www.sandos.com Open in urlscan Pro
2606:4700:3108::ac42:2909 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bookingengine.sandos.com/
Effective URL:
https://www.sandos.com/de/
Submission: On March 29 via automatic, source certstream-suspicious (March 29th 2023, 12:48:33 am UTC) — Scanned from DE

Summary HTTP 135 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 24 domains to perform 135 HTTP transactions. The main IP is 2606:4700:3108::ac42:2909, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sandos.com. The Cisco Umbrella rank of the primary domain is 815512.
TLS certificate: Issued by R3 on March 28th 2023. Valid for: 3 months.

This is the only time www.sandos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 34	2606:4700:310... 2606:4700:3108::ac42:2909	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:224... 2600:9000:2240:4000:10:b1ea:9e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	188.68.232.26 188.68.232.26	197226 (SPRINT-SDC) (SPRINT-SDC)
6	54.76.61.197 54.76.61.197	16509 (AMAZON-02) (AMAZON-02)
1	64.185.227.155 64.185.227.155	18450 (WEBNX) (WEBNX)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
11	18.66.122.129 18.66.122.129	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	13.32.27.91 13.32.27.91	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.45 18.66.122.45	16509 (AMAZON-02) (AMAZON-02)
4	34.235.68.114 34.235.68.114	14618 (AMAZON-AES) (AMAZON-AES)
1	52.48.251.179 52.48.251.179	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
17	2620:1ec:4f:1... 2620:1ec:4f:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	34.252.9.99 34.252.9.99	16509 (AMAZON-02) (AMAZON-02)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.94.245.101 13.94.245.101	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.50.201.195 20.50.201.195	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
135	36

34 2606:4700:3108::ac42:2909 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

bookingengine.sandos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sandos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:4000:10:b1ea:9e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

bookingform.sandos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.68.232.26 (Warsaw, Poland)

ASN197226 (SPRINT-SDC, PL)
PTR: atena.therivercollective.com

ip2c.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.76.61.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-61-197.eu-west-1.compute.amazonaws.com

bookingcore.sandos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.155 (United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-155.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.66.122.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-129.fra60.r.cloudfront.net

bucket.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-91.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-45.fra60.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.235.68.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-68-114.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.251.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-251-179.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

oc-cdn-public-eur.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comms.omnichannelengagementhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ocsdk-prod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oc-cdn-ocprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.9.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-9-99.eu-west-1.compute.amazonaws.com

neural38.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

cdn.botframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.94.245.101 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.201.195 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eu-mobile.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	sandos.com 2 redirects bookingengine.sandos.com www.sandos.com — Cisco Umbrella Rank: 815512 bookingform.sandos.com bookingcore.sandos.com — Cisco Umbrella Rank: 887043	2 MB
16	azureedge.net oc-cdn-public-eur.azureedge.net — Cisco Umbrella Rank: 129282 ocsdk-prod.azureedge.net — Cisco Umbrella Rank: 57216 oc-cdn-ocprod.azureedge.net — Cisco Umbrella Rank: 47066	609 KB
13	cdnwebcloud.com bucket.cdnwebcloud.com — Cisco Umbrella Rank: 21079 neural38.cdnwebcloud.com — Cisco Umbrella Rank: 111589	27 KB
9	gstatic.com fonts.gstatic.com	171 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1726 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 4147 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 4156 tracking.crazyegg.com — Cisco Umbrella Rank: 3481	30 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 70 ad.doubleclick.net — Cisco Umbrella Rank: 166	3 KB
5	taboola.com trc.taboola.com — Cisco Umbrella Rank: 658 cdn.taboola.com — Cisco Umbrella Rank: 912 trc-events.taboola.com — Cisco Umbrella Rank: 1840	21 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4179 adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2877	8 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6058	776 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	21 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4488	56 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	234 B
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1392 insight.adsrvr.org — Cisco Umbrella Rank: 580 match.adsrvr.org — Cisco Umbrella Rank: 330	3 KB
2	omnichannelengagementhub.com comms.omnichannelengagementhub.com — Cisco Umbrella Rank: 45416 804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	136 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	174 KB
1	microsoft.com eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 1425	442 B
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 1527	45 KB
1	botframework.com cdn.botframework.com — Cisco Umbrella Rank: 20634	883 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2586	107 B
1	ip2c.org ip2c.org — Cisco Umbrella Rank: 46075	217 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
135	24

	Domain	Requested by
33	www.sandos.com	1 redirects www.sandos.com static.cloudflareinsights.com
14	oc-cdn-public-eur.azureedge.net	www.googletagmanager.com oc-cdn-public-eur.azureedge.net
11	bucket.cdnwebcloud.com	www.sandos.com bucket.cdnwebcloud.com
9	fonts.gstatic.com	www.sandos.com fonts.googleapis.com
6	bookingcore.sandos.com	bookingform.sandos.com
4	tags.srv.stackadapt.com	bucket.cdnwebcloud.com tags.srv.stackadapt.com
4	www.google.de	www.sandos.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	dev.visualwebsiteoptimizer.com	www.sandos.com dev.visualwebsiteoptimizer.com
3	www.facebook.com	www.sandos.com
3	www.google.com	www.sandos.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	trc-events.taboola.com	cdn.taboola.com
2	neural38.cdnwebcloud.com	bucket.cdnwebcloud.com
2	connect.facebook.net	www.sandos.com connect.facebook.net
2	trc.taboola.com	www.sandos.com cdn.taboola.com
2	ad.doubleclick.net	2 redirects
2	www.googletagmanager.com	www.sandos.com www.googletagmanager.com
2	bookingform.sandos.com	www.sandos.com
1	eu-mobile.events.data.microsoft.com	oc-cdn-public-eur.azureedge.net
1	oc-cdn-ocprod.azureedge.net
1	804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com	ocsdk-prod.azureedge.net
1	ocsdk-prod.azureedge.net	oc-cdn-public-eur.azureedge.net
1	comms.omnichannelengagementhub.com	oc-cdn-public-eur.azureedge.net
1	js.monitor.azure.com	oc-cdn-public-eur.azureedge.net
1	cdn.botframework.com	oc-cdn-public-eur.azureedge.net
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	cdn.taboola.com	bucket.cdnwebcloud.com
1	js.adsrvr.org	bucket.cdnwebcloud.com
1	adservice.google.com	www.sandos.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	api.ipify.org	www.googletagmanager.com
1	ip2c.org	www.sandos.com
1	static.cloudflareinsights.com	www.sandos.com
1	fonts.googleapis.com	www.sandos.com
1	bookingengine.sandos.com	1 redirects
135	42

This site contains links to these domains. Also see Links.

Domain
www.sandos4u.com
bookingengine2.sandos.com
www.royalelite.com
seekandgo.mx
fundacionsandos.org
www.youtube.com
www.tiktok.com
www.facebook.com
www.instagram.com
empleo.sandos.com
sandossmartagents.com
blog.sandos.com

Subject Issuer	Validity	Valid
www.sandos.com R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
sandos.com Amazon RSA 2048 M01	`2023-03-02` - `2024-02-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
ip2c.org R3	`2023-03-03` - `2023-06-01`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.cdnwebcloud.com Amazon RSA 2048 M02	`2023-02-21` - `2023-10-21`	8 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2023-03-01` - `2023-07-26`	5 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-02-27` - `2023-11-07`	8 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-05` - `2023-04-05`	3 months	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2023-01-23` - `2024-01-18`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 01	`2023-03-23` - `2024-03-17`	a year	crt.sh
comms.omnichannelengagementhub.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-04` - `2024-03-04`	a year	crt.sh
*.omnichannelengagementhub.com Microsoft Azure TLS Issuing CA 05	`2023-02-06` - `2024-02-01`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2023-03-08` - `2024-03-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.sandos.com/de/
Frame ID: 20A3F6D4D5E1128FA53B9129BC793407
Requests: 109 HTTP requests in this frame

Frame: https://www.sandos.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680048000
Frame ID: 455F32B70EA5CDCD91D502699ACF0CDA
Requests: 3 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=zlo6fa9&ref=https%3A%2F%2Fwww.sandos.com%2Fde%2F&upid=lg4f83p&upv=1.1.0
Frame ID: 445170E7E17F9678304EC3DB4DF65B33
Requests: 1 HTTP requests in this frame

Frame: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
Frame ID: D6A85DE198B8CE35F47F3409D23AB75D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sandos Resorts | All Inclusive Resorts in Spanien und Mexiko

Page URL History Show full URLs

https://bookingengine.sandos.com/ HTTP 301
https://www.sandos.com/ HTTP 302
http://www.sandos.com/de/ HTTP 307
https://www.sandos.com/de/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

