www.theoriginalshotels.com Open in urlscan Pro
104.17.182.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://theoriginalshotels.com/
Effective URL:
https://www.theoriginalshotels.com/
Submission Tags: tranco_l324
Submission: On March 26 via api (March 26th 2024, 7:59:25 am UTC) from DE — Scanned from DE

Summary HTTP 125 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 26 domains to perform 125 HTTP transactions. The main IP is 104.17.182.58, located in and belongs to CLOUDFLARENET, US. The main domain is www.theoriginalshotels.com. The Cisco Umbrella rank of the primary domain is 674521.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2024. Valid for: 10 months.

This is the only time www.theoriginalshotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.68.182.72 54.68.182.72	16509 (AMAZON-02) (AMAZON-02)
1 34	104.17.182.58 104.17.182.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.72.159 172.67.72.159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.186.58 104.17.186.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	104.17.184.58 104.17.184.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	18.158.239.145 18.158.239.145	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:89b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	89.185.38.89 89.185.38.89	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
2	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2 4	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	13.39.154.38 13.39.154.38	16509 (AMAZON-02) (AMAZON-02)
1	152.199.22.228 152.199.22.228	15133 (EDGECAST) (EDGECAST)
5	104.126.37.144 104.126.37.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2 4	195.54.48.25 195.54.48.25	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
2	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
2 4	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
5	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	95.131.137.7 95.131.137.7	47841 (OXALIDE) (OXALIDE)
1	35.214.241.248 35.214.241.248	15169 (GOOGLE) (GOOGLE)
1 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	37.157.2.250 37.157.2.250	198622 (ADFORM) (ADFORM)
1 2	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1	51.158.28.82 51.158.28.82	12876 (Online SAS) (Online SAS)
1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	37.157.2.230 37.157.2.230	198622 (ADFORM) (ADFORM)
2 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
125	37

1 54.68.182.72 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-182-72.us-west-2.compute.amazonaws.com

theoriginalshotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 104.17.182.58 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.theoriginalshotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.72.159 (United States)

ASN13335 (CLOUDFLARENET, US)

app.secureprivacy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.186.58 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.17.184.58 (None, )

ASN13335 (CLOUDFLARENET, US)

image-tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.239.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-239-145.eu-central-1.compute.amazonaws.com

tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:89b::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.185.38.89 (Saint-Ouen, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

u.logbor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

10140364.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8741099.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.39.154.38 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-39-154-38.eu-west-3.compute.amazonaws.com

tag.zebestof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.228 (United States)

ASN15133 (EDGECAST, US)

cstatic.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.144 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-144.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.54.48.25 (France) 2 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: aub-collect-lb-c03-01-vip.weborama.fr

activationtheoriginals.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.82 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.131.137.7 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net

vu.adschoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.241.248 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 248.241.214.35.bc.googleusercontent.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.250 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.10.47 (Bad Muenstereifel, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.28.82 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: online-prod.ipsfailover.com

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.230 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	theoriginalshotels.com 2 redirects theoriginalshotels.com — Cisco Umbrella Rank: 632013 www.theoriginalshotels.com — Cisco Umbrella Rank: 674521	642 KB
24	galaxy.tf cdn.galaxy.tf — Cisco Umbrella Rank: 168093 image-tc.galaxy.tf — Cisco Umbrella Rank: 127863 tc.galaxy.tf — Cisco Umbrella Rank: 180721	7 MB
10	doubleclick.net 4 redirects 10140364.fls.doubleclick.net 8741099.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 203 cm.g.doubleclick.net — Cisco Umbrella Rank: 341 ad.doubleclick.net — Cisco Umbrella Rank: 185	2 KB
7	sojern.com static.sojern.com — Cisco Umbrella Rank: 16987 pixel.sojern.com — Cisco Umbrella Rank: 11078	198 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 108	623 KB
5	adform.net 3 redirects track.adform.net — Cisco Umbrella Rank: 4762 s2.adform.net — Cisco Umbrella Rank: 7233 c1.adform.net — Cisco Umbrella Rank: 850	33 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 833	148 KB
5	weborama.fr 2 redirects cstatic.weborama.fr — Cisco Umbrella Rank: 30277 activationtheoriginals.solution.weborama.fr	4 KB
4	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 800 ib.adnxs.com — Cisco Umbrella Rank: 369	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1803	21 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 246	78 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2156 www.google.com — Cisco Umbrella Rank: 5 adservice.google.com — Cisco Umbrella Rank: 191	180 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	394 B
2	ad-srv.net 1 redirects ad.ad-srv.net — Cisco Umbrella Rank: 43295	517 B
2	adschoom.com vu.adschoom.com — Cisco Umbrella Rank: 498603	1 KB
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1124	628 B
2	google.de www.google.de — Cisco Umbrella Rank: 4335	126 B
2	zebestof.com tag.zebestof.com — Cisco Umbrella Rank: 389021	4 KB
2	logbor.com u.logbor.com — Cisco Umbrella Rank: 194725	5 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1202	20 KB
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 938 match.adsrvr.org — Cisco Umbrella Rank: 530	297 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 112	3 KB
1	cookieless-data.com js.cookieless-data.com — Cisco Umbrella Rank: 109619	2 KB
1	creative-serving.com ads.creative-serving.com — Cisco Umbrella Rank: 5548	1 KB
1	secureprivacy.ai app.secureprivacy.ai — Cisco Umbrella Rank: 100938	4 KB
0	redintelligence.net Failed hal9000.redintelligence.net — Cisco Umbrella Rank: 30307 Failed
125	26

	Domain	Requested by
34	www.theoriginalshotels.com	1 redirects www.theoriginalshotels.com
21	image-tc.galaxy.tf	www.theoriginalshotels.com
7	www.googletagmanager.com	www.theoriginalshotels.com www.googletagmanager.com
5	pixel.sojern.com	static.sojern.com www.theoriginalshotels.com
5	analytics.tiktok.com	www.theoriginalshotels.com analytics.tiktok.com
4	activationtheoriginals.solution.weborama.fr	2 redirects cstatic.weborama.fr
4	connect.facebook.net	www.theoriginalshotels.com connect.facebook.net
3	secure.adnxs.com	1 redirects www.theoriginalshotels.com u.logbor.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.facebook.com	www.theoriginalshotels.com
2	ad.doubleclick.net	2 redirects
2	c1.adform.net	2 redirects
2	cm.g.doubleclick.net	www.theoriginalshotels.com
2	ad.ad-srv.net	1 redirects u.logbor.com
2	track.adform.net	1 redirects track.adform.net
2	vu.adschoom.com	www.theoriginalshotels.com vu.adschoom.com
2	ct.pinterest.com	s.pinimg.com
2	www.google.de	www.theoriginalshotels.com
2	stats.g.doubleclick.net	www.theoriginalshotels.com www.google-analytics.com
2	8741099.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	static.sojern.com	www.googletagmanager.com www.theoriginalshotels.com static.sojern.com
2	tag.zebestof.com	www.theoriginalshotels.com tag.zebestof.com
2	10140364.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	u.logbor.com	www.theoriginalshotels.com u.logbor.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	tc.galaxy.tf	cdn.galaxy.tf
2	fonts.googleapis.com	www.theoriginalshotels.com
1	adservice.google.com	www.theoriginalshotels.com
1	match.adsrvr.org	www.theoriginalshotels.com
1	ib.adnxs.com	1 redirects
1	www.google.com	www.theoriginalshotels.com
1	js.cookieless-data.com	www.theoriginalshotels.com
1	s2.adform.net	www.theoriginalshotels.com
1	ads.creative-serving.com	u.logbor.com
1	region1.analytics.google.com	www.theoriginalshotels.com
1	region1.google-analytics.com	www.theoriginalshotels.com
1	cstatic.weborama.fr	www.googletagmanager.com
1	insight.adsrvr.org	www.theoriginalshotels.com
1	cdn.galaxy.tf	www.theoriginalshotels.com
1	app.secureprivacy.ai	www.theoriginalshotels.com
1	theoriginalshotels.com	1 redirects
0	hal9000.redintelligence.net Failed	www.theoriginalshotels.com
125	42

This site contains links to these domains. Also see Links.

Domain
theoriginals.bonkdo.com
reservations.theoriginalshotels.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.tiktok.com
www.theoriginalsacademy.com
document-tc.galaxy.tf

Subject Issuer	Validity	Valid
www.theoriginalshotels.com Cloudflare Inc ECC CA-3	`2024-03-07` - `2024-12-31`	10 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
cdn.galaxy.tf Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
image-tc.galaxy.tf Cloudflare Inc ECC CA-3	`2023-05-08` - `2024-05-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.galaxy.tf Amazon RSA 2048 M02	`2024-03-22` - `2025-04-20`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.logbor.com R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
prod.zebestof.com Amazon RSA 2048 M02	`2024-01-28` - `2025-02-26`	a year	crt.sh
cstatic.weborama.fr DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-09` - `2025-04-09`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-12-21`	10 months	crt.sh
*.solution.weborama.fr Gandi RSA Domain Validation Secure Server CA 3	`2024-01-17` - `2025-02-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
vu.adschoom.com R3	`2024-03-09` - `2024-06-07`	3 months	crt.sh
*.creative-serving.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-19` - `2024-04-18`	3 months	crt.sh
ad-srv.net R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh
*.cookieless-data.com RapidSSL TLS RSA CA G1	`2024-02-28` - `2025-03-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.theoriginalshotels.com/
Frame ID: 038EC55978DC473522BE07652C609CC7
Requests: 115 HTTP requests in this frame

Frame: https://www.theoriginalshotels.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: AC2B94634AF4C449DCBC1F0965F39BD8
Requests: 2 HTTP requests in this frame

Frame: https://10140364.fls.doubleclick.net/activityi;dc_pre=CLqv_da6kYUDFUVMkQUdabQJXQ;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7047393040955.228
Frame ID: 74A9F1CFE5E4B4DD88486FA9DE5F2680
Requests: 1 HTTP requests in this frame

Frame: https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=416587&a.A=co&a.si=9771&a.cp=2&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshotels.com/&a.opt=N1%3A0%2CN2%3A0%2CN3%3A0
Frame ID: 241C8C628DAA9712632E228471FCC8FD
Requests: 1 HTTP requests in this frame

Frame: https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=485935&a.A=co&a.si=9771&a.cp=5&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshotels.com/&a.opt=N1%3A0%2CN2%3A0%2CN3%3A0
Frame ID: 76E2200DB10AEA5A4B28C1D041B483E1
Requests: 1 HTTP requests in this frame

Frame: https://static.sojern.com/cip/c/141.html?version=5&auto_url=https%3A%2F%2Fwww.theoriginalshotels.com%2F&auto_ccid=f05io-kgqw6-hh1qs-x4fw8-5vte6&auto_ga=1051767017.1711439960&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1113&tz=-60&hpid=&pt=HOME_PAGE&et=
Frame ID: 179A99870E0D3B03ADD2A60E39A70FE4
Requests: 1 HTTP requests in this frame

Frame: https://8741099.fls.doubleclick.net/activityi;dc_pre=CLXxg9e6kYUDFS1LkQUdG30F9Q;src=8741099;type=websi971;cat=sehho123;ord=1;num=7249346133269;npa=1;auiddc=771762410.1711439960;u9=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43p0v9135073673z8810182064za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F
Frame ID: 3D9AF0E5CC6C905D1391C94A6A185B76
Requests: 1 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Frame ID: 030CAAE458B8C2FECD909E8086787D9C
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
Frame ID: FE13580BA379B98AF746EA0DD2808986
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Originals Hotels & Resorts, une chaîne d’hôtels pour tous les goûts.

Page URL History Show full URLs

http://theoriginalshotels.com/ HTTP 307
https://theoriginalshotels.com/ HTTP 301
https://www.theoriginalshotels.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

125
Requests

94 %
HTTPS

21 %
IPv6

26
Domains

42
Subdomains

37
IPs

7
Countries

9274 kB
Transfer

12822 kB
Size

37
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://theoriginals.bonkdo.com/fr/networkgiftcards/
Title: BOUTIQUE CADEAUX

Search URL Search Domain Scan URL

URL: https://reservations.theoriginalshotels.com/100753?rateplancode=AHBF&adults=1&LanguageID=3&subchan=SITE-TheOriginals#/guestsandrooms
Title: Réserver

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theoriginalshotels/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/accounts/login/?next=%2Fthe_originals_hotels%2F
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/theoriginalshotels?originalSubdomain=fr
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCQ3oPOkq48_MvhkrF3_yX3g/videos?app=desktop
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@the_originals_hotels
Title: Tiktok .cls-1{fill:#1d242c;}

Search URL Search Domain Scan URL

URL: https://www.theoriginalsacademy.com/
Title: The Originals Academy

Search URL Search Domain Scan URL

URL: https://document-tc.galaxy.tf/wdpdf-a6xp2n4665xt3eww85odeq3wc/accueil_cms-document.pdf
Title: Télécharger notre guide

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://theoriginalshotels.com/ HTTP 307
https://theoriginalshotels.com/ HTTP 301
https://www.theoriginalshotels.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.theoriginalshotels.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.theoriginalshotels.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Request Chain 57

https://10140364.fls.doubleclick.net/activityi;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7047393040955.228 HTTP 302
https://10140364.fls.doubleclick.net/activityi;dc_pre=CLqv_da6kYUDFUVMkQUdabQJXQ;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7047393040955.228

Request Chain 83

https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=co&a.si=9771&a.cp=2&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshotels.com/&a.opt=N1%3A0%2CN2%3A0%2CN3%3A0 HTTP 302
https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=416587&a.A=co&a.si=9771&a.cp=2&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshotels.com/&a.opt=N1%3A0%2CN2%3A0%2CN3%3A0

Request Chain 84

https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=co&a.si=9771&a.cp=5&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshotels.com/&a.opt=N1%3A0%2CN2%3A0%2CN3%3A0 HTTP 302
https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=485935&a.A=co&a.si=9771&a.cp=5&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshotels.com/&a.opt=N1%3A0%2CN2%3A0%2CN3%3A0

