653123
.ensanahotels.com/	1970-01-19 11:24:19	Name: _dc_gtm_UA-128338515-2 Value: 1
.triptease.io/	1970-01-19 11:24:47	Name: triptease-session-id Value: 4e4f8942-2e09-4308-90f8-c64cd3798402
www.ensanahotels.com/ro	1970-01-21 07:12:19	Name: tt-domain-user-id Value: 8d7dc2ce-49c0-40a9-9613-99baaf733bd7

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zoom-letter.com/admin/fingerprint/fpmodule.js(Line 1) Message: Skipping WebGL fingerprinting because it is not supported in this browser
console-api	log	URL: https://www.zoom-letter.com/plugins/popupdesigner/popupdesigner.js?t=9f76e03f5c2d232ca564a87b629bdf7d43ba4041(Line 116) Message: [ZL - PopupDesigner] - Engine loaded
console-api	log	URL: https://www.zoom-letter.com/admin/fingerprint/fpmodule.js(Line 1) Message: Skipping WebGL fingerprinting because it is not supported in this browser
console-api	log	URL: https://www.zoom-letter.com/admin/fingerprint/fpmodule.js?_=1596259109765(Line 1) Message: Skipping WebGL fingerprinting because it is not supported in this browser
console-api	log	URL: https://www.zoom-letter.com/plugins/popupdesigner/popupdesigner.js?t=9f76e03f5c2d232ca564a87b629bdf7d43ba4041(Line 281) Message: PopupDesigner - Popup not found : response.info: no-result