135
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

42
Subdomains

36
IPs

6
Countries

3992 kB
Transfer

11011 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sandos4u.com/landing-page
Title: Sandos4u

Search URL Search Domain Scan URL

URL: https://bookingengine2.sandos.com/my-booking/en/?_ga=2.26291965.1941942278.1588667312-29203995.1583703626
Title: Meine Buchung

Search URL Search Domain Scan URL

URL: https://www.royalelite.com/
Title: LESEN SIE MEHR

Search URL Search Domain Scan URL

URL: https://seekandgo.mx/
Title: SEHEN SIE MEHR

Search URL Search Domain Scan URL

URL: https://fundacionsandos.org/
Title: Erfahren Sie hier mehr über die Sandos Foundation.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/SandosHotelsAndResorts
Title: Bild

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@sandoshotels
Title: Bild

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sandoshotels
Title: Bild

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sandoshotels/
Title: Bild

Search URL Search Domain Scan URL

URL: https://empleo.sandos.com/es/
Title: Arbeite mit uns

Search URL Search Domain Scan URL

URL: https://sandossmartagents.com/
Title: Sandos SMART Agents

Search URL Search Domain Scan URL

URL: https://blog.sandos.com/
Title: Blog Sandos

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bookingengine.sandos.com/ HTTP 301
https://www.sandos.com/ HTTP 302
http://www.sandos.com/de/ HTTP 307
https://www.sandos.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://ad.doubleclick.net/ddm/activity/src=9267501;type=invmedia;cat=reta;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20230324135501 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9267501;dc_pre=CIuG66v1__0CFRNDGAodJL0ODQ;type=invmedia;cat=reta;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20230324135501 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9267501;dc_pre=CIuG66v1__0CFRNDGAodJL0ODQ;type=invmedia;cat=reta;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20230324135501

Request Chain 102

https://insight.adsrvr.org/track/up?adv=zlo6fa9&ref=https%3A%2F%2Fwww.sandos.com%2Fde%2F&upid=lg4f83p&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=zlo6fa9&ref=https%3A%2F%2Fwww.sandos.com%2Fde%2F&upid=lg4f83p&upv=1.1.0

135 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sandos.com/de/
Redirect Chain

https://bookingengine.sandos.com/
https://www.sandos.com/
http://www.sandos.com/de/
https://www.sandos.com/de/

324 KB
44 KB

1521ms
1521ms

Document
text/html

2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e510ebea1d7974d26c779d9f148ddf5fefc8d88d839daec3c960088a0f613f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400, public
cf-cache-status: DYNAMIC
cf-ray: 7af41b629d5230ed-FRA
content-encoding: br
content-language: de
content-type: text/html; charset=UTF-8
date: Wed, 29 Mar 2023 00:48:24 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Wed, 29 Mar 2023 00:48:23 GMT
link: <http://www.sandos.com/de/node/1?amp> rel="amphtml"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTEIRS60LdAcgU8fF5QI0JhukTPKIjz5GC%2Bk83URorN2XZAnYZMXCWjEzAdmolQzTcMGF6zv5SJWcShTujH1DAPAXzqwL%2BOpd3WReLOTgpysNMSCe3jGJB1mjBr6G8GjlUO16LLPeabm9%2BWM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-ua-compatible: IE=edge

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.sandos.com/de/
Non-Authoritative-Reason: HSTS

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 118ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandos.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:38:45 GMT
x-content-type-options: nosniff
age: 58180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13912
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:38:45 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 165ms
83ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandos.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:56 GMT
x-content-type-options: nosniff
age: 58229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14044
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:56 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 155ms
73ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandos.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:56 GMT
x-content-type-options: nosniff
age: 58229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14176
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:56 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 13 KB
14 KB 125ms
44ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandos.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:55:21 GMT
x-content-type-options: nosniff
age: 57184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13732
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:55:21 GMT

GET
H2 200 Splash_0.webp
www.sandos.com/sites/default/files/styles/64_23_1920/public/2023-03/ 92 KB
92 KB 70ms
66ms Image
image/webp 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/sites/default/files/styles/64_23_1920/public/2023-03/Splash_0.webp?h=32d3e6e7&itok=3h_nYA9E

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e35636052b89175a1f6a32e17ee203c28a5600174695097c9bab5ee6f44fd8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 15:35:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "16ef6-5f706346ce1c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXHBESk9TOoH5GMC8SkMYpbuwlyZmzIP7xdfg29%2FlPy4q2KQFJAGCByP1xybHXkKuY8glMA7Ydnb83hAfeWK9lgQbK%2F1%2FZ9oB%2FIkwqtd11Li1bvgBTVZJin5EK3JPnRj8Orr2mLX5BH8gzv7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7af41b6d7d8430ed-FRA
content-length: 93942

GET
H2 200 Splash_0.jpg
www.sandos.com/sites/default/files/styles/64_23_1920/public/2023-03/ 141 KB
142 KB 50ms
45ms Image
image/jpeg 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/sites/default/files/styles/64_23_1920/public/2023-03/Splash_0.jpg?h=32d3e6e7&itok=3h_nYA9E

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2110061660d87ffde804d8d46a39b0ac83be9c096723986fb280d484579222e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=152864, status=webp_bigger
content-length: 144855
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Mar 2023 15:35:04 GMT
server: cloudflare
etag: "25520-5f7063466daac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k34Si3i2OkyK6ijl8JeIxSmNCS6TRQlWUV7zIUP02kDuZ1kjUyEbNU0AmMPLq7zRSH89lYbOh0mXj8BN9Ws2WemxyW6zIvAEOjhyC7OO8yFiqOrCGLGkJfZoGtpP713UQ2JRqrlCXRZlxcrB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7af41b6d7d8530ed-FRA

GET
H2 200 Splash_0.jpg
www.sandos.com/sites/default/files/styles/original_1920/public/2023-03/ 182 KB
183 KB 54ms
50ms Image
image/jpeg 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/sites/default/files/styles/original_1920/public/2023-03/Splash_0.jpg?itok=UX2SXRV2

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a91d51d21928f5ab1f5adae0d0076d05c1586bfbe2ad56b749f2153208264e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=197462, status=webp_bigger
content-length: 186504
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Mar 2023 15:35:03 GMT
server: cloudflare
etag: "30356-5f70634579ff3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npOCvUc3b1CFcHcFhaC9xR%2FxoRTVwNHs5ZXeBQv8mw6SE%2FvvBUor%2BmHJG4Tv9ErZf5nPm5LtFehUHZwLGx2dlxH893g4J1q5SPm526CaouT3yN96WlymbCSEzzZASmw0J5cC49xXxnTRyY8W"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7af41b6d7d8630ed-FRA

GET
H2 200 google_tag.script.js Show response
www.sandos.com/sites/default/files/google_tag/container_sandos/ 347 B
543 B 62ms
58ms Script
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/google_tag/container_sandos/google_tag.script.js?rs9aqv

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dea39cbea2fbc1c4a456334634eac273a10ddc4006d2e90c80f9ff35cec47fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 00:30:33 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"15b-5f7ff1588d476-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZpnpKb2IadDrWRXyaBX3su7mvbGdMGInda4uBOY0U%2Fdjsfik6HGFjcGPWwfndJHrTzAPST%2Fb6DC2822xxyZPvxY1xxAKfohbp07bjA3odGCJpQSS83x4GqxKo2SZ%2Bt4v7HR8XGuNfXDP3i0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
content-encoding: br
cf-ray: 7af41b6d7d8730ed-FRA

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Oswald:wght@200;300;400;700&display=swap

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f51ee65c08798ce0874fa4453b7b7eccd4a2cc6225bcfd24f71fcd8a99ca41fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Mar 2023 00:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 00:48:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Mar 2023 00:48:25 GMT

GET
H2 200 css_vm07PePcDqGZ-K4QC32qnKUwFCQ9e3KBrFlOmQA2Yro.css
www.sandos.com/sites/default/files/css/ 17 KB
4 KB 45ms
41ms Stylesheet
text/css 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/css/css_vm07PePcDqGZ-K4QC32qnKUwFCQ9e3KBrFlOmQA2Yro.css

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a916262726c7e8fc89bda68ab2056033658066ee62408df6d6798c865e06ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 15 Mar 2023 00:30:43 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=17112
etag: W/"d59-5f6e5745954d8"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izR9E6W1Xaq1nCNSkLigelQu2GoIzXKzV7k%2F%2BepZ1yNzFbsocj0A1kNAonwT8lqAW7wS6IfRSk3lX4wilzqKytvBYr28A7fFo%2FbPJF84c%2FNdTKuVdSRwbiFVbZDWAE9zGVK009qwB2XzW%2FR3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
content-encoding: br
cf-ray: 7af41b6c5c9d30ed-FRA