Request Chain 89

https://8741099.fls.doubleclick.net/activityi;src=8741099;type=websi971;cat=sehho123;ord=1;num=7249346133269;npa=1;auiddc=771762410.1711439960;u9=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43p0v9135073673z8810182064za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F HTTP 302
https://8741099.fls.doubleclick.net/activityi;dc_pre=CLXxg9e6kYUDFS1LkQUdG30F9Q;src=8741099;type=websi971;cat=sehho123;ord=1;num=7249346133269;npa=1;auiddc=771762410.1711439960;u9=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43p0v9135073673z8810182064za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F

Request Chain 97

https://secure.adnxs.com/px?id=1696506&seg=34036556&order_id=&value=&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1696506%26seg%3D34036556%26order_id%3D%26value%3D%26t%3D1

Request Chain 104

https://hal9000.redintelligence.net/retarget?a=48575&version=1 HTTP 302
https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

Request Chain 105

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 106

https://ad.ad-srv.net/retarget?a=52995&version=1 HTTP 302
https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

Request Chain 117

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0BMFBvnwLijyfY0Wr_arDp9iDpXE60ZpS2-iuBjQnhEl8fXQdlGEfojc_3sG1vUj HTTP 302
https://pixel.sojern.com/idsync/apn?id=4981476164057538149&sjrn_id=0BMFBvnwLijyfY0Wr_arDp9iDpXE60ZpS2-iuBjQnhEl8fXQdlGEfojc_3sG1vUj

Request Chain 119

https://c1.adform.net/serving/cookie/match?cid=18140ce5-84db-17e9-352b-6aaa290efd96&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=18140ce5-84db-17e9-352b-6aaa290efd96&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=3545773716518266710&cid=18140ce5-84db-17e9-352b-6aaa290efd96

Request Chain 121

https://ad.doubleclick.net/ddm/activity/src=13796265;type=sales;cat=ifram0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=13796265;dc_pre=CIvslte6kYUDFS8bogMdCqkBiQ;type=sales;cat=ifram0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=13796265;dc_pre=CIvslte6kYUDFS8bogMdCqkBiQ;type=sales;cat=ifram0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]

125 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.theoriginalshotels.com/
Redirect Chain

http://theoriginalshotels.com/
https://theoriginalshotels.com/
https://www.theoriginalshotels.com/

584 KB
60 KB

179ms
103ms

Document
text/html

104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f2b300cde42476c30c72df9831c4e1b59e3f21d0fdf8a0e376f32176efa34e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 86a599bfcb133a90-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 26 Mar 2024 07:59:19 GMT
last-modified: Mon, 25 Mar 2024 14:22:59 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-amz-cf-id: u7lQjzNeqqFGcBWzog9Se58e7lN0AFqP4LfE6UgGYERVV25b16lXvw==
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, max-age=0
content-encoding: gzip
content-length: 143
content-type: text/html
date: Tue, 26 Mar 2024 07:59:18 GMT
er-request-id: ad7e33a2dfc52cc6c58e13dfa2278078
er-rule-id: r-cf29bea1-c3c9-43a1-b4a3-a5a0b0b28635
location: https://www.theoriginalshotels.com/
pragma: no-cache
server: EasyRedir
x-content-type-options: nosniff

GET
H2 200 5f1b3ff97df5d20864f53763.js Show response
app.secureprivacy.ai/script/ 9 KB
4 KB 89ms
60ms Script
text/javascript 172.67.72.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.secureprivacy.ai/script/5f1b3ff97df5d20864f53763.js
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0bffb1ed0a55a37ae83437a67e4c167d366f251239c05dbd93156f5c8acf789

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 01 Mar 2024 08:31:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: qNCJ3qFPzYEX54dEW7dR7Q==
server: cloudflare
etag: W/"0x8DC39C9FCBF7E58"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ozmES6twshD48ENqPzhLza0x3j48toohBc15XcwF8HK%2Fpw9meIewzQYEcg%2Byxpf7DiVdmePU0fHOAQwPfly400p%2BCuNtrWkCAIoYxOrI9tju51TYz80XXJx%2F1vBc89U3HuHsfAJ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-ms-request-id: f60ef64c-701e-0023-4753-7f3b68000000
x-ms-version: 2018-03-28
cf-ray: 86a599c0aa8c2c52-FRA

GET
H2 200 css
fonts.googleapis.com/ 7 KB
759 B 132ms
52ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1740b635b6ed1d7b8e50f782bdfb84c7ac462bbaecd9a80efbea5688b47ad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 07:57:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Mar 2024 07:59:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 127ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d283f35f448427af5829226acc79852029b526dc6e75bbf85574446437910e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 07:59:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Mar 2024 07:59:19 GMT

GET
H3 200 TruenoRg.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/trueno/ 14 KB
14 KB 91ms
90ms Font
application/font-woff2 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/trueno/TruenoRg.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29e056a988f874565b954c03f119955657ed0a369cb975a4645c79731914f9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
Origin: https://www.theoriginalshotels.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 14088
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 31 Mar 2022 15:51:44 GMT
server: cloudflare
etag: "584302e25fd9988ca4b4c8e1e63a0818"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c07bbb3a90-FRA
x-amz-cf-id: QY_Dl_kN7oZzEw5hRXcO7Jsfn5GvMiG4BW4VNyk0yOdkXI2Rvje53Q==

GET
H3 200 TruenoBlk.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/trueno/ 13 KB
13 KB 117ms
116ms Font
application/font-woff2 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/trueno/TruenoBlk.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389d9b1c8619cf7582d3a948e52734230352a55c4dd8b039a5b3c52095a0f448

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
Origin: https://www.theoriginalshotels.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13156
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 31 Mar 2022 15:51:35 GMT
server: cloudflare
etag: "8ef233ce3c8626265dcf9c1381567b11"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c07bbd3a90-FRA
x-amz-cf-id: JzVqPLMCCQPABQ46nb9usnD_aW_99r1lDPimq-5ssB8NG5wfqMqzcw==

GET
H3 200 Northwell.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/northwell/ 140 KB
140 KB 157ms
157ms Font
application/font-woff2 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/northwell/Northwell.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e893fd1ca74befca33bf6de97595dc74422fb855810a0551b8ba9421747822

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
Origin: https://www.theoriginalshotels.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 143196
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Sep 2023 15:04:33 GMT
server: cloudflare
etag: "56cc38a58fe9f8280d6ada6f406062d1"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c07bc03a90-FRA
x-amz-cf-id: D69eV7NZAtlFr8rCglCEFLPM7AW4J8p1A5Ympgu6DmvC8ERDUvfyhg==

GET
H3 200 main.css
www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/ 361 KB
58 KB 111ms
110ms Stylesheet
text/css 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d53beef3128c70df622d2869acdf75ebc1d7b4982faa8003ffd75c9c35ca48f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Mar 2024 14:24:04 GMT
server: cloudflare
etag: W/"e1aa6ae8cb9197d5f1b3abb6ec603cc7"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
cf-ray: 86a599c07bc13a90-FRA
x-amz-cf-id: F2YXycAWf_OJD5tlCIk9UFp4UmZ1XhgtnEFU6r4mqc4r1wWNLIrzjQ==

GET
H3 200 gms-latest.min.js Show response
cdn.galaxy.tf/asset-galaxy/js/ 149 KB
46 KB 362ms
341ms Script
application/javascript 104.17.186.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v9295afbf6f228ac2eae379703879c70b
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.186.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5a86464c4b9183b213d65414690cc67a7c95322fca37b6a62ba0378c6890469

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 21 Mar 2024 13:55:37 GMT
server: cloudflare
etag: W/"253b9-6142c0fde086f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 86a599c0adc0692b-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Apr 2024 07:59:19 GMT

GET
H3 200 main.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/shared-gms-v2/js/ 212 KB
66 KB 85ms
84ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/shared-gms-v2/js/main.bundle.js?v9295afbf6f228ac2eae379703879c70b

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0496e4365211473ac584e2d8017a096cba62f24747339ca6f15922e965e024ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Dec 2023 13:32:42 GMT
server: cloudflare
etag: W/"cc489da971ea334c2e39104d4689c030"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c36e1c3a90-FRA
x-amz-cf-id: y_Dw2tJXWlRhAzHSAsPf-lfVg1YU5fUjDSt1AR5RwnhFW6KgdyL4fQ==

GET
H3 200 main.css
www.theoriginalshotels.com/css/custom/257/307/main/437b1f0c23eb66b44f68fd6babdf7342/ 4 KB
1 KB 111ms
111ms Stylesheet
text/css 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/css/custom/257/307/main/437b1f0c23eb66b44f68fd6babdf7342/main.css

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6585a245f18ae234775848a8e53c287cd5193ad65990dcff47c9164d021f050b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Mar 2024 14:24:32 GMT
server: cloudflare
etag: W/"80d1d1199adf02772f42f928ec1d3d17"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
cf-ray: 86a599c08bcc3a90-FRA
x-amz-cf-id: 98EAaGo0lBknkgstXOj1Ed5kvBDPyjBKXwVo986MfH1chrQ99QYKtw==

GET
H3 200 adobestock-31234360.jpg
image-tc.galaxy.tf/wijpeg-bmgg21al6hts12tfvbdf74osb/ 143 KB
144 KB 557ms
535ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-bmgg21al6hts12tfvbdf74osb/adobestock-31234360.jpg?rotate=0&crop=49%2C71%2C1800%2C1066&width=1350

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

507b412030ccf29aa30ed71c755ae4f302ce78b71dffdb4257539fbb3520c4b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
x-amz-version-id: VADQH6Qm3urw5oHkmchDGPiVIhunKs9O
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 146847
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Aug 2022 15:09:05 GMT
server: cloudflare
etag: "195cb56a69add5904ad339dfeddd7c95"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c0bbe171bb-FRA
x-amz-cf-id: A_TMLu9nRsK14cLDmTu2YBvT6cBrHPSoTlVKNkHByV36RTiQ5-hylQ==

GET
H3 200 1608307107-5fdcd1a3aef5c-thumb.svg
image-tc.galaxy.tf/wisvg-7q7y4yjlh94y8y5ftli15vcwx/ 8 KB
4 KB 464ms
442ms Image
image/svg+xml 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-7q7y4yjlh94y8y5ftli15vcwx/1608307107-5fdcd1a3aef5c-thumb.svg?width=200

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e1643fbbd726611ae85daa3796dfe933445cecff34d4fd149fb1ba42f22a44a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
x-amz-version-id: ur0sBUREy0ktewDnI24T_CYlnef4p0zu
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 ad3a844607df41a7152eab5ebe6e4056.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Jun 2022 11:54:10 GMT
server: cloudflare
etag: W/"828a8c450fe84d5038da77587d247c21"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
cf-ray: 86a599c0bbdf71bb-FRA
x-amz-cf-id: 6jN-NG8Z28cuYNjK10dCDruHNp8r0qh7RJaHpwabx8QuAE2RJKMqPg==

GET
H3 200 icon-user-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 662 B
785 B 126ms
126ms Image
image/svg+xml 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/icon-user-white.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6d0c93f1f8d80347943722f2eadb08d1a33045b05058db74931ca0d3ea1f709

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Sep 2021 12:16:30 GMT
server: cloudflare
etag: W/"1639cde332b439d4dd184f888c82941f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 86a599c08bd03a90-FRA
x-amz-cf-id: l22Fvaz7ctLuW1CSbx11dutYGMTXltO3STm88VWbxa9rAN1DKIoPXA==

GET
H3 200 ico-arrow-down-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 198 B
584 B 105ms
104ms Image
image/svg+xml 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/ico-arrow-down-white.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f561b7fe08af5afa017a87fdef48c4afa2c2220e48cc9f17b4bfb46d265809

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Sep 2021 12:17:07 GMT
server: cloudflare
etag: W/"a066c612fd4f5e8cf7ccfa2eca8f81e7"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 86a599c36e1d3a90-FRA
x-amz-cf-id: 5moIkOh7hMQwcJwL7Md-sr65zI5anZZfzPtewNmvF9lw_oz-wZIgVw==

GET
H3 200 location.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 774 B
819 B 87ms
86ms Image
image/svg+xml 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/location.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4496790355109e59d18432247f4ca567a7dbfbd8890495348c02e25ea958fc7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Sep 2021 12:17:15 GMT
server: cloudflare
etag: W/"1fd628fa1443931373d97e97bf362695"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 86a599c36e1e3a90-FRA
x-amz-cf-id: px0c3kH1J_MdHSXgghrrObOHNtxmNl5mJoJdSI9qIpZyKbM_6psQzg==

GET
H3 200 galaxy-helpers.js Show response
www.theoriginalshotels.com/frontend/galaxy-helpers/public/ 59 KB
22 KB 132ms
131ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-5e998723-92b6-43f3-a809-5ae8db99afa2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5c77bdb4cbbd984503cf66fee883735866d05e4b433a03d09c7a502cfc4eb1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2024 19:03:42 GMT
server: cloudflare
etag: W/"9b85ee3bce6207f2c19f4381101ff4fe"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c08bd13a90-FRA
x-amz-cf-id: 5CJG8_keMm2nMNkP5fPDYvXVCM-Y6W3W7uYBxEzzAkviXpTQw5Y2rQ==

GET
H3 200 bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/ 225 KB
73 KB 95ms
95ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

279fb804943e428c6d3d7e68c870419ead6e5f36fe624950330e057cadd22985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Mar 2024 13:52:05 GMT
server: cloudflare
etag: W/"b421844de7d480a61c8b055ace5e8577"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c15c683a90-FRA
x-amz-cf-id: RFSEYWmsmXF2IaOgbRzI6qt2Th2FQoX2GYMhZ4U4ywD524YXYR4XZQ==

GET
H3 200 bundle.js Show response
www.theoriginalshotels.com/integration/tc-ext-integrated-datalayer/public/js/ 22 KB
6 KB 128ms
126ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/tc-ext-integrated-datalayer/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03a23343f779322422cc2ecce3fc4b018743e9a900fd801b037189ca5703e871