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9694721.fls.doubleclick.net
api.triptease.io
b.triptease.io
bid.g.doubleclick.net
c.imedia.cz
cdn.denomatic.com
connect.facebook.net
customs.affilired.com
d10lpsik1i8c69.cloudfront.net
googleads.g.doubleclick.net
messages.guest-experience.triptease.io
onboard.triptease.io
settings.luckyorange.net
static-meta.triptease.io
static.triptease.io
stats.g.doubleclick.net
www.bugherd.com
www.ensanahotels.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.zoom-letter.com
104.26.11.16
143.204.201.13
143.204.208.219
151.101.113.182
151.101.113.62
151.101.114.133
172.217.22.6
172.217.23.98
2600:9000:214f:be00:f:900d:ef80:93a1
2a00:1450:4001:801::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2002
2a00:1450:4001:816::2008
2a00:1450:4001:816::200e
2a00:1450:400c:c06::9a
2a02:598:a::79:33
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.197.140.245
35.186.195.233
5.132.161.168
74.125.133.157
81.95.110.109
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0627b878966e3e508c0f2eda36b2926f796799f9acbd03f77c00c33863067d71
091bb0de0a818620d0fa529df0edee88a5ac2244b5396edbac0a527035cf4af7
0df7a095c56c4a737e6617b503bcc0ac98bca6f9b86775c9d2e3a9cfb7f4297f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11794537bf90083647a51b2063005e3efbc692a7f670914429b52593ca4bac34
12f0e7d8a182cee63e8f102c5a3a47ebba756b3149d88f1bc17db8a404fff270
142fb2e83b47098f7fa57468ff034a0b45d89a46a30b3d9bf1d41551bd125086
17e4bd50024f1e8751f49e501d3ca948fae8812664354fc0ccb2a2fce9cd7dcc
21b0d4b57efa40485db7b759cad39c2ec9e802d99ef78eeeada712a502e1aa5f
23750e2bb5341524bbc6ebaccca185170d6a0cae9110b8cd3f07eb99e7a22bf9
2e32f4f1dbd355b89034d6e4357d6a77c8c032f363ca1a57c317bc1bd8540a1e
30f5265e376fd44a6d8f4adcc9d4a657b59c6880e5cfc25beb9728942a567418
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3a59326e42d42946ace3ac7200017e3ca340a76f5e53dc8b04afea6acf76e422
3aa478151ff62b7db8522cbbff1a0dea359f74f6b3e661dd8f7c5c1139ab1a1f
3f313484ef27d1e5b28ed8c7efc897d34a7f2cc1612da28da17f7368d2b0831e
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
48319b8fc3f8116efd14ba55509e26e8f3a8331bd3346c3c311d586a3a52a849
4892dc214108cf456e26332e2f373f49e0437474fdeb715a73c523482e879776
4e069862d70651c33a45f7c64965885d970c5bf45a378b46288db2e8eb5b157c
51a36b6a11a9dc97622ec5bed03dd0b12feec726a6153338a39183f74699b035
523e1c8dd661c83187a7b832a6fcf49756606ab59baeb1d6408e2bea334af228
528240420dedd03c508141f501169017954b9724ca8334ccf96582ecdad4f5e2
54447ea920835eac92e0c473a95164985d7376b5b9cbefe41924df76ec5bccff
562c564811d314df2909abe92bb378220b78fd21b61f21dca30cfb2ac36431fa
5aa241beb08443f0dfcabfe8404bc82f62e06e32e720bdcff6633a648829b9b9
63c55736a245e5fa5e0484b4693d43e171941143fcbdb34d3aa8d4cfd6160c9d
6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975
690afdb5eefef99ce82aa09af376e3624b3fca77250e3cdef7f9b2bd9571ef9a
70538b931f9505fc254a91093876345de4025b30b0cdb080a72d68643b202b7e
7113a90a22165f6a3bb7e67df61bd7162bb1623f177a0c02bae78df5100d3c6d
71d224c8a7a5736e1bc821020c82962a33f7d92f03d822eb6594b2c92892dc48
81123412fd56490127d3559000b60e772d4ca5c1e986cf63db569e0ca5d02245
82e4214c8d35477848dedbb2f3ac78928ae0624d27373f97932d05290a048eea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c9688107b373823973bcf48dd284bfbca6d5c23153b86bbd8512cec1404a3d
87941a04bf85c338ac1eaa9f69ead434fe671c61985b2038de06b35994c7ec0d
899e2905d6a605e8eddaf1856524669210deccd096983e02f34355e4b07c28b2
8a71646996e8df345edcd82df30a0778b3d348350a52bf8a96c176b3c7eb1a6f
8b6e43c7d8149628706b91086194e19701606881ba059dd9b3380c9f4cb52bda
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8d0d0a51ddf42e560ac09dd5556dff7bacce74c17f6ff9484bcf550a59482df4
913ce2a1baa91611e8a4829a7b8a696197aa5590bfd85e90a5b8c1113b505b3f
945e35067bb7b21856d6e276646aad4d45da2a369fa6481b01e231e52d5040c6
956bfa61f24542458b445af4d88c310fe60504991b4c85652f098ba5fe2182d8
972113b035059c4249dc6879a6c7d8ccb4a107b9d46c51c3d5f0429496980200
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
9c3f1d09e28e88573105620d3ff796cbf2f80d2dc3fd158ae941149b3bbe031e
9de1c66f05202004cee7f0027090d2b83f35c17aad9194b4e3167b130276ac57
9efd2f4ac6ac8a07021df23c7c42e04bae590b231013bac15a70e3a041529930
a0ad9ea15f682280df7d61d146435e6954f235f0bf9e4a783d0eeb65d1ed8400
a12e4a7932ca5978a066d2e6981cea191885d3a3f0f086b5196e11ea34b7ccfa
a72b9155e27ee7a08fd8f0a4bb749240f84bcd35e8d506e469ddacced46ce274
ae395910db70e7e56ce4f47b78033388bdcb7caf52a0d4ff3d230fba8b9f4dd2
b512038b04216c90352baeada27b09de463a595dcdc5e20ea3a9ab50d9259e71
b730ba9d3efd805fe1700a108bb501c6c1b350cef60b053cc6f0ce7bf69b029a
b7d7ab71d5664b67069820393abb1aef86a50552903684e26f84c945c503d55c
b7dffc8e7c98287e9abe0f6276342e645990ca71c892bb56dc1b43214e1cae68
bd4b85aac9a9a216ee1df1e844eb775a43dc3f6ac4e42afe17cd74607cfa5e25
c29a550e371e8636f4ec6a1c2727581212f2afa4e662fbd8b4989f99d1a0f7e2
c5aeadda61522e4b2914118fa2e1a67169fda859a61cfbe0839ac51866770c85
c7318aa4c013792bd75d48c82661fd2ad2d640cb0d5969b551753c750231af6c
c9b3714d140d29f1329c247b5433735e6e6978e0111bc7cd2b0d1f849c155150
d5e6e6b0fbb2028b97420aef10bb225fa44cfc18d90ddfcf811e18bd43ee48c9
d81b05d0b2894ad14b4f3cbd3de7b9b3e44b2364d3d712be66f5e1e828db22af
d85f0f149b4390bed6624bc30ca2cbfa37d394f14474fcf81d63363ad363e284
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cd903289874d5cdd11900f74f1cb62ca6f39338bb3590f7d0ceb0d2fe02c8c
edf2c2614a894c0acfbbbeb435a4f941eee782177a43a82f400a9264697e023e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae8a06e2c2688ba0844bf43025c26e2b49b781674d6a7cd0d63c27493620b6
f2a29e0390be4b80096455fd1e9e431ccb9c08e1cff63308709082e3dfbf576f
f5decc210dbe7320771b5ddf86e95be8c6d74d09ac53ab756d4bebcca49c5d3f
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fcdce5d1f800c952ea9b8212e211b2b888c3f330c93fe921ce5b9aab29b2641b
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd5518a930a1416626dd2852e0bfea2d81c23dfe090d356ddff170fc2721d363
fe1591e3534594f770789ebbf62b4d8657f735f87f8576fe8dca2d807b4d7079

www.ensanahotels.com Open in urlscan Pro 5.132.161.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

100 Requests

98 %HTTPS

43 %IPv6

17 Domains

25 Subdomains

23 IPs

6 Countries

1967 kBTransfer

5928 kBSize

13 Cookies

8 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ensanahotels.com Open in urlscan Pro
5.132.161.168 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

98 %
HTTPS

43 %
IPv6

17
Domains

25
Subdomains

23
IPs

6
Countries

1967 kB
Transfer

5928 kB
Size

13
Cookies

100 HTTP transactions
0 data transactions