GET
H2 200 css_zmPwV6DcTxsQoPeRpUcvJAY0puKwAPHT1vvx6VlDfss.css
www.sandos.com/sites/default/files/css/ 2 KB
1 KB 43ms
40ms Stylesheet
text/css 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/css/css_zmPwV6DcTxsQoPeRpUcvJAY0puKwAPHT1vvx6VlDfss.css

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcea1d064db3d83b743504d2a34341554f207a2e79cebe7e6fca9834044cd2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 15 Mar 2023 00:30:43 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2488
etag: W/"36b-5f6e574599359"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rS4FJQW8ZzSEWrOQ6wZ%2BpAQ4VPwbnR9WqtxUmZsT0nmTi1aUxhFb85DdoOFVagOnwAbOW2w0cIK7stZ0nYyt%2F8cMEzo2tFYLEmmlzL%2FxY4EMS2gNJjdV2wFHAer1TKy7Sx6uD37GDmHMjNbF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
content-encoding: br
cf-ray: 7af41b6c5c9e30ed-FRA

GET
H2 200 css_anwaWus-QlIuKOu40eeV_BymSj8aNBFeG7jzqXXclcg.css
www.sandos.com/sites/default/files/css/ 8 KB
2 KB 39ms
36ms Stylesheet
text/css 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/css/css_anwaWus-QlIuKOu40eeV_BymSj8aNBFeG7jzqXXclcg.css

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9b684d696fb17e63ba06d80995171e5cbb6d3d3da0dbf66983d18783acd1d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 00:30:42 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8838
etag: W/"831-5f658a36cf3dd"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3%2Bi6yWnQSW1Nh%2FaAE5%2FSVD%2BLQ8r1jAiavVlbuGI2E8nHJRdYIVnjDQuSiPIgM%2Bc2XLbuReO2HwAGjkCNcee%2FY66i8%2B9Aqfi1DNNxZs2L1ufLi4Pwnb5VmFjAUHpq6recR7l5ohUIiVc%2BKnR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
content-encoding: br
cf-ray: 7af41b6c5ca030ed-FRA

GET
H2 200 css_S9BcwF1u2-ZQF8sV0pDt1kjtGeayjXaZ1DAMCVsWJ8w.css
www.sandos.com/sites/default/files/css/ 112 KB
18 KB 50ms
47ms Stylesheet
text/css 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/css/css_S9BcwF1u2-ZQF8sV0pDt1kjtGeayjXaZ1DAMCVsWJ8w.css

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b77bf158bffd6ddcb923496df10881ec790b6b00cf384af12f9c5858fbe36ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 19 Mar 2023 18:30:52 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=116422
etag: W/"42b2-5f74502a6f474"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=405i0goO7jeECh7lELXlUfwxMWI6bS84xYFuNDjrDcCsfjkQZpfKoaw6aNBTw6OvACEIKa50frq8dYQwNfDS9xZXvm5fU8mGuMnsp8vx33irm1c1lnP5tBNm0UOADy3aW%2B32NvEtJlYrLlzB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
content-encoding: br
cf-ray: 7af41b6c5ca330ed-FRA

GET
H2 200 css_dlWNDGnCkFtTEwHlbq8nJgYC2EKydUY1twoRkBWGwiU.css
www.sandos.com/sites/default/files/css/ 6 KB
2 KB 47ms
44ms Stylesheet
text/css 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/css/css_dlWNDGnCkFtTEwHlbq8nJgYC2EKydUY1twoRkBWGwiU.css

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdb584d57da7393fdae5f4b723310f0441a0b9c2f4c0cd788a5aa90d4dd543d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 28 Mar 2023 18:30:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6214
etag: W/"51c-5f7fa0e594d1e"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rupFI9w1MZtvRjfqNFGbHkRDSvGwBxIxXFChyqD6g%2F%2BXkdY34x%2Fo0NG1SsXHrqvLuxcbMt5kPCoE7w85gcj0vMmdyscqmXkF1%2FErILS3VqGSC2iydAlEJgl7aSUVhcNkmPKnDDK9hYCW%2Fn72"}],"group":"cf-nel","max_age":604800}
content-type: text/css
content-encoding: br
cf-ray: 7af41b6c5ca530ed-FRA

GET
H2 200 js_ctMe7CIg0cjrHu4yhrpZFr9IoKf1J_6_XNRb1UjzOfs.js Show response
www.sandos.com/sites/default/files/js/ 97 KB
35 KB 50ms
48ms Script
text/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/js/js_ctMe7CIg0cjrHu4yhrpZFr9IoKf1J_6_XNRb1UjzOfs.js

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e360945436d878e0a533732555c3edd537f1bd923fb2a5dc397a2e3e62042

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 07:25:14 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=99142
etag: W/"8722-5f5d19d00cb45"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLeipbkmq4vfjMLbxnM7d8Vgt1XHpwuCMs6S73Qy28OOFAHPff88FX2D1%2Fn3tVUgqhNjPplGTVz5swKUpl5BUYvFEWKXf1BKV1dWOQzpeV4dZA4ZoyiRb92TYOXjvVFBeV7YfEa3YpYPhSEW"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
content-encoding: br
cf-ray: 7af41b6c5ca630ed-FRA

GET
H2 200 js_oZs3umeEnHKq_9WAj7Lh8l2mnhpi6qV0dK9PbpVvqTk.js Show response
www.sandos.com/sites/default/files/js/ 20 KB
8 KB 60ms
58ms Script
text/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/js/js_oZs3umeEnHKq_9WAj7Lh8l2mnhpi6qV0dK9PbpVvqTk.js

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2505ce0da0a636b6fbe4321dce60d98b811d0fc78315120f4b038a7d161b17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 00:32:36 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=20126
etag: W/"1d53-5f658aa39125e"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg5fM69onGH1lcs5zAR%2BabGrjBLBBg1nqdRw7ovKFQOMhMxTxqHyw7G%2F0%2Fb6QdiudQEOTzXLDK2qSv3s7X8BCyF%2BfAPNM7L2lyyHVXtlgPYAKCrYWMCTUNK%2BwLMwYkXmOegnKgbWuAj60WjE"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
content-encoding: br
cf-ray: 7af41b6c5ca730ed-FRA

GET
H2 200 js_4irGR51LJqUfWeLX8Av1f8zsCjlfXzHERHyRVzrCT1E.js Show response
www.sandos.com/sites/default/files/js/ 49 KB
13 KB 59ms
57ms Script
text/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/js/js_4irGR51LJqUfWeLX8Av1f8zsCjlfXzHERHyRVzrCT1E.js

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73a61de8f2587ee652c407be595f6840728d2ccb08be8960f0e67d0bad5edd27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 00:30:45 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=49748
etag: W/"316a-5f658a38ff95f"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRRzajQfl8TJBIWkaubhlGRn9uLW0OTAgA9vQiZ7LzBPulCqEKbOfe4iXazyZcQgpJlwUOscWPY4VFcnkd4CGcC1b9oemSBwSUCSIrPXRK8CqoS9qD84vJzkBvbLUlMVQ3lc8HKNW8p5a7ml"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
content-encoding: br
cf-ray: 7af41b6c5ca930ed-FRA

GET
H2 200 js_OTdgAISK7VkA3FuZjI8iZTPZ8Uil_hH-JBfzFbBCDpY.js Show response
www.sandos.com/sites/default/files/js/ 26 KB
10 KB 42ms
41ms Script
text/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/js/js_OTdgAISK7VkA3FuZjI8iZTPZ8Uil_hH-JBfzFbBCDpY.js

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ebdb84e5f0d5f1f86a9f9828566eb4e8b69dc8aa67a442c510ea41f91006de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 07:25:14 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=26723
etag: W/"2467-5f5d19d013c8f"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxoijLXk93p7WQEOJ2%2FhEYOHY7HI4oWJ9yBRYNZVQD%2BWC7xPteTltsCqJ5XNhVZQQB5Rlfza6fh2lUfTyyPLpyg6AgylJiz%2BivPb8D3H3iyLSyj9M28f2ZxmLg2382mernOJZPV0hjer2JXV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
content-encoding: br
cf-ray: 7af41b6c5caa30ed-FRA

GET
H2 200 js_Ldx1LJIcBz5lWMMp-DktQtb72kxpD8ulMqZjktPqC4c.js Show response
www.sandos.com/sites/default/files/js/ 59 KB
16 KB 44ms
42ms Script
text/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/js/js_Ldx1LJIcBz5lWMMp-DktQtb72kxpD8ulMqZjktPqC4c.js