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
Origin: https://www.theoriginalshotels.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Mar 2024 19:36:35 GMT
server: cloudflare
etag: W/"847c8772a92931bb3bbe0e689679de1a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c36e203a90-FRA
x-amz-cf-id: XoVpEGYE_nnkoF8liySV9cv-zt0C_6Yp66g05IWZpaKpULX2ckxaNw==

GET
H3 200 bundle-ext-currency-switcher.js Show response
www.theoriginalshotels.com/integration/tc-ext-currency-switcher/public/js/ 19 KB
7 KB 103ms
102ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/tc-ext-currency-switcher/public/js/bundle-ext-currency-switcher.js?v9295afbf6f228ac2eae379703879c70b

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b9cd9deaebeb6fdfe1a70d6d17f435271e7541938bbc7928e25ab2426abe9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
Origin: https://www.theoriginalshotels.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Mar 2024 19:36:42 GMT
server: cloudflare
etag: W/"9dad5658375fae8470f76960608ee3c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c36e213a90-FRA
x-amz-cf-id: -RyTEA-ahGXKM7dWgiZhvA-aHQqvw4B2_xKpV7JCdw9ubQdDlnMjJw==

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 108ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=rnk4nsw&ct=0:d0pjli2&fmt=3
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Mar 2024 07:59:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: TdbsvSfTadOu4xZ+vA4fumS/ZrmAQer4zCvp+pD51bpVp3NJsAD+MqDLsCvVDaurELkwjN41VYvZ4RO76iStQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
92 KB 125ms
46ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29afb643625f0fd86e2e63b4ba0e787cbdb8a9bad1c3decb4ad14da6197fdf63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93745
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 07:59:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 381 KB
116 KB 205ms
126ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7511eab086acb3179bf7aeca61641f6e20671dd291cc845e629b90c95114ebae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119038
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 07:59:19 GMT

GET
H3 200 popin.png
www.theoriginalshotels.com/integration/seh/public/images/ 3 KB
3 KB 116ms
115ms Image
image/png 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/popin.png

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

469432f4ff0c743a4c665766758c7c60495fe9ba359b50a5cb8a5af2f1be4da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2862
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Sep 2021 12:16:42 GMT
server: cloudflare
etag: "7d1ef90dd29f9db486910039efa62f0f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c38e343a90-FRA
x-amz-cf-id: QwutXHMmdTFy_DuHwd6VwIJGui6hIuuka6QOFDrlhIzWu9G_aovrFg==

GET
H3 200 checkmark-loyalty.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 613 B
727 B 112ms
112ms Image
image/svg+xml 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/checkmark-loyalty.svg

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5601e2b598a8ef2298c26cde90f38b6f9e979f121af411e32d4c645ed048a7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 18:59:09 GMT
server: cloudflare
etag: W/"5c32d03582d279de07ec4fddf955144d"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 86a599c38e363a90-FRA
x-amz-cf-id: -GDbTpUbxVJlt7ab6hMJqyJlIKN5CZUvrSHrdRgNwoXn59YARgy7jA==

GET
H3 200 Cormorant-Regular-alt.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/cormorant/ 22 KB
22 KB 133ms
132ms Font
application/font-woff2 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/cormorant/Cormorant-Regular-alt.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8712b813a243c4de935c7c1ed92a05c938fe7cd20e1ead5896c9fb7af1d3f1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css
Origin: https://www.theoriginalshotels.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 22408
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Aug 2022 15:00:12 GMT
server: cloudflare
etag: "704aecc66fc935640905905ca038ddc7"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c38e3a3a90-FRA
x-amz-cf-id: qQC7pPmCesTQleg6C_lxYpbcDySw4QxpzUSluSOGy9ge3_AFOyw35A==

GET
H3 200 TruenoSBd.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/trueno/ 18 KB
18 KB 107ms
107ms Font
application/font-woff2 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/trueno/TruenoSBd.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1d8362a60d16cfca89c19e6e6697eb0fbc1b3724192cb4f0e41bd58dfa4094

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css
Origin: https://www.theoriginalshotels.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18080
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 31 Mar 2022 15:51:27 GMT
server: cloudflare
etag: "5f0ddd57ee93a6bf7d71d2ed4e9f61c3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c38e3b3a90-FRA
x-amz-cf-id: qcUFd2Qz4PYMo_xkcXzHfc1DU6J_BjCsTJ9CO4xn51n7l_CA8XvvUQ==

GET
H3 200 Cormorant-SemiBold-alt.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/cormorant/ 22 KB
22 KB 118ms
118ms Font
application/font-woff2 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/cormorant/Cormorant-SemiBold-alt.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0044a49eed3c522185032b25ed3d661600b50ef22acba2ddd6b60189308b39da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css
Origin: https://www.theoriginalshotels.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 22312
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Aug 2022 15:00:32 GMT
server: cloudflare
etag: "bd7d7c929f63fdfe5e6235474c44bfa0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c38e3c3a90-FRA
x-amz-cf-id: e6m_H8lJZP0HNLJi_pvtcpWy6xzvVYyNCdKU5542fmAtzPfuSC3x5w==

GET
H3 200 TruenoBd.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/trueno/ 14 KB
14 KB 130ms
130ms Font
application/font-woff2 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/trueno/TruenoBd.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b99d411bd16e842ca2482a4559a2f61d66f1bf7852a08e7185c1417c543a997d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/css/custom/257/5/main/56efd3426c240b635ce0b397888376d3/main.css
Origin: https://www.theoriginalshotels.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 14108
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 31 Mar 2022 15:51:14 GMT
server: cloudflare
etag: "d2640845b9b74a7a6cfb1fb94c92d050"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c38e3d3a90-FRA
x-amz-cf-id: wNYEtZ18y-kGCtVeRSrcPZAafttmy2Da2g2PYrrJXfLKF3yIzJGtIA==

GET
H3 200 offre-gourmand_standard.jpg
image-tc.galaxy.tf/wijpeg-bx22n8hyvr2t516fg39xvv66d/ 45 KB
46 KB 461ms
461ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-bx22n8hyvr2t516fg39xvv66d/offre-gourmand_standard.jpg?crop=114%2C0%2C1773%2C1330&width=700

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d8e79d58771351ef34a6148810d6a060d9f2eb6bbc0cfb6b8ce70c8096ef82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: YvCTMhStonnrQarpVEpXnM_esrNjU8RP
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 46512
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Aug 2022 13:25:43 GMT
server: cloudflare
etag: "d43e7a42ba8a002227995bf9ab0eea1b"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c3ae5771bb-FRA
x-amz-cf-id: s-9Iz_asWLuUbJArsJOtf3M9tfNHYF0kDb5RB7FTU5QZgSaPV4oo9Q==

GET
H3 200 offre-spa_standard.jpg
image-tc.galaxy.tf/wijpeg-2p5hv9uuyams1mbu0z32hdc1f/ 35 KB
36 KB 456ms
455ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-2p5hv9uuyams1mbu0z32hdc1f/offre-spa_standard.jpg?crop=112%2C0%2C1777%2C1333&width=700

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d53e8a10d2ed3a9d99bab1921672cee69324be711ae5daf33dc56af6ceb8102

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: 70n5gVzB2PA3GurwsSvWCp5y3eNWYMpA
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 ad3a844607df41a7152eab5ebe6e4056.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 35849
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 13:58:27 GMT
server: cloudflare
etag: "0040a0153d0eb396bcf90b49d4d07720"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c3ae5871bb-FRA
x-amz-cf-id: LSUP8B109zy_fn1KMztmyf0JbqSacWw3eRikpROmcTBHqmRZu4OkRw==

GET
H3 200 romantique_standard.jpg
image-tc.galaxy.tf/wijpeg-80ez3gkguvag7ausum7ln9zzn/ 56 KB
56 KB 478ms
478ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-80ez3gkguvag7ausum7ln9zzn/romantique_standard.jpg?crop=112%2C0%2C1777%2C1333&width=700

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b649ebd2d8cdadf11b9d2f00532f4d143a8434182c8239e453319bd0af20fd17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: mnsaQnHnk6Z3QUXbFBVAXbMLwNhoshKk
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 56955
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Apr 2023 09:05:35 GMT
server: cloudflare
etag: "f77883ccc4d638e05ffa696fb69b2b08"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c3ae5971bb-FRA
x-amz-cf-id: D0UPxaPiXZ8VV3WvnsoyYKh_B2KNSIktImLntKhQ4zsG73wn-v6TGQ==

GET
H3 200 initPersonalization.bundle.js Show response
www.theoriginalshotels.com/frontend/galaxy-helpers/public/ 20 KB
8 KB 115ms
115ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/initPersonalization.bundle.js?ver=7f4a6a512be1f7ade9a4

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-5e998723-92b6-43f3-a809-5ae8db99afa2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68712256d11cb759b4c5dae58fe84e8a711697b5ec36a4e17bab185d3e2fd103

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2024 19:03:23 GMT
server: cloudflare
etag: W/"14070bdddcb6149b56e81de8b89c72e9"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c3ee773a90-FRA
x-amz-cf-id: my_gPh_4Pu7o72us-UadR3Dq1uyYyl9_lwSU0kXs5FSGKy5l6UnXFA==

GET
H2 200 370754915204349 Show response
connect.facebook.net/signals/config/ 63 KB
13 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/370754915204349?v=2.9.150&r=stable&domain=www.theoriginalshotels.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e50417c9d4ae093c984f738936bdae9829db79cfeb2c4a8806762fb0c0b9909f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Mar 2024 07:59:19 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13388
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=62, mss=1326, tbw=62805, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 2x3dVIFeol2ma7m4D2zxM4WDeDN1bJlxByqVETUgAFVnkqmCKpPw/kmo1mkbXGuY5iTTF/BWOn0amNS0fanX4w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 204 gms
tc.galaxy.tf/token/oauth2/ Frame 0
0 37ms
8ms Preflight 18.158.239.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tc.galaxy.tf/token/oauth2/gms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.239.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-239-145.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-galaxy-key
Access-Control-Request-Method: GET
Origin: https://www.theoriginalshotels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-galaxy-key,x-referer-override
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT
access-control-allow-origin: *
apigw-requestid: VOj9whEcliAEPyw=
date: Tue, 26 Mar 2024 07:59:19 GMT

GET
H2 200 gms Show response
tc.galaxy.tf/token/oauth2/ 734 B
881 B 32ms
32ms XHR
application/json 18.158.239.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tc.galaxy.tf/token/oauth2/gms
Requested by: Host: cdn.galaxy.tf
URL: https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v9295afbf6f228ac2eae379703879c70b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.239.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-239-145.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 23ddfcd93b9071b442be172c18e009e4747ae7ba28fbd5eaa91370681cc5aedc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
X-Galaxy-Key: ccd27d45ba2401c0a91c7c3b9a99dfbf
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 26 Mar 2024 07:59:19 GMT
content-length: 734
apigw-requestid: VOj9wiYkFiAEJ9Q=, VOj9wip3liAEPUw=
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 22ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=370754915204349&ev=PageView&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&rl=&if=false&ts=1711439959696&sw=800&sh=600&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1711439959694.793771381&cs_est=true&ler=empty&cdl=API_unavailable&it=1711439959666&coo=false&rqm=GET

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Mar 2024 07:59:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

main.js Show response
www.theoriginalshotels.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame AC2B
Redirect Chain

https://www.theoriginalshotels.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.theoriginalshotels.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

8 KB
4 KB

17ms
17ms

Script
application/javascript

104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac6761ddb4812b8058a7e91a56114779a26d41682e8c11c0d975e252cd1655a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86a599c44ed43a90-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 26 Mar 2024 07:59:19 GMT
server: cloudflare
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
cache-control: max-age=300, public
cf-ray: 86a599c43eb63a90-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 booking.948a448e00cf7ad5d593.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/chunk/ 8 KB
3 KB 101ms
101ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/chunk/booking.948a448e00cf7ad5d593.bundle.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6e1f005b6bcb9a801f56a69832a9c6a405a8ffd08933ac06b978bd4a120cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Dec 2023 13:32:48 GMT
server: cloudflare
etag: W/"2df6a74bfbba951ed5a26527936a466d"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c43ebc3a90-FRA
x-amz-cf-id: efchTY_9niVj74TzdqlA-YNGnLdTupTfmTmFw64lKgjDQWJdlpc8mg==

GET
H3 200 vendors~sliders.1a0238844379491e7d94.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/chunk/ 47 KB
13 KB 127ms
126ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/chunk/vendors~sliders.1a0238844379491e7d94.bundle.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efec5b89548b3a6060ca8d4bf29d19a06a2cd7255a19e7d84af468b144028f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 18:12:42 GMT
server: cloudflare
etag: W/"1e62177563407e45702883cbdfb2d947"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c43ebe3a90-FRA
x-amz-cf-id: 4sGG3t4VwD-C2UJiDcFjSNx47-ujbM6sto-wxiou7BzdTQQFm7zjmA==

GET
H3 200 sliders.392d7d826fd790b195d2.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/chunk/ 4 KB
1 KB 88ms
87ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/chunk/sliders.392d7d826fd790b195d2.bundle.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dbe680c1e203076d328eaba05423ae24e00d594d9b3b113c4a6a839c6291f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Dec 2023 17:41:07 GMT
server: cloudflare
etag: W/"497f29c87fecf53f41ab26bccd0ef4cc"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c43ebf3a90-FRA
x-amz-cf-id: _ClIgenSBeJDeTwK6BJPrxtiue4-_VwdmQpHZv0fjiTlnGT6U6t-jg==

GET
H3 200 vendors~bm-destinations~selects.6edcd81c83f9525d73c6.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/chunk/ 71 KB
20 KB 89ms
88ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/chunk/vendors~bm-destinations~selects.6edcd81c83f9525d73c6.bundle.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddc314faced5f8ff6d29a82d368453ca646db2666c61c23a088c107f0f40d888

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Dec 2023 13:32:43 GMT
server: cloudflare
etag: W/"6013d30d25b74e2028d56890070fb4a9"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c43ec23a90-FRA
x-amz-cf-id: 08XzGSpAc5hADqByOJRAC_Rf3wh1qzO2IBt4RQElOC8S_MZjUbpKHg==