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ad0624eedbc00a480d7f6e0d2968ab805d9fd16b33d483a12ddb1101c3ce52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 00:30:45 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=59969
etag: W/"3dce-5f658a3906e91"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhlxVpBQkIvlZ9Xfg36CdX6vIkQxAkAk%2Bk8WjEbU9mpErKqeSyJvsJKl%2BUvWB1QWLGpdoB7miznM3WougLJVN6Xaq55oGipcssoBZAkarcrUDSD4JpFnBnDJqXdkCA5bF%2FqwrBRbu5sL2KoU"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
content-encoding: br
cf-ray: 7af41b6c5cad30ed-FRA

GET
H2 200 holidaycheck_2019_colorhotel%2C2398.webp
www.sandos.com/sites/default/files/styles/scale_height_65/public/2020-06/ 958 B
1 KB 43ms
39ms Image
image/webp 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/sites/default/files/styles/scale_height_65/public/2020-06/holidaycheck_2019_colorhotel%2C2398.webp?itok=TCqHhcRM

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad33a20dd9dca3977a412bd7b0225b02b897bc65baa395fe56ac7b0734ad874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 10 Jul 2020 12:40:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3be-5aa15a502f3f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWfeMF7uFXAHgdYPxYeER2y6PuiS%2F1KOXRSrOQgvev2uqPtkK413A6sT0MPsZzXKpemwjCRX%2FkUFdsZcKfGiJbBZZydXmZKmJMP8Ma6zYEg9A8Eq55uWVyXvQ%2Fnsufp39ZLwygIJ%2B61ReCGF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7af41b6d7d8830ed-FRA
content-length: 958

GET
H2 200 ezgif.com-webp-to-png%20%284%29.webp
www.sandos.com/sites/default/files/styles/scale_height_65/public/2020-06/ 3 KB
4 KB 55ms
51ms Image
image/webp 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/sites/default/files/styles/scale_height_65/public/2020-06/ezgif.com-webp-to-png%20%284%29.webp?itok=dXkt69Mx

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8859e9a76c029ed60cf40d9d5da9c2ad1f76494f222e76b367a8064f47763b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 10 Jul 2020 12:40:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cde-5aa15a50aa8cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRez%2BqJUkjkQ1XJtRkq4ypJUDBusgpo0bXJp8%2BkMwPERZ7AQ2WQLolgdpV%2FQwXcUfgeeZJB%2B9tJz5eviQ82%2BFHimeaeXiGwyxH0kDFoNJM%2Boe5HFR6OjQv2Rdw8Sah3HHxs6PF94i11FlnTt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7af41b6d7d8930ed-FRA
content-length: 3294

GET
H2 200 ezgif.com-webp-to-png%20%282%29.webp
www.sandos.com/sites/default/files/styles/scale_height_65/public/2020-06/ 3 KB
4 KB 48ms
44ms Image
image/webp 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/sites/default/files/styles/scale_height_65/public/2020-06/ezgif.com-webp-to-png%20%282%29.webp?itok=_yBBDxv2

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08b9edf0f3bd319707225dd01bbdaace4d609ab453565081a3d7936d33f56803

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 10 Jul 2020 12:40:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d30-5aa15a50b838f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bB0zw%2FOZ49YiVMFU%2BSKsc2ijDxJsJsqz2FbEcFnwDzgAaqkCjxwxf0CBVDZzQ3F1wIFj2GX6HrKNnLVM1PhHr51DKeVI3abPaW1EAD5ZM2FFmV4P%2BzP%2FpuddsUbpjyyaym0JP6RGEYTIdmC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7af41b6d7d8a30ed-FRA
content-length: 3376

GET
H2 200 Blue_Heart_0.webp
www.sandos.com/sites/default/files/styles/scale_height_65/public/2020-06/ 4 KB
5 KB 53ms
50ms Image
image/webp 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/sites/default/files/styles/scale_height_65/public/2020-06/Blue_Heart_0.webp?itok=9_jmzWU8

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f44ea1b9a1a4be06e76652f5f16ff9cc692509b3e718404ef86c5fb4feefb8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 10 Jul 2020 12:40:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "105c-5aa15a50fae0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqGmUhRuvq5242wfxwOYVmgwUzAMr89j77u9RJ2yA1aCqvqiaHWYthtPlimtsdFt6xgBsqt9Lw85Z%2BzAdumLMIC%2FvM%2B8ALgC67StZ1zsK%2FeGHNMbahh1IlzW%2F7amWNc551RDupmRUwke0jOA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7af41b6d7d8b30ed-FRA
content-length: 4188

GET
H2 200 CCA22-Hi-Res-Suite-113x113.webp
www.sandos.com/sites/default/files/styles/scale_height_65/public/2022-02/ 1 KB
2 KB 28ms
25ms Image
image/webp 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/sites/default/files/styles/scale_height_65/public/2022-02/CCA22-Hi-Res-Suite-113x113.webp?itok=hdEPE9iN

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52206035d784ca1b49adfb7fc216e117c966c9ebb282c630b231c871f2e6a47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13528436
content-length: 1164
last-modified: Wed, 02 Feb 2022 19:46:27 GMT
server: cloudflare
etag: "48c-5d70e460666d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxEXHuNndjPWVFCqmWQUBKNKF1FkatozJ5smtU4QwZdJ7oaM9flesXzLxem0fus%2B1X6km5AcONOUTY%2BxhtR4T2ANEoVVYIdiA1nbhngg%2FEpqDA081UYYsYgNjEWemX4%2Ba%2FspO1iSIy20gHIn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7af41b6d7d8c30ed-FRA
expires: Mon, 23 Oct 2023 10:54:29 GMT

GET
H2 200 js_T7dO3tv5rXjaRlP-tl2bsIRrwQMZoiGsMQfeThCxtzY.js Show response
www.sandos.com/sites/default/files/js/ 13 KB
6 KB 45ms
45ms Script
text/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/js/js_T7dO3tv5rXjaRlP-tl2bsIRrwQMZoiGsMQfeThCxtzY.js

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f46fcb7e4634c57612a6afcaa743f50462d4812d0e4f149108051e188b789cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 00:30:43 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=13439
etag: W/"16af-5f658a371e1ad"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QjyfoCdSjV8GFsp8b%2FmXjnYn2rOCu%2FlPCKwf5qIB5usXuW7gPVcUs9aKk5emX79BsId966Bbh375UB5QmPDOxd8BxyhRxzJEjzPAft6vc4l2Cz6RGdwojpbExwAhxmHZoQL6j9hQRAVSos3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
content-encoding: br
cf-ray: 7af41b6d6d7030ed-FRA

GET
H2 200 js_sfVlhSxiyBxfmrPcS3lCH7gVu6AtaHqOjPDPCZZ9tto.js Show response
www.sandos.com/sites/default/files/js/ 3 KB
1 KB 46ms
42ms Script
text/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/js/js_sfVlhSxiyBxfmrPcS3lCH7gVu6AtaHqOjPDPCZZ9tto.js

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

619dec50cd0a88e3317087f5e025f0ec0ea63d06b361ee0b879ecb3089284b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 00:30:43 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3046
etag: W/"43f-5f658a372dbb2"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBXrowrPdC14loGtBYyXI6hzf%2BGmVDhK5jg6%2F6OOhMuKwOYqa%2FmEHuW%2FmnJeBMn5sT7x%2BLKRFwh1db1j3BRbVhiW5UlaTYBGje%2FZoEGApwVUAeAE9cgnJ0Qs%2Bc2WVeBXuap23%2BJhRt83%2B91g"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
content-encoding: br
cf-ray: 7af41b6d7d7d30ed-FRA

GET
H2 200 js_CMEMbKFrC6uI18LFn_9p6O0-zNMGET8Z8rhSKrOUyuI.js Show response
www.sandos.com/sites/default/files/js/ 2 KB
1 KB 54ms
49ms Script
text/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/sites/default/files/js/js_CMEMbKFrC6uI18LFn_9p6O0-zNMGET8Z8rhSKrOUyuI.js

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da47d8bbfe5a741c3b28a4940f9417de826eb23796ace339062bd1de4b2f5e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 00:30:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1881
etag: W/"375-5f658a32e2c5c"
vary: Accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGhvETtIxAuNXzMhayqXBF4XBp2C8OGuCZFUB%2B2JTNJSy%2FixjBYI%2B1WAwsE0OQIpbOKvuBX%2BiBhmNa7cdHQdXz6KrFemt1xNVtfL3Xy7LPxM2FOhtZBqRIIPV9sHvs0JKbYDThQrPAQ7szhb"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
content-encoding: br
cf-ray: 7af41b6d7d8130ed-FRA

GET
H2 200 eu_cookie_compliance.min.js Show response
www.sandos.com/modules/contrib/eu_cookie_compliance/js/ 32 KB
6 KB 54ms
51ms Script
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/modules/contrib/eu_cookie_compliance/js/eu_cookie_compliance.min.js?v=9.5.2

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc7bb70734fc84937d79fd60df6382002554cca4e3a945e186fa0b1ee42289b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 07:32:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"81f4-5f5d1b82cf52a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhYaU8B5f%2BPJPfBPbfHXW7wZ%2BYjtI%2FsGzoS8Id87wkirBIb9JOaJZ8KjqXlNdqZtcksKQ12DB10toAaTPsfKdLD2diECT%2B3Ldsxta6xVMHS9cm01v8dPXRYXyDkA6lKHY3YULRdmiFqd%2Fb%2FP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7af41b6d7d8d30ed-FRA

GET
H2 200 vb26e4fa9e5134444860be286fd8771851679335129114 Show response
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 86ms
42ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542

Request headers

Referer: https://www.sandos.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
server: cloudflare
etag: W/2023.3.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7af41b6dc88e9969-FRA

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 7 KB
3 KB 69ms
20ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=476671&u=https%3A%2F%2Fwww.sandos.com%2Fde%2F&f=1&vn=1.3
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: d872f8fcad24375e872b840bdcd57740231aa9f680bff4915165055e3ebd486c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1680016478"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 tag-b3dcc1fd78c0c11dc7348207f590d385.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 174 KB
49 KB 36ms
19ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-b3dcc1fd78c0c11dc7348207f590d385.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=476671&u=https%3A%2F%2Fwww.sandos.com%2Fde%2F&f=1&vn=1.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: ca0ef49850f90adf5678569895c4361ea50daa2387f414595359c890aec00cd8

Request headers

Referer: https://www.sandos.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 28 Mar 2023 15:14:09 GMT
server: gams1
etag: "64230441-c2fa"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49914

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 103ms
101ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=476671&d=sandos.com&u=D70EE0FFAA752B1E571A45F1A34C07794&h=08229c7a4e885b26d01cdc9426dad3a4&t=false&r=0.3842076116713913

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:25 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 11 KB
4 KB 24ms
21ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=476671&settings_type=1&vn=7.0
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-b3dcc1fd78c0c11dc7348207f590d385.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 3b71f61bb60c98bd3b4f071b4becd3059283e54c574565676e6726e9105a45e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1680016478"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Oswald:wght@200;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:41 GMT
x-content-type-options: nosniff
age: 58244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:41 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Oswald:wght@200;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:41 GMT
x-content-type-options: nosniff
age: 58244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:41 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 50ms
50ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Oswald:wght@200;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:48 GMT
x-content-type-options: nosniff
age: 58237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:48 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Oswald:wght@200;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 21:45:45 GMT
x-content-type-options: nosniff
age: 10960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 21:45:45 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 56ms
55ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Oswald:wght@200;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sandos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 58245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:40 GMT

GET
H2 200 main.js Show response
bookingform.sandos.com/js/ 800 KB
802 KB 228ms
129ms Script
application/javascript 2600:9000:2240:4000:10:b1ea:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bookingform.sandos.com/js/main.js
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/sites/default/files/js/js_4irGR51LJqUfWeLX8Av1f8zsCjlfXzHERHyRVzrCT1E.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4000:10:b1ea:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 275b2ea97be6b0d3f008517431c04c9c1c380f4c2e880711c3a96810740783d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:26 GMT
x-amz-version-id: null
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Wed, 30 Nov 2022 12:55:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "e8eca621893a7903385325aadbbc33de"
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 819525
x-amz-cf-id: os0gDY22UZ5Dzoyiaw9eQVZ1CMs06TjatFXs4AqP0kWR8TegMw-kHQ==

GET
H2 200 main.css
bookingform.sandos.com/css/ 88 KB
88 KB 229ms
129ms Stylesheet
text/css 2600:9000:2240:4000:10:b1ea:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bookingform.sandos.com/css/main.css
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/sites/default/files/js/js_4irGR51LJqUfWeLX8Av1f8zsCjlfXzHERHyRVzrCT1E.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4000:10:b1ea:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b9e15eb51ff039d12f0187b3eb749d6ce356a8a34bf19598694c53a6c287871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:26 GMT
x-amz-version-id: null
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Wed, 30 Nov 2022 12:55:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "a6e0b78756e0b8ea4eb341066d0015ba"
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 89668
x-amz-cf-id: iReIxG0LRtPS89uJMws74VAdZNkCEhsgJz9bxBbTIwG0j8As8_628w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 314 KB
95 KB 150ms
63ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBBDNC

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/sites/default/files/google_tag/container_sandos/google_tag.script.js?rs9aqv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fad297ee556e6457dade7619aee08775633b67c70859b18d69c0d5c1c50a548d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97030
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Mar 2023 00:48:25 GMT

GET
H/1.1 200
OK self Show response
ip2c.org/ 16 B
217 B 216ms
51ms XHR
text/html 188.68.232.26
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ip2c.org/self
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/sites/default/files/js/js_ctMe7CIg0cjrHu4yhrpZFr9IoKf1J_6_XNRb1UjzOfs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.68.232.26 Warsaw, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: atena.therivercollective.com
Software: nginx /
Resource Hash: 7078ee46e8af3a161a3fba62f74bab02ebf7ca34b6df175e44d99038d2cf89df

Request headers

Accept: */*
Referer: https://www.sandos.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Mar 2023 00:48:25 GMT
Server: nginx
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 ajax-loader.gif
www.sandos.com/themes/custom/sandos_main/css/ 3 KB
3 KB 24ms
24ms Image
image/gif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/themes/custom/sandos_main/css/ajax-loader.gif

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/sites/default/files/css/css_S9BcwF1u2-ZQF8sV0pDt1kjtGeayjXaZ1DAMCVsWJ8w.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/sites/default/files/css/css_S9BcwF1u2-ZQF8sV0pDt1kjtGeayjXaZ1DAMCVsWJ8w.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13440603
cf-polished: origSize=4178, status=webp_bigger
content-length: 2592
cf-bgj: imgq:100,h2pri
last-modified: Wed, 28 Sep 2022 11:26:00 GMT
server: cloudflare
etag: "1052-5e9bb067f11a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bQOeDRbbbJmlDLHQANFYXAdmju0KoY2kw7OHMQoDye%2FyR7sKQPYtWWdsxHYk7BW8ISY7kF24RY0qSv2WjhUTp1m0ASKXi2ohs2WA%2Fq751pE3P02p00oBymmzrBMpb5tpQMR7BM95WX17PEy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7af41b6eee7930ed-FRA
expires: Tue, 24 Oct 2023 11:18:22 GMT

GET
H2 200 lazysizes.min.js Show response
www.sandos.com/libraries/lazysizes/ 8 KB
4 KB 25ms
25ms Script
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/libraries/lazysizes/lazysizes.min.js

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/sites/default/files/js/js_CMEMbKFrC6uI18LFn_9p6O0-zNMGET8Z8rhSKrOUyuI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c5112469a2b487beb6be62905d05affafb7e806ddadb82f41f66726bfe1fa0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9689486
content-encoding: br
last-modified: Wed, 28 Sep 2022 11:28:16 GMT
server: cloudflare
etag: W/"1e5b-5e9bb0e9c93dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPcGh1xcJpTUYSelZ602GBJGOKl26wvNhrC0vwKNWYYkItuAJhffSY8rNQo5KKk5RrzL7U%2Bk3DzufmsXwh0P5q1FI%2BkejYA4cRzhoyWD12kMX5bztLJRWIHuOqebylmh8rPmDgcJhLExHyRc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7af41b6f4eb230ed-FRA
expires: Wed, 06 Dec 2023 21:16:59 GMT

GET
H2 200 invisible.js Show response
www.sandos.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 455F 30 KB
13 KB 19ms
18ms Script
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandos.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680048000
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 893b3e00d89e38291b923c8511fe115524363c5b069809ebcae41c3f68bd7617

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3betVIi4P3YaifR3dKiIY3ztmspSxHdANIXnCCcgyuCkt3ttmAF7gLQkt1tNwvporqXFgAVsXI6MFhI3vQtn2eu4YqE0x67YsI1uRI9YRyTbz2Lk7xRwiL62DLIp9LiskW5cPfw4KQJcmHZg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7af41b6f5ec330ed-FRA

GET
H2 200 Splash_2.webp
www.sandos.com/sites/default/files/styles/64_23_1920/public/2023-03/ 92 KB
92 KB 71ms
71ms Image
image/webp 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/sites/default/files/styles/64_23_1920/public/2023-03/Splash_2.webp?h=32d3e6e7&itok=2WQ58VRA