GET
H3 200 selects.4e8598a80927669127f6.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/chunk/ 2 KB
1 KB 86ms
85ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/chunk/selects.4e8598a80927669127f6.bundle.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

162722d63a0fb0f3b6d4a577a530a4c218946680b76ff76dcafda94e4e12e1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Dec 2023 13:32:51 GMT
server: cloudflare
etag: W/"bb91de075a76a5a0439ec3cb6f1c05ec"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c43ec43a90-FRA
x-amz-cf-id: 2hkGrQG6_NERXUT5jMbmlvZ8LArhtKFtUuC284wrs_X-fmkVWWK4sg==

GET
H3 200 truncate.722f6e5be6154de3b26d.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/chunk/ 2 KB
1 KB 103ms
102ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/chunk/truncate.722f6e5be6154de3b26d.bundle.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

320f689d5daba8be62bf6cc42fbc2da107b471611f792f66c7dcdd55912a7c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Dec 2023 13:32:33 GMT
server: cloudflare
etag: W/"cddbe97876930441a92227c54bdbefe9"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c43ec63a90-FRA
x-amz-cf-id: ARikIatKd_7ZBBiAPOdAT7O8ud3IbXw_TNHgxPutj8CYq4dNWN_HNQ==

POST
H3 200 86a599bfcb133a90 Show response
www.theoriginalshotels.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame AC2B 0
322 B 28ms
28ms XHR
text/plain 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theoriginalshotels.com/cdn-cgi/challenge-platform/h/g/jsd/r/86a599bfcb133a90
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
server: cloudflare
cf-ray: 86a599c4bf173a90-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
90 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3R5SJEDWK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4254aee86f8c30cd7673c1d9fd8d03720c0d8978b63248502b9c65868abfa688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91907
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 07:59:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 113ms
35ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 07:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1237
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 26 Mar 2024 09:38:42 GMT

GET
H3 200 bm-destinations.da47fd8bded832d80e27.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/chunk/ 5 KB
3 KB 95ms
95ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/chunk/bm-destinations.da47fd8bded832d80e27.bundle.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a646669c813a5ef770aadef1f29232dadc923a1bd2d140e1baa5a25451e9d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Dec 2023 13:32:32 GMT
server: cloudflare
etag: W/"36c4f3dae1f90239083049a3f35a8f22"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c4ff373a90-FRA
x-amz-cf-id: U3XxLdH82XOMu3obiLStpkoo4uwU1XmXaKrHTOVV5VLNwTLu0vAh5A==

GET
H3 200 bm-guests.5ff40c3fa749667cca5f.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/chunk/ 2 KB
1 KB 95ms
95ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/chunk/bm-guests.5ff40c3fa749667cca5f.bundle.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ab8a4ce13c61bc130c6b99e764504c233288962a4dcfd4b8b44963c506c8f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Dec 2023 13:32:46 GMT
server: cloudflare
etag: W/"b9d03e38e350d7e7b5eff4b6e6ea5147"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c4ff3a3a90-FRA
x-amz-cf-id: ct6y622yyrfeqYhmVJcwu8tg-I85HUVXzo6vdzFR5td39s_SMdbC1A==

GET
H3 200 vendors~bm-datepicker~date-range-pickers.fa9f87ddc9ee5863e528.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/chunk/ 130 KB
38 KB 79ms
79ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/chunk/vendors~bm-datepicker~date-range-pickers.fa9f87ddc9ee5863e528.bundle.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a79b812fe1a9a60718c21017b13ed2ea87992ea35fda14d69bc2613cdd1787b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 18:12:55 GMT
server: cloudflare
etag: W/"7394556d34e016d09f72425b3f335c32"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c4ff3b3a90-FRA
x-amz-cf-id: AoEPDJh7FpoKPbqgIFFAEjEgWsOUrTpucTGXZjk0-Nm0vgov4uIpww==

GET
H3 200 bm-datepicker.a3db6d2cab73f85ea958.bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/chunk/ 10 KB
4 KB 114ms
114ms Script
application/javascript 104.17.182.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/chunk/bm-datepicker.a3db6d2cab73f85ea958.bundle.js

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9295afbf6f228ac2eae379703879c70b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dfacdc318cf29bf678158513553e9619a8380d37b6c2153de74f48d3dd2ae6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Jan 2024 16:49:09 GMT
server: cloudflare
etag: W/"9e63226a0df9498d74bcdfb0d7ee1d07"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 86a599c4ff3c3a90-FRA
x-amz-cf-id: wQXTRoBorcpjEH8DOGrVMJO1UKQ9G_8SlK9kCB4xli7FcU5AofGoUA==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 64ms
63ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-8741099&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c3d5c18a5e4e78aaa278f8a627d40a06fb10f21f6b14b9f1e04321d27d12a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75105
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 07:59:19 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-798183250&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5072879429e01b37f4ce16fe705c5b8636632df02eeaf2e01113eb208f5247c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85597
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 07:59:19 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 28ms
7ms Script
application/javascript 2a02:26f0:3500:89b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:89b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5c8c192adca12497452b0a6c25b5913fad79f9afc4760673947377cd81575d81

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "d9d39f44b74d00726ec92710f4e4c69c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1856

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10993838473&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ca16029b2e453aaae376b28725bb4dda64adfac6a35d62683671ec12451b764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77038
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 07:59:19 GMT

GET
H/1.1 200
OK / Show response
u.logbor.com/p/ 6 KB
3 KB 86ms
31ms Script
text/javascript 89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/p/?i=2631&n=__dot

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Saint-Ouen, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx /

Resource Hash

464e1b405dc25d57a8fad36f7f8683f950b7507ab9a5001670aad386bca0691a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 07:59:19 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx
ETag: W/"181e-Ly7C/LVNEdFYTHlF4ItXUxgW1zw"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H3 200 636014493475340 Show response
connect.facebook.net/signals/config/ 28 KB
4 KB 8ms
8ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/636014493475340?v=2.9.150&r=stable&domain=www.theoriginalshotels.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101%2C178%2C177%2C179%2C184%2C185%2C186%2C182%2C174%2C117%2C119%2C173%2C175%2C108%2C139%2C130%2C134%2C114%2C169%2C209%2C145%2C102%2C112%2C210%2C147%2C106%2C128%2C121%2C109

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

096b98e8b7b884fec5308dac24621c6c279a4b8502e73c07fdbb0dc1f960ba23

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Mar 2024 07:59:19 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3542
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4607, tp=11, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: FEBd4lsq106zoBQW0OzZZ3H1UyD6N0XwUIKjdiRP5ZYuGwPN//t+0mHVNZdugv5ghagAnZjCHmEFnnIb31tQVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CLqv_da6kYUDFUVMkQUdabQJXQ;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7047393040955.228
10140364.fls.doubleclick.net/ Frame 74A9
Redirect Chain

https://10140364.fls.doubleclick.net/activityi;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7047393040955.228?
https://10140364.fls.doubleclick.net/activityi;dc_pre=CLqv_da6kYUDFUVMkQUdabQJXQ;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7047393040955....

0
0

72ms
72ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10140364.fls.doubleclick.net/activityi;dc_pre=CLqv_da6kYUDFUVMkQUdabQJXQ;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7047393040955.228?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 966
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Mar 2024 07:59:20 GMT
expires: Tue, 26 Mar 2024 07:59:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Mar 2024 07:59:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10140364.fls.doubleclick.net/activityi;dc_pre=CLqv_da6kYUDFUVMkQUdabQJXQ;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7047393040955.228?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1239 Show response
tag.zebestof.com/render/ 11 KB
4 KB 75ms
20ms Script
application/javascript 13.39.154.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.zebestof.com/render/1239
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.39.154.38 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-39-154-38.eu-west-3.compute.amazonaws.com
Software: /
Resource Hash: c3f560f78d48bc2853d91fa7699fe2a3994ba26346c64268b69ff9f7b6e052c2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: gzip
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers
content-length: 4260

GET
H2 200 adperf_conversion.js Show response
cstatic.weborama.fr/js/advertiserv2/ 7 KB
2 KB 40ms
11ms Script
text/javascript 152.199.22.228
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_conversion.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.228 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/6756) /
Resource Hash: 2dae230f35a3bc6eee71b1ae60c74d1b9c70df96f655ebd546dd73956eb05d6d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 09:34:27 GMT
server: ECAcc (frb/6756)
age: 191549
etag: "8943580+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2303
expires: Tue, 02 Apr 2024 07:59:19 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 181ms
151ms Script
application/javascript 104.126.37.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CL903P3C77U9OLIO9TU0&lib=ttq
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 54f49435248413e98e62d58fbffb80555607c31e9eacbca0183cfd9257ac24df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 3e378e4.53d0c057
date: Tue, 26 Mar 2024 07:59:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24032607591903CB69C9E9C27F805C77-2181C375B4639017-00
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4-55034233) (-)
x-parent-response-time: 100,104.126.37.140
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=7, inner; dur=3
content-length: 1366
pragma: no-cache
server: nginx
x-tt-logid: 2024032607591903CB69C9E9C27F805C77
x-cache-remote: TCP_MISS from a23-217-116-165.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.217.116.165
x-tt-trace-host: 019386ff562f79de540fc98f6031305ad24be8d6ad0426b69e5651833b680105aac138ee80946c976f60b31b8a6350f25b0c05a29b48378c17aab47a09ad71cb23340d9eae5adbbe657af0525e8e4733cf6b8fe74a77965c7a4f935574227bd612e0ccadf67619294a1479fffed3360931
expires: Tue, 26 Mar 2024 07:59:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
92 KB 69ms
67ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-995P0KWECH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a90bfdb54931140cd096808b5768e3dbadc7c210935e68defa2e14601dfce02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 07:59:19 GMT

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ 26 KB
26 KB 52ms
14ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c2ca504234f4e410f2dbb6c5d3017fca41595d2d62cab5718ea174e1ff108712

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:47:07 GMT
age: 732
x-guploader-uploadid: ABPtcPofzr5x-_JSMdd6FisDhdyZc1M0IzoZbD34WEUUw3epvp1MVQ5LxqYiivHkVDkmAV3l5xA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26458
last-modified: Mon, 25 Mar 2024 16:08:24 GMT
server: UploadServer
etag: "6cf588d7e13df20b07744d281855e8ca"
x-goog-generation: 1711382904967130
x-goog-hash: crc32c=cfXVDA==, md5=bPWI1+E98gsHdE0oGFXoyg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 26458
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 26 Mar 2024 08:47:07 GMT

GET
H3 200 ski-marrange-hp.jpg
image-tc.galaxy.tf/wijpeg-brblawb6lj346yrtzmop60aht/ 215 KB
216 KB 519ms
518ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-brblawb6lj346yrtzmop60aht/ski-marrange-hp.jpg?width=1350

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

100254706c48ebc0b3f8b0cd96c14e8900046af2286bd42a1af7db78e1627737

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: GQeVCGLc5V2BSdW02hSc_W8hQa_jOrXM
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 5a2cb96a37aeca3f9626798c4e9dab28.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 220118
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Sep 2023 14:46:29 GMT
server: cloudflare
etag: "114fbc01f6fc1674084637ae6c1579f9"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c5684971bb-FRA
x-amz-cf-id: Nj_LLCJesEV1-X3UYiXIKVb5-ue91EuNNRFgz4mpvvfrOgLAGf_rvg==

GET
H3 200 the-originals-hotels-banner-s1.jpg
image-tc.galaxy.tf/wijpeg-n7b1kmnc359rdzmyoapvr5v/ 114 KB
114 KB 506ms
503ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-n7b1kmnc359rdzmyoapvr5v/the-originals-hotels-banner-s1.jpg?rotate=0&crop=0%2C0%2C2000%2C1333&width=1350

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59467323e62eb5704df58d2cd337ebd15ede9387c6fb34f3ab88bdbf73cc1574

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: m5SJ3dW2C6cORi6J.yXjnKwJ7F.ql5ao
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 116466
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Jan 2023 20:41:58 GMT
server: cloudflare
etag: "8fbe16606e9061d97002488529415e0e"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c5684c71bb-FRA
x-amz-cf-id: g9szUlAlwoZ0WdLI-R2cR4glK8Ty8TFeOP7zYADGnE9dGM_EZZ4Vow==

GET
H3 200 ogh-business-hp.jpg
image-tc.galaxy.tf/wijpeg-8qfye6dh35valynr4snjximqq/ 104 KB
105 KB 517ms
514ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-8qfye6dh35valynr4snjximqq/ogh-business-hp.jpg?rotate=0&crop=0%2C267%2C2000%2C1068&width=1350

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

206a53791fda9270a3a93e5b0fd82d59230e87e028ff2a1f09c516a32de17bb6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: 5mC7CyGq5aUGicUaCL5A9Tol2Wk5u77A
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 106491
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Aug 2022 15:09:12 GMT
server: cloudflare
etag: "2377dbe3b6b06080323d594d8e87cc35"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c5684e71bb-FRA
x-amz-cf-id: e0EcH5JYq_O1XzZ6iS3wYAPOmL9CqSyGA0w8yOh_jV-Ql8-IlzrCEw==

GET
H3 200 newbrand-7416-chambre-montagne-pour-1-ou-2-personnes-4614_wide.jpg
image-tc.galaxy.tf/wijpeg-34p7861aanuxzdii5lr1k5any/ 165 KB
166 KB 468ms
465ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-34p7861aanuxzdii5lr1k5any/newbrand-7416-chambre-montagne-pour-1-ou-2-personnes-4614_wide.jpg?crop=0%2C105%2C2000%2C1125&width=1900

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f39ac2768dbe249c0f8cb05c4c461ea01c8de2a8530694b02294c18a16164dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: S8xRP7d7O8t6C671btnPGjdsCVCvF6xw
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 169315
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Aug 2022 14:02:29 GMT
server: cloudflare
etag: "5d7a0c38c2cb1752cb5698885324aac2"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 86a599c5685071bb-FRA
x-amz-cf-id: cwaSWiq6qqAoZTe_FOegx7mI-vZku_5BH-U6YWCoq7VYRi61X-Sm4w==