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e35636052b89175a1f6a32e17ee203c28a5600174695097c9bab5ee6f44fd8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 16 Mar 2023 15:51:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "16ef6-5f7066eadca6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FjdIQhZHifaGQt2CimljzkwNexJdUumYcK4u65OvDNpbUCzyg7tr3huSA9svagE60ak60OyB5Voj9lsNrnPsDWWbkzCOiUrS%2BlnYbi0bjnPEZT6TQ56RcDfwfgsh3%2BQP37tsNS6N7cBu7%2Fv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7af41b6f8eeb30ed-FRA
content-length: 93942

GET
H2 200 pica.js
www.sandos.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 455F 7 KB
3 KB 22ms
22ms Other
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandos.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fd41be56cd49b8a82aa027457b99bff0f1f18c4224f6ea0b1efb9dc9ad7cdaf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePyIswKljuD2HZcIEeVz78BgEndYfyLie6JqZdFZMAqG5vztLZ3%2FqzoXnOWq4k17xeBFMC1rDnEM1%2FbKj6g%2B8CkSitZpUpg%2BFL6L0mS07gN5e5g9G5nWy1mBlPfMzvBS%2BfRJFlldgoXGavOP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7af41b6f9f1430ed-FRA

POST
H2 200 7af41b629d5230ed Show response
www.sandos.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 455F 2 B
525 B 41ms
41ms XHR
text/plain 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandos.com/cdn-cgi/challenge-platform/h/b/cv/result/7af41b629d5230ed
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680048000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 00:48:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af41b71688230ed-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rSVyvfhZzWi2R4Q5UjefjzJWBqIm4OhsPT6JmdfzNiWlR%2BFW09gJmfY%2BxIV8Lw0beUMRf6GqD4QYwTaxWJkF7prXreUec8K5rIDQPtEW60uwDNNInRgkk06fhGiYXaalLVCtYixS5UD7rgK"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 /
bookingcore.sandos.com/api-pb/session-key/ Frame 0
0 127ms
29ms Preflight
text/html 54.76.61.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingcore.sandos.com/api-pb/session-key/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.61.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-61-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,language
Access-Control-Request-Method: GET
Origin: https://www.sandos.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: Language, Content-Type, Device
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
content-language: es
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 00:48:26 GMT
vary: Accept-Language
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 /
bookingcore.sandos.com/api-pb/booking-form/short/hotels-by-zone/e2ff8022-3626-4897-95d9-cf54fa164174/ Frame 0
0 128ms
30ms Preflight
text/html 54.76.61.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingcore.sandos.com/api-pb/booking-form/short/hotels-by-zone/e2ff8022-3626-4897-95d9-cf54fa164174/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.61.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-61-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,language
Access-Control-Request-Method: GET
Origin: https://www.sandos.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: Language, Content-Type, Device
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
content-language: es
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 00:48:26 GMT
vary: Accept-Language
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 /
bookingcore.sandos.com/api-pb/market-contacts/ Frame 0
0 127ms
29ms Preflight
text/html 54.76.61.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingcore.sandos.com/api-pb/market-contacts/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.61.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-61-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,language
Access-Control-Request-Method: GET
Origin: https://www.sandos.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: Language, Content-Type, Device
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
content-language: es
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 00:48:26 GMT
vary: Accept-Language
x-frame-options: SAMEORIGIN

GET
H2 200 / Show response
bookingcore.sandos.com/api-pb/session-key/ 68 B
248 B 33ms
32ms Fetch
application/json 54.76.61.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingcore.sandos.com/api-pb/session-key/

Requested by

Host: bookingform.sandos.com
URL: https://bookingform.sandos.com/js/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.61.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-61-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

dc82a55670d9ee64776214901f75a58d379afa017365043f1865950cb3c83f65

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sandos.com/
Language: de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 29 Mar 2023 00:48:26 GMT
allow: GET, HEAD, OPTIONS
content-type: application/json
vary: Accept, Cookie, Accept-Language
x-frame-options: SAMEORIGIN
content-language: de

GET
H2 200 / Show response
bookingcore.sandos.com/api-pb/booking-form/short/hotels-by-zone/e2ff8022-3626-4897-95d9-cf54fa164174/ 17 KB
17 KB 1172ms
1172ms Fetch
application/json 54.76.61.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingcore.sandos.com/api-pb/booking-form/short/hotels-by-zone/e2ff8022-3626-4897-95d9-cf54fa164174/

Requested by

Host: bookingform.sandos.com
URL: https://bookingform.sandos.com/js/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.61.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-61-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

59affc1a1d07d2b09b5c674a6226e4b9ad0a983c53069a0b3bbc9307ea4a1814

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sandos.com/
Language: de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 29 Mar 2023 00:48:27 GMT
allow: GET, HEAD, OPTIONS
content-type: application/json
x-frame-options: SAMEORIGIN
vary: Accept, Cookie, Accept-Language
content-language: de

GET
H2 200 / Show response
bookingcore.sandos.com/api-pb/market-contacts/ 19 B
199 B 49ms
48ms Fetch
application/json 54.76.61.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingcore.sandos.com/api-pb/market-contacts/

Requested by

Host: bookingform.sandos.com
URL: https://bookingform.sandos.com/js/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.61.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-61-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

df02fe14833a568f9c4f87a40ed316398617b768b4901d8e03499f52f2e20bc4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sandos.com/
Language: undefined
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 29 Mar 2023 00:48:26 GMT
x-frame-options: SAMEORIGIN
content-language: de
allow: GET, HEAD, OPTIONS
vary: Accept, Cookie, Accept-Language
content-type: application/json

GET
H2 200 / Show response
api.ipify.org/ 32 B
107 B 428ms
97ms Script
application/javascript 64.185.227.155
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBBDNC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.155 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-227-155.static.webnx.com
Software: /
Resource Hash: a90f643a1ba4184827f57d5a65d544e358e8e03067e0f80e842473ff8d849e98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:26 GMT
content-length: 32
vary: Origin
content-type: application/javascript

GET
H2 200 6935.js Show response
script.crazyegg.com/pages/scripts/0063/ 6 KB
2 KB 59ms
16ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0063/6935.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBBDNC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c37b2a2328cef7b92d59242479cd156e4e79f59dfa4f0019acf1cc25a785a542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 26060
cf-polished: origSize=6063
ce-version: 11.5.48
cf-bgj: minify
last-modified: Tue, 28 Mar 2023 17:34:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 7af41b733e8c085a-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBBDNC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 00:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2595
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 29 Mar 2023 02:05:11 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/945383282/ 3 KB
2 KB 135ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945383282/?random=1680050906075&cv=11&fst=1680050906075&bg=ffffff&guid=ON&async=1&gtm=45He33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sandos.com%2Fde%2F&hn=www.googleadservices.com&frm=0&tiba=Sandos%20Resorts%20%7C%20All%20Inclusive%20Resorts%20in%20Spanien%20und%20Mexiko&auid=352571692.1680050906&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBBDNC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b661e681900f3b8f3a6916038cef360771c5750de13b6daf3313b8fefb106787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adg-sandos-hoteles-ret11.js Show response
bucket.cdnwebcloud.com/ 31 KB
7 KB 65ms
24ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/adg-sandos-hoteles-ret11.js?z=0.35237853264922525
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759f42ac848f71882d14ce1e07d5908ddb982fd77d4c4db315b73d613d525c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Fri, 19 Aug 2022 08:00:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"89c32f0d57fcded3ec93fcae1d819e29"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id: CXYUTLE4x4Mi2eBAIEBY4Na_vr8s8C17gE_xXoXvDVIfdBjV6_PpKg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
79 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PDHM7RC17F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBBDNC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8baba5eba3aded84b590da979bdf612c989e90d0074cd4211c869cfb5f60d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80702
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Mar 2023 00:48:26 GMT

GET
H2 200 www.sandos.com.json Show response
script.crazyegg.com/pages/data-scripts/0063/6935/site/ 5 KB
2 KB 58ms
28ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0063/6935/site/www.sandos.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0063/6935.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4859e01a51d0c86874f85af2e696659906c97b9cb7a715981a05eef6dad63e38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2491
ce-version: 11.5.48
content-length: 1789
last-modified: Wed, 29 Mar 2023 00:06:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7af41b738bfa37f1-FRA

GET
H2 200 adg-sandos-hoteles-ret11_9053_0_0.js Show response
bucket.cdnwebcloud.com/ 460 B
815 B 10ms
9ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/adg-sandos-hoteles-ret11_9053_0_0.js?n_one_v=20220819080045
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/adg-sandos-hoteles-ret11.js?z=0.35237853264922525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3c56240a12eb11d7d35ba6ab4ab63d2d82f972842a688ad0f780a59fc38de30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:37:37 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Fri, 19 Aug 2022 08:00:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1750250
etag: "97824cad00f6bf957ce90560c002e343"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
accept-ranges: bytes
content-length: 460
x-amz-cf-id: cwIsmZmTyzE31qLOp_5B3A7eNBZK2TQ2GdBUZC2_S2rjda-eKd5Adg==

GET
H2 200 sandos-hoteles-ret216.js Show response
bucket.cdnwebcloud.com/ 20 KB
4 KB 22ms
21ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/sandos-hoteles-ret216.js?z=0.0342594948449062
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/adg-sandos-hoteles-ret11_9053_0_0.js?n_one_v=20220819080045
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 136af894578fc298f7e6a2fd9ab1d91667e8cc99a00bf5f2fe802a44db652975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Fri, 24 Mar 2023 13:55:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: W/"f09d99cadcdccbe32ea1446c6cb7b983"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id: a5XnEDSPBlioWfa0mcb4xodYmGbQgzF1zl_SiO41jNSV-3xEG-oy_w==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 94ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PDHM7RC17F&gtm=45je33r0&_p=1211095353&_gaz=1&cid=1442518855.1680050906&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680050906&sct=1&seg=0&dl=https%3A%2F%2Fwww.sandos.com%2Fde%2F&dt=Sandos%20Resorts%20%7C%20All%20Inclusive%20Resorts%20in%20Spanien%20und%20Mexiko&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PDHM7RC17F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 70ms
19ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PDHM7RC17F&cid=1442518855.1680050906&gtm=45je33r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PDHM7RC17F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 151ms
56ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PDHM7RC17F&cid=1442518855.1680050906&gtm=45je33r0&aip=1&z=1000393292

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2af87bf7740f8f0001fbb2b1d957c992.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 71 KB
24 KB 27ms
26ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/2af87bf7740f8f0001fbb2b1d957c992.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0063/6935.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a5af4522378cac12b6766cae17729894c3f288e2bbd16ee9afd3352f82599be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 20:09:32 GMT
server: cloudflare
age: 27054
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7af41b73ff19085a-FRA
content-length: 24624

GET
H2

200

src=9267501;dc_pre=CIuG66v1__0CFRNDGAodJL0ODQ;type=invmedia;cat=reta;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9267501;type=invmedia;cat=reta;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?...
https://ad.doubleclick.net/ddm/activity/src=9267501;dc_pre=CIuG66v1__0CFRNDGAodJL0ODQ;type=invmedia;cat=reta;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_cons...
https://adservice.google.com/ddm/fls/z/src=9267501;dc_pre=CIuG66v1__0CFRNDGAodJL0ODQ;type=invmedia;cat=reta;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_conse...

42 B
401 B

191ms
76ms

Image
image/gif

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9267501;dc_pre=CIuG66v1__0CFRNDGAodJL0ODQ;type=invmedia;cat=reta;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20230324135501

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=9267501;dc_pre=CIuG66v1__0CFRNDGAodJL0ODQ;type=invmedia;cat=reta;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20230324135501
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip
trc.taboola.com/1339827/log/3/ 0
331 B 64ms
16ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1339827/log/3/unip?en=retargeting&n_one_v=20230324135501
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230022-FRA
server: nginx
x-timer: S1680050906.311285,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/945383282/ 42 B
455 B 138ms
51ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/945383282/?random=1680050906075&cv=11&fst=1680048000000&bg=ffffff&guid=ON&async=1&gtm=45He33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sandos.com%2Fde%2F&frm=0&tiba=Sandos%20Resorts%20%7C%20All%20Inclusive%20Resorts%20in%20Spanien%20und%20Mexiko&fmt=3&is_vtc=1&random=1269787350&rmt_tld=0&ipr=y

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/945383282/ 42 B
455 B 111ms
55ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/945383282/?random=1680050906075&cv=11&fst=1680048000000&bg=ffffff&guid=ON&async=1&gtm=45He33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sandos.com%2Fde%2F&frm=0&tiba=Sandos%20Resorts%20%7C%20All%20Inclusive%20Resorts%20in%20Spanien%20und%20Mexiko&fmt=3&is_vtc=1&random=1269787350&rmt_tld=1&ipr=y

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 48ms
38ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 29 Mar 2023 01:47:59 GMT

GET
H2 200 sandos-hoteles-ret216_9037_0_1.js Show response
bucket.cdnwebcloud.com/ 462 B
845 B 9ms
7ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/sandos-hoteles-ret216_9037_0_1.js?n_one_v=20230324135501
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-hoteles-ret216.js?z=0.0342594948449062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 338475984975373feafc24e24ed1d4f16b611ba127cf7f7f29ce02b43f850609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 15:06:56 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Fri, 24 Mar 2023 13:55:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 380491
etag: "c7e44c111ad6dba8cf36f1b5f1ff2509"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
accept-ranges: bytes
content-length: 462
x-amz-cf-id: dy2TcsTvNNISpBYB1kwi-aMGyyf1RqA7N0UR9P_Wp5ZizUJg4fOqwg==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 36ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js?n_one_v=20230324135501
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-hoteles-ret216.js?z=0.0342594948449062
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 02:11:41 GMT
Content-Encoding: gzip
Via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 81406
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: Z3XNVoKlcc0PBWHgeWlwLC8Yg629TIJorjBQ2v8AIxjXUvwGwfQ1zg==

GET
H2 200 sandos-hoteles-ret216_9037_0_4.js Show response
bucket.cdnwebcloud.com/ 287 B
670 B 10ms
7ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/sandos-hoteles-ret216_9037_0_4.js?n_one_v=20230324135501
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-hoteles-ret216.js?z=0.0342594948449062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4061452a25a17309c22eebbda8f67b75483a0b930fc11874ed1caabc5151d2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 15:06:56 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Fri, 24 Mar 2023 13:55:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 380491
etag: "fc9d0e43a40864b9de6c60dae0f071f0"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
accept-ranges: bytes
content-length: 287
x-amz-cf-id: nfMNA49OQt0moN8KEjLbzOrZw80GUuIhRWAijfSvmaHj32AGBHmGOA==

GET
H2 200 sandos-hoteles-ret216_9037_0_5.js Show response
bucket.cdnwebcloud.com/ 524 B
908 B 11ms
7ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/sandos-hoteles-ret216_9037_0_5.js?n_one_v=20230324135501
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-hoteles-ret216.js?z=0.0342594948449062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 705a76ecf866725e156571e265be8f7e2f57febc0eb35264feace7aee9b3ec8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 15:06:56 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Fri, 24 Mar 2023 13:55:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 380491
etag: "d57ff072e8ad3fb6b73ea4355855ffbf"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
accept-ranges: bytes
content-length: 524
x-amz-cf-id: 0fzCgrPQbJdXY-wBNAjfsXn6t27WBpIoZ3TfopbfUzz1aHRrIkRPNA==

GET
H2 200 www.sandos.com.json Show response
script.crazyegg.com/pages/data-scripts/0063/6935/sampling/ 155 B
209 B 20ms
20ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0063/6935/sampling/www.sandos.com.json?t=466680
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2af87bf7740f8f0001fbb2b1d957c992.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbecf79af5ebeefdf3f7545a7a97304338eb6f4732c110036ab940f86ec1f97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2491
ce-version: 11.5.48
content-length: 144
last-modified: Wed, 29 Mar 2023 00:06:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7af41b747cd237f1-FRA

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1339827/ 58 KB
18 KB 234ms
203ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1339827/tfa.js
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-hoteles-ret216_9037_0_1.js?n_one_v=20230324135501
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e57175cbe60042619ffc1fcb200c304e9a156e44b7c63b5d17ffd80f2287d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: m59w3Kza33I9YfWtX5eDaeI0vUG9axnW
content-encoding: gzip
via: 1.1 varnish
date: Wed, 29 Mar 2023 00:48:26 GMT
x-amz-request-id: TAAP4P74KRD9M2ZV
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18198
x-amz-id-2: ENp6gktfBtmmvJGxtfVeZahsFTYv0YxNtZ29xgfLK9UF2rtMKx1llHlm+5Pa7mAodFfJ9NfXAfM=
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Sun, 26 Mar 2023 11:14:01 GMT
server: AmazonS3
x-timer: S1680050906.344308,VS0,VE193
etag: "0fd6051ffcdb43fad5c5a13838c243b4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 46ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1211095353&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandos.com%2Fde%2F&ul=en-us&de=UTF-8&dt=Sandos%20Resorts%20%7C%20All%20Inclusive%20Resorts%20in%20Spanien%20und%20Mexiko&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACAAjBAAAACAAI~&jid=55394956&gjid=1464530513&cid=1442518855.1680050906&tid=UA-4155818-1&_gid=1942032935.1680050906&_r=1&_slc=1&gtm=45He33r0n71WBBDNC&z=147636282