GET
H3 200 20-01-20facade-ouest-compressor_wide.jpg
image-tc.galaxy.tf/wijpeg-d3gmc2bj0w77y19wc8jc19nuz/ 318 KB
319 KB 526ms
523ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-d3gmc2bj0w77y19wc8jc19nuz/20-01-20facade-ouest-compressor_wide.jpg?crop=0%2C103%2C2000%2C1125&width=1900

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

715d75dba0e517d97ccfd66f3b3889f597518ad994fc33a37f86f03eef2246a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: eyH4CMi6x5.ldJPoCXkVjosdxIC_.n01
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 326001
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Jan 2024 13:08:40 GMT
server: cloudflare
etag: "9d27a4c5de0a741bca477a724d9a386e"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c5685171bb-FRA
x-amz-cf-id: S82ZgQOelgjscvYdWJDouyMhQjvf9AuKsZGuNwIEtkwYK8avUiPQhg==

GET
H3 200 newbrand-2109-fr-cheno-ve-exterieurs-1584_wide.png
image-tc.galaxy.tf/wipng-a7nz09u3bwigk00m9xyl69rnp/ 1 MB
1 MB 481ms
478ms Image
image/png 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-a7nz09u3bwigk00m9xyl69rnp/newbrand-2109-fr-cheno-ve-exterieurs-1584_wide.png?width=1900

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdcb5714b6b178b27799484ce2589a8a162c30d666e2ed9a26be009544ce693e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: jcMeZUSrI4agQmI8EUhvua6DfOPQ7JWH
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 ae80ccab7109b5d2f1c1ee784af203a6.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 1371063
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 27 Jun 2023 15:15:19 GMT
server: cloudflare
etag: "a91aef1e636598b55a49be83aa2a2065"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 86a599c5685471bb-FRA
x-amz-cf-id: Zj_STByCOVGSTi0fppxTniUJR3au6VkZ5LT40HXHm16XEb-t5Xo74Q==

GET
H3 200 unknown_wide.jpg
image-tc.galaxy.tf/wijpeg-asistth3d3igsybik0ucqi0mt/ 343 KB
344 KB 504ms
501ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-asistth3d3igsybik0ucqi0mt/unknown_wide.jpg?crop=0%2C104%2C2000%2C1125&width=1900

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8501994aaece87962065e8b562662c8ae19e20e1f6f888f15d25ab1cd31bf54a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: 1BPo01kEyqNqx8xDZR9ag4hpCaaCs_GL
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 351317
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 12:26:50 GMT
server: cloudflare
etag: "818a480ae70d3e848deaee7a7999f8ed"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c5685771bb-FRA
x-amz-cf-id: PnPk4fdJN78P1YTbriHzCn5UEJvAOALGN47x8ZtHzlBav0FVElJYHg==

GET
H3 200 the-originals-hotels-image00007_wide.jpg
image-tc.galaxy.tf/wijpeg-auody815iq2fb9k3n612dm6o2/ 472 KB
473 KB 443ms
441ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-auody815iq2fb9k3n612dm6o2/the-originals-hotels-image00007_wide.jpg?crop=0%2C105%2C2000%2C1125&width=1900

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd548187aed0d360d2750a222efa76239f494823e3b55a8e6106fa79fa465afb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: oyh7Az_6ktB6eAv0yNBjw_oEPPLp8FW6
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 483741
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Sep 2023 17:56:36 GMT
server: cloudflare
etag: "e436593cdcc7e954c1067667ef984fa1"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 86a599c5685871bb-FRA
x-amz-cf-id: ROYRJh8c3EmymKy6SHiv-hQAF2RXb5MBR7bktjS2iy2U03oQmghwSQ==

GET
H3 200 newbrand-6810-confort-double-178_wide.png
image-tc.galaxy.tf/wipng-3mqx42jisifhj0nx1nbdsuvsa/ 4 MB
4 MB 549ms
548ms Image
image/png 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-3mqx42jisifhj0nx1nbdsuvsa/newbrand-6810-confort-double-178_wide.png?width=1900

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83ed65eca784e7aa440eef01e213a884495097c676e0af8babc41e735e762590

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: ET3_WXpWkveWV2aJZyMLm6A0VTiRRzTl
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 3d95fd99ed5f07db9d464a35af433056.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 3981507
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Apr 2022 14:24:50 GMT
server: cloudflare
etag: "506b256ceb34dfd8f3e28684642df9dd"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c5685971bb-FRA
x-amz-cf-id: Y_fLD_fK26P72TZtUD_4bPUs-Mx2HCB-CKC7rFsZ8DZ-fYZNTervuw==

GET
H3 200 escapade_square.jpg
image-tc.galaxy.tf/wijpeg-5ko04ifg5v6pzgvr3t4pr3hpf/ 25 KB
25 KB 462ms
461ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-5ko04ifg5v6pzgvr3t4pr3hpf/escapade_square.jpg?crop=515%2C0%2C971%2C971&width=400

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

786710a43ba386718a74ea5967e843a2525ce88e688decd9c9b16094eea343e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: K9SIl4vOgghT.4z0n7THNxF8qFwvm1rc
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 25288
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 13:48:27 GMT
server: cloudflare
etag: "0f8b123c09ffd332fea10b1f8cf74183"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 86a599c5685a71bb-FRA
x-amz-cf-id: KMm23obFybLji0AF4FGknW8dp1iV0108Gk1R6CJj4zr-MPC_WLLxmg==

GET
H3 200 the-originals-open_square.jpg
image-tc.galaxy.tf/wijpeg-7u3e2g5z6ef9z0cgycasq3xy3/ 20 KB
21 KB 501ms
500ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-7u3e2g5z6ef9z0cgycasq3xy3/the-originals-open_square.jpg?crop=317%2C0%2C1267%2C1267&width=400

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0ca72855bccb6f512f0b4d586fff1326e70aacc8c5c6db9fc9d54b1ad5100e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: PdLswkGkBWxonOc_tjuIRhJR67OcrvJZ
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 5a2cb96a37aeca3f9626798c4e9dab28.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 20703
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 13:58:17 GMT
server: cloudflare
etag: "46a96e1c7fada32050e85dbcd3cdc315"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c5685b71bb-FRA
x-amz-cf-id: e5RJ-Vf9IfdbjUKsLF58XvGZuqb4rTk-jBPqaVXSlQhEyCHLleMlUw==

GET
H3 200 work_square.jpg
image-tc.galaxy.tf/wijpeg-cag4o5i7lj3kd13n2jv3uynvl/ 31 KB
32 KB 464ms
463ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-cag4o5i7lj3kd13n2jv3uynvl/work_square.jpg?crop=0%2C334%2C1333%2C1333&width=400

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cafa8479c20e99a0221fd66e4e965ac1b9cea481215d5fdc754552afbcc3c984

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: c59imyQlL2p5NVWS93hW9jK.QXhS_x5U
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 32025
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 13:58:17 GMT
server: cloudflare
etag: "50b082914b7710cfec0ddff9d539b2f0"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 86a599c5685c71bb-FRA
x-amz-cf-id: gJQ8v6FUD8rFFc8Ol6XbgE4YoPR-ikkcEA1-L2Q25ssPI6b952RcjQ==

GET
H3 200 offre-pdj_square.jpg
image-tc.galaxy.tf/wijpeg-c2cp4slihvtgkbrb64qmgaqku/ 38 KB
38 KB 504ms
504ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-c2cp4slihvtgkbrb64qmgaqku/offre-pdj_square.jpg?crop=334%2C0%2C1333%2C1333&width=400

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e3beeb0e5c24923c028f88f388da8994feacf5f17e1aea1595fd9fc1a27cfb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: NVlAQS8VHlq.vb_3rr8dXhUIo4M6q_yo
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 6c21a88f98dc05bf345d31b96407e6d0.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 38625
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 13:48:26 GMT
server: cloudflare
etag: "89f4bb7909121e9121f9659829884783"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c5685d71bb-FRA
x-amz-cf-id: xOnslLLEBzhYzPSe7up4Id5W3WfeqG040b4rkXikVHXofXVgSxPuUw==

GET
H3 200 pablo-merchan-montes-772142-unsplash_square.jpg
image-tc.galaxy.tf/wijpeg-3tuqud7pczd40mvlf6lsbn7t0/ 22 KB
22 KB 569ms
568ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-3tuqud7pczd40mvlf6lsbn7t0/pablo-merchan-montes-772142-unsplash_square.jpg?crop=334%2C0%2C1333%2C1333&width=400

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a783d0b675cefc35dfc26d67dbc148a70e05d9cbbe6375ce9966959e07e075

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: MGKjC1XOvOMMzP3HaJocqyGHfyhTcDm0
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 43b9d5592d1dc6a44adc7ebaaf183280.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 22307
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 13:48:27 GMT
server: cloudflare
etag: "9981b49ded3879b0fc66b779726ac26f"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c5685e71bb-FRA
x-amz-cf-id: 2Owasnsbe9XUA32XPE1c5Ah8Y-o1dr8ojX3sHp0pQdGto7zklq0g3g==

GET
H3 200 offre-souplesse_square.jpg
image-tc.galaxy.tf/wijpeg-3bb18a0aaf0773v1lx20i5pow/ 22 KB
23 KB 463ms
462ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-3bb18a0aaf0773v1lx20i5pow/offre-souplesse_square.jpg?crop=200%2C0%2C1200%2C1200&width=400

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d142b814249d4394bfe54ac9a0bec8eed5f5f5e8fdc8dc1e3792bbf72464de3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: FPWeGhcINZCDo73TXWkVZOftFLUurz0z
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 23028
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 13:49:41 GMT
server: cloudflare
etag: "56f8bb140b6b986170b049d01b2939fb"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 86a599c5685f71bb-FRA
x-amz-cf-id: S8eUR5H9QEJ0Rl3-KaAC8Jm_cFFkD8Z_IPZgGr9d6ZYFWmuEIz1VxA==

GET
H3 200 wine_standard.jpg
image-tc.galaxy.tf/wijpeg-h8fph0gnu8i604khtmdxv2qb/ 23 KB
24 KB 469ms
469ms Image
image/jpeg 104.17.184.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-h8fph0gnu8i604khtmdxv2qb/wine_standard.jpg?crop=9%2C0%2C533%2C400&width=700

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.184.58 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

465134a2a0a082ad66519bf5ed03e901e079f9a59f6530a9da9a98954540b60d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
x-amz-version-id: va5xlryFprCT8t9Z.RUnMgwNBu8umyxI
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 6c21a88f98dc05bf345d31b96407e6d0.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 23533
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Apr 2023 09:05:40 GMT
server: cloudflare
etag: "8c10ce456594ed33b9b76001ded71bf2"
x-frame-options: DENY
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
cf-ray: 86a599c5686071bb-FRA
x-amz-cf-id: FajmlNXqUd0utBjLKg2DD8axOaA2ZMMFFIYC8bYMmIC1N5V6rcQZwA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 48ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3R5SJEDWK4&gtm=45je43p0v888369804z8830021505za200&_p=1711439959578&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1051767017.1711439960&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&sid=1711439959&sct=1&seg=0&dt=The%20Originals%20Hotels%20%26%20Resorts%2C%20une%20cha%C3%AEne%20d%E2%80%99h%C3%B4tels%20pour%20tous%20les%20go%C3%BBts.&en=page_view&_fv=1&_nsi=1&_ss=1&ep.hotel_name=The%20Originals%20Hotels&ep.hotel_id=0&ep.hotel_bid=863971&ep.hotel_brand_name=The%20Originals%20Hotels&ep.hotel_chain_id=not_applicable&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_sub_brand_name=not_applicable&ep.hotel_booking_engine=None&ep.page_has_tvs=no&ep.page_language=fr&ep.page_section=group_property-&ep.page_subsection=homepage&ep.site_cms=galaxy&ep.site_galaxy_product=custom&ep.site_tvs=tvs_yes&ep.hotel_property_type=group_property&ep.hotel_star_rating=not_applicable&ep.hotel_room_types_count=not_applicable&epn.site_number_of_languages=5&ep.site_global_product=web&ep.page_content_group=acquisition&epn.hotel_brands_count=648&ep.hotel_gms_type=not_applicable&ep.hotel_has_gms=yes&ep.page_tvs_videos_count=0&ep.site_be_config_enhancements=not_applicable&ep.site_be_design_features_desktop_calendar=not_applicable&ep.site_be_design_features_enhancements_layout=not_applicable&ep.site_be_design_features_lead_rate=not_applicable&ep.site_be_design_features_prices_by=not_applicable&ep.site_be_design_features_results_filter=not_applicable&ep.site_be_design_features_results_grid_type=not_applicable&ep.item_type=brand&up.user_logged_in=no&tfd=1806
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 791309949334222 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 10ms
10ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/791309949334222?v=2.9.150&r=stable&domain=www.theoriginalshotels.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101%2C178%2C177%2C179%2C184%2C185%2C186%2C182%2C174%2C117%2C119%2C173%2C175%2C108%2C139%2C130%2C134%2C114%2C169%2C209%2C145%2C102%2C112%2C210%2C147%2C106%2C128%2C121%2C109

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

d97087adfc2c02852f40461d3bdd714203751104ad14ee54c273761534243213

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Mar 2024 07:59:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2615
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=29, mss=1232, tbw=11725, tp=19, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: qQRhaj3Zrz0el5qa9feaPtHKdxFbaYx/rUhpEKOVrZY4qvH3mhNBzE9SDicx71b6oYuP1Mhsbw6VvU/t+BkEkA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 7ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=636014493475340&ev=PageView&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&rl=&if=false&ts=1711439959937&sw=800&sh=600&v=2.9.150&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1711439959694.793771381&cs_est=true&ler=empty&cdl=API_unavailable&it=1711439959666&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=3117, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Mar 2024 07:59:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 main.cb6ceab7.js Show response
s.pinimg.com/ct/lib/ 64 KB
18 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:89b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.cb6ceab7.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:89b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3b4f2e1b70a9ab8aef23d65cc1b072b5eb6eba4979f6575c64771256e260409d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "df5cf5cb5de352dc30a944e95eca73e1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18542

GET
H/1.1

200
OK

dispatch.fcgi
activationtheoriginals.solution.weborama.fr/fcgi-bin/ Frame 241C
Redirect Chain

https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=co&a.si=9771&a.cp=2&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshote...
https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=416587&a.A=co&a.si=9771&a.cp=2&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//...

0
0

28ms
27ms

Document
text/html

195.54.48.25
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to

Full URL: https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=416587&a.A=co&a.si=9771&a.cp=2&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshotels.com/&a.opt=N1%3A0%2CN2%3A0%2CN3%3A0
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_conversion.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.54.48.25 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: aub-collect-lb-c03-01-vip.weborama.fr
Software: Apache /
Resource Hash

Request headers

Referer: https://www.theoriginalshotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
attribution-reporting-register-trigger: {"debug_reporting":true,"event_trigger_data":[{"trigger_data":"1"}],"aggregatable_trigger_data":[{"key_piece":"0x12345678","source_keys":["a_c","a"]}],"debug_key":"1711439960","aggregatable_values":{"a":30000,"a_c":19}}
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html
date: Tue, 26 Mar 2024 07:59:20 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 26 Mar 2024 07:59:20 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma: no-cache
server: Apache
transfer-encoding: chunked
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
date: Tue, 26 Mar 2024 07:59:20 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 26 Mar 2024 07:59:20 GMT
location: https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=416587&a.A=co&a.si=9771&a.cp=2&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshotels.com/&a.opt=N1%3A0%2CN2%3A0%2CN3%3A0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma: no-cache
server: Apache
transfer-encoding: chunked

GET
H/1.1

200
OK

dispatch.fcgi
activationtheoriginals.solution.weborama.fr/fcgi-bin/ Frame 76E2
Redirect Chain

https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=co&a.si=9771&a.cp=5&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshote...
https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=485935&a.A=co&a.si=9771&a.cp=5&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//...

0
0

28ms
28ms

Document
text/html

195.54.48.25
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to

Full URL: https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=485935&a.A=co&a.si=9771&a.cp=5&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshotels.com/&a.opt=N1%3A0%2CN2%3A0%2CN3%3A0
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_conversion.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.54.48.25 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: aub-collect-lb-c03-01-vip.weborama.fr
Software: Apache /
Resource Hash

Request headers

Referer: https://www.theoriginalshotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
attribution-reporting-register-trigger: {"debug_reporting":true,"event_trigger_data":[{"trigger_data":"1"}],"aggregatable_trigger_data":[{"key_piece":"0x12345678","source_keys":["a_c","a"]}],"debug_key":"1711439960","aggregatable_values":{"a":60000,"a_c":19}}
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html
date: Tue, 26 Mar 2024 07:59:20 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 26 Mar 2024 07:59:20 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma: no-cache
server: Apache
transfer-encoding: chunked
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
date: Tue, 26 Mar 2024 07:59:20 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 26 Mar 2024 07:59:20 GMT
location: https://activationtheoriginals.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=485935&a.A=co&a.si=9771&a.cp=5&a.ct=b&gdpr_cmp_failure=1&a.re=0.0&a.isc=0&da=1711443559&g.ru=&g.pu=https%3A//www.theoriginalshotels.com/&a.opt=N1%3A0%2CN2%3A0%2CN3%3A0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma: no-cache
server: Apache
transfer-encoding: chunked

GET 141.html
static.sojern.com/cip/c/ Frame 179A 0
0

GET
H2 200 sojern.min.js Show response
static.sojern.com/sdk/latest/ 169 KB
169 KB 16ms
16ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/sdk/latest/sojern.min.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/utils/sjrn_autocx.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fa41cdcaf5b7f38d0737a760ef47eda638f80fe67c28584bb14fe3bd46e1d4d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:07:36 GMT
age: 3104
x-guploader-uploadid: ABPtcPrFHNs5ln3s1OhKEhVbTIuEYiMzh52YfpbCDMRah2U15JppCd-Fl45hz2jedG8vOWjWHEo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172853
last-modified: Tue, 12 Mar 2024 09:26:33 GMT
server: UploadServer
etag: "363c450933a0f5cf5c3665a780d7f501"
x-goog-generation: 1710235593857243
x-goog-hash: crc32c=gh1cYQ==, md5=NjxFCTOg9c9cNmWngNf1AQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 172853
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 26 Mar 2024 08:07:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
215 B 43ms
43ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1571966043&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=The%20Originals%20Hotels%20%26%20Resorts%2C%20une%20cha%C3%AEne%20d%E2%80%99h%C3%B4tels%20pour%20tous%20les%20go%C3%BBts.&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAEK~&jid=271983280&gjid=32296601&cid=1051767017.1711439960&tid=UA-162681275-1&_gid=462984694.1711439960&_r=1&_slc=1&gtm=45He43p0n81TL2MM4Bv830021505za200&cg1=web&cg2=group_property-&cg3=group_property&cd1=863971&cd2=not_applicable&cd3=The%20Originals%20Hotels&cd4=not_applicable&cd5=0&cd6=The%20Originals%20Hotels&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd12=galaxy&cd13=custom&cd19=tvs_yes&cd20=None&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=5&cd25=fr&cd26=web&cd27=group_property-&cd28=homepage&cd29=acquisition&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.theoriginalshotels.com%2F&cd39=not_applicable&cd40=theoriginalshotels.com&cd41=GTM-TL2MM4B&cd42=75&cd55=648&cd56=0&cd57=not_applicable&cd58=yes&cd59=0&cd60=not_applicable&cd61=not_applicable&cd62=not_applicable&cd63=not_applicable&cd64=not_applicable&cd65=not_applicable&cd66=not_applicable&cd67=brand&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=799840259

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 42ms
42ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CLXxg9e6kYUDFS1LkQUdG30F9Q;src=8741099;type=websi971;cat=sehho123;ord=1;num=7249346133269;npa=1;auiddc=771762410.1711439960;u9=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.63...
8741099.fls.doubleclick.net/ Frame 3D9A
Redirect Chain

https://8741099.fls.doubleclick.net/activityi;src=8741099;type=websi971;cat=sehho123;ord=1;num=7249346133269;npa=1;auiddc=771762410.1711439960;u9=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0....
https://8741099.fls.doubleclick.net/activityi;dc_pre=CLXxg9e6kYUDFS1LkQUdG30F9Q;src=8741099;type=websi971;cat=sehho123;ord=1;num=7249346133269;npa=1;auiddc=771762410.1711439960;u9=%2F;uaa=x86;uab=6...

0
0

71ms
70ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8741099.fls.doubleclick.net/activityi;dc_pre=CLXxg9e6kYUDFS1LkQUdG30F9Q;src=8741099;type=websi971;cat=sehho123;ord=1;num=7249346133269;npa=1;auiddc=771762410.1711439960;u9=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43p0v9135073673z8810182064za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8741099&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 406
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Mar 2024 07:59:20 GMT
expires: Tue, 26 Mar 2024 07:59:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Mar 2024 07:59:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8741099.fls.doubleclick.net/activityi;dc_pre=CLXxg9e6kYUDFS1LkQUdG30F9Q;src=8741099;type=websi971;cat=sehho123;ord=1;num=7249346133269;npa=1;auiddc=771762410.1711439960;u9=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43p0v9135073673z8810182064za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 24ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-995P0KWECH&gtm=45je43p0v9100489194z8810182064za200&_p=1711439959578&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1051767017.1711439960&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&sid=1711439960&sct=1&seg=0&dt=The%20Originals%20Hotels%20%26%20Resorts%2C%20une%20cha%C3%AEne%20d%E2%80%99h%C3%B4tels%20pour%20tous%20les%20go%C3%BBts.&en=page_view&_fv=1&_ss=1&ep.page_subsection=homepage&ep.page_language=fr&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_brand_name=not_applicable&ep.hotel_id=0&ep.hotel_name=The%20Originals%20Hotels&up.user_logged_in_session=no&tfd=2000
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 126ms
19ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-995P0KWECH&cid=1051767017.1711439960&gtm=45je43p0v9100489194z8810182064za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 155ms
47ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-995P0KWECH&cid=1051767017.1711439960&gtm=45je43p0v9100489194z8810182064za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1120952445

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tcs Show response
u.logbor.com/ 12 KB
2 KB 26ms
26ms Script
text/javascript 89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/tcs?cxid=2631&cu=https%3A%2F%2Fwww.theoriginalshotels.com%2F&d_productID=undefined&d_cartProductsID=

Requested by

Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2631&n=__dot

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Saint-Ouen, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx /

Resource Hash

02230c4ad751287957603a33f0e0bd118bf04d76571db15cad5bcbbc6fc0f2d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 07:59:20 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx
ETag: W/"2fbc-yhl2SJFU8yhTsbKyTSQZxBA3Y58"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 7ms
7ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=791309949334222&ev=PageView&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2F&rl=&if=false&ts=1711439960150&sw=800&sh=600&v=2.9.150&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1711439959694.793771381&ler=empty&cdl=API_unavailable&it=1711439959666&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4607, tp=11, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Mar 2024 07:59:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
356 B 99ms
18ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-129815972-1&cid=1051767017.1711439960&jid=705230852&gjid=291145982&_gid=462984694.1711439960&npa=1&_u=YCDACEABBAAAACAEK~&z=1935669135

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 26 Mar 2024 07:59:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 302 B
628 B 108ms
32ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613355718441&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1711439960153&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.cb6ceab7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8e63336037bea50c9887beee711d5776ac0906b701a435ba6a002caf1a724b91

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 3121583993777592
content-length: 175
pin-unauth: dWlkPVptVXdOREUxTlRFdE9UUTJaUzAwTmpVMExUazNZVGd0TVdObU1tUTJZMll3TkdFeQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theoriginalshotels.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: e55cd6245ba0a9b4bc845e73c8628057727dd4c8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1696506&seg=34036556&order_id=&value=&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1696506%26seg%3D34036556%26order_id%3D%26value%3D%26t%3D1

0
1 KB

14ms
14ms

Script
application/javascript

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1696506%26seg%3D34036556%26order_id%3D%26value%3D%26t%3D1

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
an-x-request-uuid: da84395d-d4dc-476b-b763-003a8638bfb2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.144; 185.213.155.144; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
an-x-request-uuid: 2bd1b5a8-b8a6-4abb-879a-a37c071a7bbb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1696506%26seg%3D34036556%26order_id%3D%26value%3D%26t%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.144; 185.213.155.144; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 arzG4W7qdJz653EbJ8bM
tag.zebestof.com/rendered-tags/ 0
0 54ms
20ms Fetch 13.39.154.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.zebestof.com/rendered-tags/arzG4W7qdJz653EbJ8bM
Requested by: Host: tag.zebestof.com
URL: https://tag.zebestof.com/render/1239
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.39.154.38 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-39-154-38.eu-west-3.compute.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: https://www.theoriginalshotels.com
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Max-Age, Access-Control-Expose-Headers
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 107ms
33ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2613355718441&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A600%2C%22sw%22%3A800%2C%22mh%22%3A%22cb6ceab7%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.58%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1711439960156
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.cb6ceab7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://www.theoriginalshotels.com
pinterest-version: e55cd6245ba0a9b4bc845e73c8628057727dd4c8
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1428524446918593
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MWIzOGRhOGZjMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 405 KB
108 KB 18ms
18ms Script
application/javascript 104.126.37.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CL903P3C77U9OLIO9TU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0bee0635d9e5651aa359c5c8e8e5a926aadf07935d2561abcde8d6c849c2cb6a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 53d0c55e
date: Tue, 26 Mar 2024 07:59:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024031810101609A6145DBFCF01F85002
x-tt-trace-id: 00-24031810101609A6145DBFCF01F85002-1B63585D8A067032-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4-55034233) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ad4a779f5e106d958bf037e5f087a7b27b55b7428c5cbbe7e0ee7c0dfefa0ac157f610cdf3caca8fc871975f96b136877605065570c714305d694733f1c531a5cdba1d4095362b838722133cd62883d01f1c8372a8001f95e894a94d38d764f5
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
content-length: 109524

GET
H2 200 config Show response
pixel.sojern.com/sdk/container/id/141/ 833 B
1 KB 89ms
20ms Fetch
application/json 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/sdk/container/id/141/config
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/sdk/latest/sojern.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 3a26fca1708338b5e81856074f773ebfe7e1415385179a871b7f56e5eefca462

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 833
expires: 0

GET
H2 200 retar.php Show response
vu.adschoom.com/trafic/ 961 B
836 B 95ms
22ms Script
text/javascript 95.131.137.7
OXALIDE

General

Check archive.org

Show headers Download Go to

Full URL: https://vu.adschoom.com/trafic/retar.php?boutique={1883}&type=HOME&topfr=https://www.theoriginalshotels.com/&topfr2=
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.137.7 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: not.updated.oxalide.net
Software: nginx /
Resource Hash: 6d3c9446ea12497ec7d965c368058c1a33f823623c2b0cdacf812ca7accbfb31

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
content-encoding: gzip
server: nginx
x-backend: 01.adm
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sat, 16 Mar 2024 08:59:20 GMT

GET
H2 200 pixel Show response
ads.creative-serving.com/ 933 B
1 KB 88ms
19ms Script
text/javascript 35.214.241.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.creative-serving.com/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home
Requested by: Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2631&n=__dot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.241.248 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 248.241.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 864f4266919527f9e1b77c5efa6c0fa16cf349301f6aadbf49d07772c05957fd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 933
content-type: text/javascript

GET

retarget
hal9000.redintelligence.net/ Frame 030C
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=48575&version=1
https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

0
0

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
31 KB

114ms
26ms

Script
application/javascript

37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2024 07:02:31 GMT
server: nginx
x-amz-request-id: tx00000cb0a74798aa33860-0066014733-32974d05-default
etag: W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Tue, 26 Mar 2024 07:59:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H/1.1

200
OK

retarget
ad.ad-srv.net/ Frame FE13
Redirect Chain

https://ad.ad-srv.net/retarget?a=52995&version=1
https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

0
0

66ms
45ms

Document
text/html

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
Requested by: Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2631&n=__dot
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Referer: https://www.theoriginalshotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 457
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Mar 2024 07:59:20 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Mar 2024 07:59:20 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: ?a=52995&version=1&redirected=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK LAL.d Show response
js.cookieless-data.com/ 3 KB
2 KB 85ms
29ms Script
text/javascript 51.158.28.82
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/LAL.d?pa=22425&u=https%3A%2F%2Fwww.theoriginalshotels.com%2F&r=&cat_name=CATEGORY_NAME

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

online-prod.ipsfailover.com

Software

nginx/1.20.2 /

Resource Hash

b773078f6080e35a4edc5c66536ecb78982fcd8411414273924d300f45563ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 26 Mar 2024 07:59:20 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx/1.20.2
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2 200 seg Show response
secure.adnxs.com/ 0
1 KB 35ms
35ms Script
application/javascript 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=11906172&t=1

Requested by

Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2631&n=__dot

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
an-x-request-uuid: 25243d10-647b-4147-84ac-c4469cd88f72
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.144; 185.213.155.144; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 identify_05ea2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 67ms
67ms Script
application/javascript 104.126.37.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_05ea2.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 53d0c733
date: Tue, 26 Mar 2024 07:59:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202403141341523ED2893F305478093D71
x-tt-trace-id: 00-2403141341523ED2893F305478093D71-2AA964AE77C7B5FC-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4-55034233) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01215efb9e0067f56dc388fd9e6f52d0c1a63f9d74f8863ef9bdab8c402a9b06c28a8538e12e526d8f5f074ce89dc9341609ddc9e8ce8ef6e9430c6ea75f3d78fb11eb4cb9d46290dea063a46841042b81eab4d03a45e8ca3697f6ffcf5232029d
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length: 37172

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
848 B 162ms
162ms Ping
text/plain 104.126.37.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 24cda5a2.53d0c7d6
date: Tue, 26 Mar 2024 07:59:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240326075920DF2C303A07FAEBCCEB7D-447390B64BB77F40-00
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4-55034233) (-)
x-parent-response-time: 107,104.126.37.140
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=25, inner; dur=21
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240326075920DF2C303A07FAEBCCEB7D
x-cache-remote: TCP_MISS from a23-48-249-145.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,23.48.249.145
x-tt-trace-host: 019386ff562f79de540fc98f6031305ad24be8d6ad0426b69e5651833b680105aa8222ec1b960fd424d93a3a6abe73530c0ef9db3d7c87145b959d33d63e883c30755cd93b586ed16262060f88078935f15b75d99722dd274c97998d28b5ab5310b32c729a958908bd80e483696bd3ce57
access-control-allow-headers: Authorization,*
expires: Tue, 26 Mar 2024 07:59:20 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 125ms
50ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-129815972-1&cid=1051767017.1711439960&jid=705230852&npa=1&_u=YCDACEABBAAAACAEK~&z=55082947

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f196.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 47ms
47ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-129815972-1&cid=1051767017.1711439960&jid=705230852&npa=1&_u=YCDACEABBAAAACAEK~&z=55082947

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 config Show response
pixel.sojern.com/static/config/sdk/container/141/ 168 B
197 B 31ms
15ms Fetch
application/json 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/static/config/sdk/container/141/config
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/sdk/latest/sojern.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b1aca045cb9ee1179093fdf38ba786a679cc83449d46b8324a748d5a8bbf16e2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:43:45 GMT
age: 935
x-guploader-uploadid: ABPtcPr8sKy2mKzjNfJChjkBystIaVnse42DHxzcgMwNHyebb5nBfaer2cEZcgiSI8vGbYV7D8SWQy_ABg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168
last-modified: Thu, 15 Feb 2024 15:29:44 GMT
server: UploadServer
etag: "d140e611baa62395853b552bde56ebd1"
x-goog-generation: 1708010984652191
x-goog-hash: crc32c=LbmzWQ==, md5=0UDmEbqmI5WFO1Ur3lbr0Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 168
accept-ranges: bytes
content-type: application/json
expires: Tue, 26 Mar 2024 08:43:45 GMT

GET
H2 200 track Show response
pixel.sojern.com/sdk/container/id/141/ 819 B
984 B 22ms
21ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/sdk/container/id/141/track?et=home_page&vid=hotel&domain=https%3A%2F%2Fwww.theoriginalshotels.com%2F&ccid=f05io-kgqw6-hh1qs-x4fw8-5vte6%7C1051767017.1711439960&s=sdk%7Cccid_auto%7Cccid_ga%7Ciframe%3Dfalse&id=141&location=https%3A%2F%2Fwww.theoriginalshotels.com%2F&l=en-US&version=0.2.5
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/sdk/latest/sojern.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 960df7fc42a4621fd301a07e685b48340f6aa1ececada9f09845a8e94e7acdfb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 819

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 137ms
45ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=MTgxNDBjZTUtODRkYi0xN2U5LTM1MmItNmFhYTI5MGVmZDk2&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0BMFBvnwLijyfY0Wr_arDp9iDpXE60ZpS2-iuBjQnhEl8fXQdlGEfojc_3sG1vUj&sjrn_ula=8467697795

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 138ms
46ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=MTgxNDBjZTUtODRkYi0xN2U5LTM1MmItNmFhYTI5MGVmZDk2&google_nid=sojern_adh

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0BMFBvnwLijyfY0Wr_arDp9iDpXE60ZpS2-iuBjQnhEl8fXQdlGEfojc_3sG1vUj
https://pixel.sojern.com/idsync/apn?id=4981476164057538149&sjrn_id=0BMFBvnwLijyfY0Wr_arDp9iDpXE60ZpS2-iuBjQnhEl8fXQdlGEfojc_3sG1vUj

42 B
266 B

21ms
21ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=4981476164057538149&sjrn_id=0BMFBvnwLijyfY0Wr_arDp9iDpXE60ZpS2-iuBjQnhEl8fXQdlGEfojc_3sG1vUj
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
an-x-request-uuid: 2469a967-cdcb-4414-9e5c-f347c4262e64
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=4981476164057538149&sjrn_id=0BMFBvnwLijyfY0Wr_arDp9iDpXE60ZpS2-iuBjQnhEl8fXQdlGEfojc_3sG1vUj
x-proxy-origin: 185.213.155.144; 185.213.155.144; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
148 B 39ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0BMFBvnwLijyfY0Wr_arDp9iDpXE60ZpS2-iuBjQnhEl8fXQdlGEfojc_3sG1vUj&ttd_tpi=1
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:59:20 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

202

adf
pixel.sojern.com/idsync/
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=18140ce5-84db-17e9-352b-6aaa290efd96&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=18140ce5-84db-17e9-352b-6aaa290efd96&party=1296
https://pixel.sojern.com/idsync/adf?adfid=3545773716518266710&cid=18140ce5-84db-17e9-352b-6aaa290efd96

0
14 B

20ms
20ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=3545773716518266710&cid=18140ce5-84db-17e9-352b-6aaa290efd96
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Mar 2024 07:59:20 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=3545773716518266710&cid=18140ce5-84db-17e9-352b-6aaa290efd96
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 retar_js.php Show response
vu.adschoom.com/trafic/ 8 B
301 B 41ms
41ms Script
text/javascript 95.131.137.7
OXALIDE

General

Check archive.org

Show headers Download Go to

Full URL: https://vu.adschoom.com/trafic/retar_js.php?type=HOME&boutique={1883}&categorie_id=&produit_id=&data=&transaction_id=0&transaction_amount=0&valid=1&rid_tt=&refer=https%3A//www.theoriginalshotels.com/&refer2=&shopf=false&random=370224206
Requested by: Host: vu.adschoom.com
URL: https://vu.adschoom.com/trafic/retar.php?boutique={1883}&type=HOME&topfr=https://www.theoriginalshotels.com/&topfr2=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.137.7 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: not.updated.oxalide.net
Software: nginx /
Resource Hash: 45336bf2c27960347588ebaedc466e533d74cb661ed98b7d8b45c27a54e0e596

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
server: nginx
x-backend: 01.adm
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 8
expires: Sat, 16 Mar 2024 08:59:20 GMT

GET
H3

200

src=13796265;dc_pre=CIvslte6kYUDFS8bogMdCqkBiQ;type=sales;cat=ifram0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=13796265;type=sales;cat=ifram0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSE...
https://ad.doubleclick.net/ddm/activity/src=13796265;dc_pre=CIvslte6kYUDFS8bogMdCqkBiQ;type=sales;cat=ifram0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BG...
https://adservice.google.com/ddm/fls/z/src=13796265;dc_pre=CIvslte6kYUDFS8bogMdCqkBiQ;type=sales;cat=ifram0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGD...

42 B
63 B

148ms
70ms

Image
image/gif

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=13796265;dc_pre=CIvslte6kYUDFS8bogMdCqkBiQ;type=sales;cat=ifram0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theoriginalshotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 26 Mar 2024 07:59:20 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"12895600210758287287"}],"aggregatable_trigger_data":[{"filters":{"14":["16430482"]},"key_piece":"0x15793af7423a40a0","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x49bf4e6500b652f0","not_filters":{"14":["16430482"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["16430482"]},"key_piece":"0xca57da2543885dc","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xb24d1e2674b839d9","not_filters":{"14":["16430482"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"150587205845931416","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"12895600210758287287","filters":{"14":["16430482"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"12895600210758287287","filters":{"14":["16430482"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"12895600210758287287","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"12895600210758287287","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["13796265"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=13796265;dc_pre=CIvslte6kYUDFS8bogMdCqkBiQ;type=sales;cat=ifram0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 104 B
820 B 22ms
22ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=493562888597&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVyZT4iLCJpZCI6IjxpbnNlcnQgb3JkZXIgaWQgdmFsdWUgaGVyZT4ifQ&loc=https%3A%2F%2Fwww.theoriginalshotels.com%2F&Set1=en-US%7Cen-US%7C800x600%7C24

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

093554855150e5e313e6d83dff1cbfc374b2842efefce4679064e09fc184dfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 07:59:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 179
expires: -1

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
844 B 149ms
149ms Ping
text/plain 104.126.37.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.theoriginalshotels.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ff43cef1.53d0cada
date: Tue, 26 Mar 2024 07:59:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403260759205A56A7526FC90CB5F3E9-5667819FA78711B3-00
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4-55034233) (-)
x-parent-response-time: 107,104.126.37.140
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=19, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202403260759205A56A7526FC90CB5F3E9
x-cache-remote: TCP_MISS from a23-220-106-203.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.220.106.203
x-tt-trace-host: 019386ff562f79de540fc98f6031305ad24be8d6ad0426b69e5651833b680105aa583cd53261b33fc1f3d73a36fe7651e821cdb7ff282194f862f6947624cc81ffa144380503801aa05c1216ca29af4826fa6c8cd51fe8da3adf6542a0e4a495d825401e2aa03d60f5e6eb276461f1c38e
access-control-allow-headers: Authorization,*
expires: Tue, 26 Mar 2024 07:59:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.sojern.com
URL: https://static.sojern.com/cip/c/141.html?version=5&auto_url=https%3A%2F%2Fwww.theoriginalshotels.com%2F&auto_ccid=f05io-kgqw6-hh1qs-x4fw8-5vte6&auto_ga=1051767017.1711439960&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=1600x1113&tz=-60&hpid=&pt=HOME_PAGE&et=

Domain: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.theoriginalshotels.com/	1969-12-31 23:59:59	Name: loginpromo Value: appeared
www.theoriginalshotels.com/	1970-01-20 20:07:11	Name: galaxy-has-visited Value: 1
.theoriginalshotels.com/	1970-01-20 21:33:35	Name: _fbp Value: fb.1.1711439959694.793771381
www.theoriginalshotels.com/	1970-01-20 19:24:01	Name: galaxy-session-cookie-fr Value: true
.www.theoriginalshotels.com/	1970-01-21 04:09:35	Name: cf_clearance Value: PmwLUNc017zChVutvB6ZM1AdQl_Qz61K8koNpSsTbUU-1711439959-1.0.1.1-_RjOs0fGu9sjK4UeSDcjCdb1idInFj_xN1DZ8aRNJpeXwv3qmKxMmJiRHrVorkB2Uk_3XSaYm9eM3nJy0sRdew
.theoriginalshotels.com/	1970-01-20 21:33:35	Name: _gcl_au Value: 1.1.771762410.1711439960
.theoriginalshotels.com/	1970-01-21 04:59:59	Name: _ga_3R5SJEDWK4 Value: GS1.1.1711439959.1.0.1711439959.0.0.0
.weborama.fr/	1970-01-21 04:49:55	Name: AFFICHE_W Value: RzXHu5pVlAJH48
.theoriginalshotels.com/	1970-01-20 19:25:26	Name: _gid Value: GA1.2.462984694.1711439960
.theoriginalshotels.com/	1970-01-20 19:24:00	Name: _gat_tct Value: 1
.tiktok.com/	1970-01-21 04:45:35	Name: _ttp Value: 2eDX84vpNv6qXKEPFne1E60c5T8
.theoriginalshotels.com/	1970-01-20 19:24:00	Name: _gat_UA-129815972-1 Value: 1
activationtheoriginals.solution.weborama.fr/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.adnxs.com/	1970-01-21 04:59:59	Name: receive-cookie-deprecation Value: 1
.theoriginalshotels.com/	1970-01-21 04:59:59	Name: _ga_995P0KWECH Value: GS1.1.1711439960.1.0.1711439960.60.0.0
.theoriginalshotels.com/	1970-01-21 04:59:59	Name: _ga Value: GA1.1.1051767017.1711439960
.doubleclick.net/	1970-01-20 23:43:11	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:33:35	Name: XANDR_PANID Value: vBtE69nZMgasBpr4-pV-3bMR1fv4TeNbnL_974sknLW89fOfnbD-HQt0Tg65vZqiKrQe-Owms0-AjoCd-Igk4X-SuOqvaqSJq5GHP3SgI6Y.
.adnxs.com/	1970-01-20 21:33:35	Name: uuid2 Value: 4981476164057538149
.adnxs.com/	1970-01-20 21:33:35	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GU^IUWE+!@wnf-Te9(>wL5L!!'2P$WM.?
.pinterest.com/	1970-01-21 04:09:35	Name: ar_debug Value: 1
.theoriginalshotels.com/	1970-01-21 04:45:35	Name: _tt_enable_cookie Value: 1
.theoriginalshotels.com/	1970-01-21 04:45:35	Name: _ttp Value: GBvBvA1dZBxJ2dS0W4aqpxC5UWH
.theoriginalshotels.com/	1970-01-21 04:09:35	Name: _pin_unauth Value: dWlkPVptVXdOREUxTlRFdE9UUTJaUzAwTmpVMExUazNZVGd0TVdObU1tUTJZMll3TkdFeQ
.ad-srv.net/	1970-01-20 21:33:35	Name: kdb0xdq3ls8m_uid Value: 34fd4e560bdd95ef
.creative-serving.com/	1970-01-21 04:02:23	Name: tuuid Value: c9949e0c-01d9-409a-b9d0-29ced419d3b2
.creative-serving.com/	1970-01-21 04:02:23	Name: c Value: 1711439960
.creative-serving.com/	1970-01-21 04:02:23	Name: tuuid_lu Value: 1711439960
.sojern.com/	1970-01-21 04:09:35	Name: cid Value: 18140ce5-84db-17e9-352b-6aaa290efd96#1711411200000
.sojern.com/	1970-01-20 21:33:35	Name: apnid Value: 4981476164057538149
.doubleclick.net/	1970-01-20 20:07:11	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 04:45:35	Name: IDE Value: AHWqTUnut6osA_DBfSbS-oc0nlPJ491VipDfQTLNmDSnqEuPgDUjhGbTqnQXuIm4
.adform.net/	1970-01-20 20:08:38	Name: C Value: 1
.adform.net/	1970-01-20 20:50:20	Name: uid Value: 3545773716518266710
.sojern.com/	1970-01-21 04:09:35	Name: adfid Value: 3545773716518266710
.adform.net/	1970-01-20 20:50:20	Name: receive-cookie-deprecation Value: 1
.redintelligence.net/	1970-01-20 21:33:35	Name: 8lcfmzhxc8d6_uid Value: 587d8e51d8197651

71 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/370754915204349?v=2.9.150&r=stable&domain=www.theoriginalshotels.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://ads.creative-serving.com/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ads.creative-serving.com/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theoriginalshotels.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10140364.fls.doubleclick.net
8741099.fls.doubleclick.net
activationtheoriginals.solution.weborama.fr
ad.ad-srv.net
ad.doubleclick.net
ads.creative-serving.com
adservice.google.com
analytics.tiktok.com
app.secureprivacy.ai
c1.adform.net
cdn.galaxy.tf
cm.g.doubleclick.net
connect.facebook.net
cstatic.weborama.fr
ct.pinterest.com
fonts.googleapis.com
hal9000.redintelligence.net
ib.adnxs.com
image-tc.galaxy.tf
insight.adsrvr.org
js.cookieless-data.com
match.adsrvr.org
pixel.sojern.com
region1.analytics.google.com
region1.google-analytics.com
s.pinimg.com
s2.adform.net
secure.adnxs.com
static.sojern.com
stats.g.doubleclick.net
tag.zebestof.com
tc.galaxy.tf
theoriginalshotels.com
track.adform.net
u.logbor.com
vu.adschoom.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.theoriginalshotels.com
hal9000.redintelligence.net
static.sojern.com
104.126.37.144
104.17.182.58
104.17.184.58
104.17.186.58
107.178.244.119
13.39.154.38
142.250.185.130
142.250.185.134
142.250.185.70
151.101.128.84
152.199.22.228
157.240.252.13
157.240.252.35
172.217.16.195
172.217.16.196
172.217.23.98
172.67.72.159
18.158.239.145
185.89.210.82
195.54.48.25
2001:4860:4802:32::36
2a00:1450:4001:809::200e
2a00:1450:4001:812::2008
2a00:1450:4001:827::200a
2a00:1450:400c:c00::9b
2a02:26f0:3500:89b::1931
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
35.214.241.248
35.244.188.9
37.157.2.230
37.157.2.250
37.157.4.29
46.4.10.47
51.158.28.82
52.223.40.198
54.68.182.72
89.185.38.89
95.131.137.7
0044a49eed3c522185032b25ed3d661600b50ef22acba2ddd6b60189308b39da
02230c4ad751287957603a33f0e0bd118bf04d76571db15cad5bcbbc6fc0f2d3
03a23343f779322422cc2ecce3fc4b018743e9a900fd801b037189ca5703e871
0496e4365211473ac584e2d8017a096cba62f24747339ca6f15922e965e024ce
093554855150e5e313e6d83dff1cbfc374b2842efefce4679064e09fc184dfd1
096b98e8b7b884fec5308dac24621c6c279a4b8502e73c07fdbb0dc1f960ba23
0ac6761ddb4812b8058a7e91a56114779a26d41682e8c11c0d975e252cd1655a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9cd9deaebeb6fdfe1a70d6d17f435271e7541938bbc7928e25ab2426abe9a2
0bee0635d9e5651aa359c5c8e8e5a926aadf07935d2561abcde8d6c849c2cb6a
100254706c48ebc0b3f8b0cd96c14e8900046af2286bd42a1af7db78e1627737
162722d63a0fb0f3b6d4a577a530a4c218946680b76ff76dcafda94e4e12e1a4
1740b635b6ed1d7b8e50f782bdfb84c7ac462bbaecd9a80efbea5688b47ad5a4
1a6e1f005b6bcb9a801f56a69832a9c6a405a8ffd08933ac06b978bd4a120cae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f2b300cde42476c30c72df9831c4e1b59e3f21d0fdf8a0e376f32176efa34e2
206a53791fda9270a3a93e5b0fd82d59230e87e028ff2a1f09c516a32de17bb6
23ddfcd93b9071b442be172c18e009e4747ae7ba28fbd5eaa91370681cc5aedc
279fb804943e428c6d3d7e68c870419ead6e5f36fe624950330e057cadd22985
29afb643625f0fd86e2e63b4ba0e787cbdb8a9bad1c3decb4ad14da6197fdf63
29e056a988f874565b954c03f119955657ed0a369cb975a4645c79731914f9ef
2c3d5c18a5e4e78aaa278f8a627d40a06fb10f21f6b14b9f1e04321d27d12a08
2dae230f35a3bc6eee71b1ae60c74d1b9c70df96f655ebd546dd73956eb05d6d
320f689d5daba8be62bf6cc42fbc2da107b471611f792f66c7dcdd55912a7c00
389d9b1c8619cf7582d3a948e52734230352a55c4dd8b039a5b3c52095a0f448
3a26fca1708338b5e81856074f773ebfe7e1415385179a871b7f56e5eefca462
3ab8a4ce13c61bc130c6b99e764504c233288962a4dcfd4b8b44963c506c8f04
3b4f2e1b70a9ab8aef23d65cc1b072b5eb6eba4979f6575c64771256e260409d
3ca16029b2e453aaae376b28725bb4dda64adfac6a35d62683671ec12451b764
4254aee86f8c30cd7673c1d9fd8d03720c0d8978b63248502b9c65868abfa688
4496790355109e59d18432247f4ca567a7dbfbd8890495348c02e25ea958fc7c
45336bf2c27960347588ebaedc466e533d74cb661ed98b7d8b45c27a54e0e596
45f561b7fe08af5afa017a87fdef48c4afa2c2220e48cc9f17b4bfb46d265809
464e1b405dc25d57a8fad36f7f8683f950b7507ab9a5001670aad386bca0691a
465134a2a0a082ad66519bf5ed03e901e079f9a59f6530a9da9a98954540b60d
469432f4ff0c743a4c665766758c7c60495fe9ba359b50a5cb8a5af2f1be4da7
4a646669c813a5ef770aadef1f29232dadc923a1bd2d140e1baa5a25451e9d07
4a90bfdb54931140cd096808b5768e3dbadc7c210935e68defa2e14601dfce02
4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
507b412030ccf29aa30ed71c755ae4f302ce78b71dffdb4257539fbb3520c4b5
54f49435248413e98e62d58fbffb80555607c31e9eacbca0183cfd9257ac24df
5601e2b598a8ef2298c26cde90f38b6f9e979f121af411e32d4c645ed048a7c7
59467323e62eb5704df58d2cd337ebd15ede9387c6fb34f3ab88bdbf73cc1574
59e893fd1ca74befca33bf6de97595dc74422fb855810a0551b8ba9421747822
5c8c192adca12497452b0a6c25b5913fad79f9afc4760673947377cd81575d81
5dfacdc318cf29bf678158513553e9619a8380d37b6c2153de74f48d3dd2ae6f
5e3beeb0e5c24923c028f88f388da8994feacf5f17e1aea1595fd9fc1a27cfb3
6585a245f18ae234775848a8e53c287cd5193ad65990dcff47c9164d021f050b
68712256d11cb759b4c5dae58fe84e8a711697b5ec36a4e17bab185d3e2fd103
6d142b814249d4394bfe54ac9a0bec8eed5f5f5e8fdc8dc1e3792bbf72464de3
6d3c9446ea12497ec7d965c368058c1a33f823623c2b0cdacf812ca7accbfb31
6d53e8a10d2ed3a9d99bab1921672cee69324be711ae5daf33dc56af6ceb8102
70a783d0b675cefc35dfc26d67dbc148a70e05d9cbbe6375ce9966959e07e075
715d75dba0e517d97ccfd66f3b3889f597518ad994fc33a37f86f03eef2246a3
7511eab086acb3179bf7aeca61641f6e20671dd291cc845e629b90c95114ebae
786710a43ba386718a74ea5967e843a2525ce88e688decd9c9b16094eea343e5
7a79b812fe1a9a60718c21017b13ed2ea87992ea35fda14d69bc2613cdd1787b
83ed65eca784e7aa440eef01e213a884495097c676e0af8babc41e735e762590
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8501994aaece87962065e8b562662c8ae19e20e1f6f888f15d25ab1cd31bf54a
864f4266919527f9e1b77c5efa6c0fa16cf349301f6aadbf49d07772c05957fd
8712b813a243c4de935c7c1ed92a05c938fe7cd20e1ead5896c9fb7af1d3f1e0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbe680c1e203076d328eaba05423ae24e00d594d9b3b113c4a6a839c6291f36
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
8e63336037bea50c9887beee711d5776ac0906b701a435ba6a002caf1a724b91
92d8e79d58771351ef34a6148810d6a060d9f2eb6bbc0cfb6b8ce70c8096ef82
960df7fc42a4621fd301a07e685b48340f6aa1ececada9f09845a8e94e7acdfb
9e1643fbbd726611ae85daa3796dfe933445cecff34d4fd149fb1ba42f22a44a
9f39ac2768dbe249c0f8cb05c4c461ea01c8de2a8530694b02294c18a16164dd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0ca72855bccb6f512f0b4d586fff1326e70aacc8c5c6db9fc9d54b1ad5100e3
b1aca045cb9ee1179093fdf38ba786a679cc83449d46b8324a748d5a8bbf16e2
b5a86464c4b9183b213d65414690cc67a7c95322fca37b6a62ba0378c6890469
b649ebd2d8cdadf11b9d2f00532f4d143a8434182c8239e453319bd0af20fd17
b6d0c93f1f8d80347943722f2eadb08d1a33045b05058db74931ca0d3ea1f709
b773078f6080e35a4edc5c66536ecb78982fcd8411414273924d300f45563ca4
b99d411bd16e842ca2482a4559a2f61d66f1bf7852a08e7185c1417c543a997d
c2ca504234f4e410f2dbb6c5d3017fca41595d2d62cab5718ea174e1ff108712
c3f560f78d48bc2853d91fa7699fe2a3994ba26346c64268b69ff9f7b6e052c2
c5072879429e01b37f4ce16fe705c5b8636632df02eeaf2e01113eb208f5247c
cafa8479c20e99a0221fd66e4e965ac1b9cea481215d5fdc754552afbcc3c984
d283f35f448427af5829226acc79852029b526dc6e75bbf85574446437910e75
d53beef3128c70df622d2869acdf75ebc1d7b4982faa8003ffd75c9c35ca48f2
d5c77bdb4cbbd984503cf66fee883735866d05e4b433a03d09c7a502cfc4eb1b
d97087adfc2c02852f40461d3bdd714203751104ad14ee54c273761534243213
dd548187aed0d360d2750a222efa76239f494823e3b55a8e6106fa79fa465afb
ddc314faced5f8ff6d29a82d368453ca646db2666c61c23a088c107f0f40d888
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50417c9d4ae093c984f738936bdae9829db79cfeb2c4a8806762fb0c0b9909f
ed1d8362a60d16cfca89c19e6e6697eb0fbc1b3724192cb4f0e41bd58dfa4094
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efec5b89548b3a6060ca8d4bf29d19a06a2cd7255a19e7d84af468b144028f3b
f0bffb1ed0a55a37ae83437a67e4c167d366f251239c05dbd93156f5c8acf789
fa41cdcaf5b7f38d0737a760ef47eda638f80fe67c28584bb14fe3bd46e1d4d1
fdcb5714b6b178b27799484ce2589a8a162c30d666e2ed9a26be009544ce693e

www.theoriginalshotels.com Open in urlscan Pro 104.17.182.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

94 %HTTPS

21 %IPv6

26 Domains

42 Subdomains

37 IPs

7 Countries

9274 kBTransfer

12822 kBSize

37 Cookies

9 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theoriginalshotels.com Open in urlscan Pro
104.17.182.58 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

94 %
HTTPS

21 %
IPv6

26
Domains

42
Subdomains

37
IPs

7
Countries

9274 kB
Transfer

12822 kB
Size

37
Cookies

125 HTTP transactions
0 data transactions