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandos.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 47ms
44ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1211095353&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandos.com%2Fde%2F&ul=en-us&de=UTF-8&dt=Sandos%20Resorts%20%7C%20All%20Inclusive%20Resorts%20in%20Spanien%20und%20Mexiko&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACAAjBAAAACAAI~&jid=367231457&gjid=1507543930&cid=1442518855.1680050906&tid=UA-4155818-9&_gid=1942032935.1680050906&_r=1&_slc=1&gtm=45He33r0n71WBBDNC&z=1352175512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandos.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
461 B 58ms
7ms XHR
application/json 13.32.27.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2af87bf7740f8f0001fbb2b1d957c992.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-91.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 11:43:55 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 5576672
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: VndiLzrj75vQaRenz4c2H_y9hgerUrUDd4I_opLACc03tfWfDriMyQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
388 B 48ms
9ms XHR
application/json 18.66.122.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2af87bf7740f8f0001fbb2b1d957c992.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 03:10:02 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 12433105
etag: "d06f04fccf68d0b228a5923187ce1afd"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
content-length: 19
x-amz-cf-id: DmuEUp2L4EET5lm2cMStD4LN46CQftPIU1Kh5Jzvww4gTedCt2MQHA==

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 456ms
108ms Script
text/javascript 34.235.68.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-hoteles-ret216_9037_0_5.js?n_one_v=20230324135501
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.68.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-68-114.compute-1.amazonaws.com
Software: /
Resource Hash: fe0059e2e192a9f78f8e4865edcd3dba162599382422a7dc8843d00bf23d1453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Mar 2023 00:48:26 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5407
Content-Type: text/javascript

GET
BLOB 200
OK 93bf765c-a4cd-49fa-b826-195fbcc25719
https://www.sandos.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandos.com/93bf765c-a4cd-49fa-b826-195fbcc25719
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/de/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-4155818-1&cid=1442518855.1680050906&jid=55394956&gjid=1464530513&_gid=1942032935.1680050906&_u=aCDACAAiBAAAACAAI~&z=337810304

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandos.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 23ms
21ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-4155818-9&cid=1442518855.1680050906&jid=367231457&gjid=1507543930&_gid=1942032935.1680050906&_u=aCDACAAjBAAAACAAI~&z=209467776

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandos.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 51ms
49ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4155818-1&cid=1442518855.1680050906&jid=55394956&_u=aCDACAAiBAAAACAAI~&z=1908025189

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
50ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4155818-1&cid=1442518855.1680050906&jid=55394956&_u=aCDACAAiBAAAACAAI~&z=1908025189

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 55ms
54ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4155818-9&cid=1442518855.1680050906&jid=367231457&_u=aCDACAAjBAAAACAAI~&z=1553874706

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
50ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4155818-9&cid=1442518855.1680050906&jid=367231457&_u=aCDACAAjBAAAACAAI~&z=1553874706

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 31 B
138 B 145ms
64ms XHR
text/plain 52.48.251.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1680050906420&tk=3ab72f57fbac7b987a2f9f9f30bcb7ea&s=252206&p=%2Fde%2F&u=636935&v=53d2180a0bc190d1c37a2bff0d86ccd83e0f7b7d
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2af87bf7740f8f0001fbb2b1d957c992.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.251.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-251-179.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 0fdd7bd50bcce30c23494cca8fa6b04f118db4378402df658a84be366b29be85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Mar 2023 00:48:26 GMT
cache-control: no-store
server: awselb/2.0
content-length: 31
content-type: text/plain

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 29 Mar 2023 00:48:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JMnMg6W0yYRPMBd+81rcGBOo4xbvQTflzzG5vARr3ZUNtlFDt5Gt2rh1Z92rFKyzDL3F0mTL8LMXBtXZHqSsgQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 210923429331765 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/210923429331765?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

728abc4751854b5bdf1945c2d8a6707a6099f37e334cbd966a126d59b6f3e170

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 29 Mar 2023 00:48:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: EXVdrchpNX2xl2yBbNERGvfRPVZq1NzK8E516XE9QH0KezSfy7moTmsRXBrCOKoKj/hlL4YtDJK7NzUVUdi7gw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1339827/trc/3/ 3 KB
2 KB 26ms
26ms Script
application/javascript 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1339827/trc/3/json?tim=1680050906556&data=%7B%22id%22%3A77%2C%22ii%22%3A%22%2Fde%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1680050906548%2C%22cv%22%3A%2220230326-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.sandos.com%2Fde%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dadgravity-sandos-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1680050906555%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.sandos.com%2Fde%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1339827/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6edb13348c2e720cbcba944ae97cef975833e5346e0cb334c840fe9e8ca72000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Wed, 29 Mar 2023 00:48:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230022-FRA
server: nginx
x-timer: S1680050907.563037,VS0,VE19
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
BLOB 200
OK 04a6f0cd-39be-4761-98bc-223a863eff3e
https://www.sandos.com/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandos.com/04a6f0cd-39be-4761-98bc-223a863eff3e
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/de/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188032b69cded598a056d67266c38da7a56e30f6f1a51c20535a15c82c8d0eda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 35ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=210923429331765&ev=ViewContent&dl=https%3A%2F%2Fwww.sandos.com%2Fde%2F&rl=&if=false&ts=1680050906710&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&fbp=fb.1.1680050906705.1088192222&it=1680050906534&coo=false&rqm=GET

Requested by

Host: www.sandos.com
URL: https://www.sandos.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Mar 2023 00:48:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 111ms
110ms Stylesheet
text/css 34.235.68.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.68.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-68-114.compute-1.amazonaws.com
Software: /
Resource Hash: f38c3158be4219a873d20c9cd29d8d982020123fd50ada96484437f1c3ce6388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Mar 2023 00:48:26 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 419ms
102ms Fetch
image/jpeg 34.235.68.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.68.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-68-114.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Mar 2023 00:48:27 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

POST
H2 204 rum Show response
www.sandos.com/cdn-cgi/ 0
181 B 29ms
28ms XHR
text/plain 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandos.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.sandos.com/de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type: application/json

Response headers

date: Wed, 29 Mar 2023 00:48:26 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.sandos.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7af41b788df430ed-FRA

GET
H2 200 sandos-universal123.js Show response
bucket.cdnwebcloud.com/ 11 KB
4 KB 18ms
18ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/sandos-universal123.js?z=0.8244672279022363
Requested by: Host: www.sandos.com
URL: https://www.sandos.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4305641db88470afc5d68eadf2f6164de72bc37e54255846207b006d67f187da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jan 2022 08:59:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"37455e4d22d0301c9533ef534e14bc38"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id: XX7gfA8DFTDl4mesMm7Gf6sODo6s2uLzlVsBSeqnLfVtQdDzOOkvAQ==

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/scripts/ 111 KB
19 KB 104ms
10ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBBDNC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0f7e9451044863a26d7373b942a06868dd3314359bcd2c02d059b1e7b8eb7270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:26 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:05:54 GMT
x-azure-ref-originshield: 0tV0jZAAAAAAS0A/c5ITiSqGM/EwuSlA7RlJBMjMxMDUwNDE4MDM3AGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: b8GSp0qg5cmkaCwJ5u06Tg==
etag: 0x8DB2D5B93DBC0A7
x-azure-ref: 024ojZAAAAAB2FHWRMo69RIL2gQAXfvIARlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0ed22be4-101e-005d-2aa8-615d01000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=210923429331765&ev=PageView&dl=https%3A%2F%2Fwww.sandos.com%2Fde%2F&rl=&if=false&ts=1680050906965&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&cs_est=true&fbp=fb.1.1680050906705.1088192222&it=1680050906534&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Mar 2023 00:48:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 4451
Redirect Chain

https://insight.adsrvr.org/track/up?adv=zlo6fa9&ref=https%3A%2F%2Fwww.sandos.com%2Fde%2F&upid=lg4f83p&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=zlo6fa9&ref=https%3A%2F%2Fwww.sandos.com%2Fde%2F&upid=lg4f83p&upv=1.1.0

0
181 B

43ms
36ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=zlo6fa9&ref=https%3A%2F%2Fwww.sandos.com%2Fde%2F&upid=lg4f83p&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js?n_one_v=20230324135501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 29 Mar 2023 00:48:27 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 00:48:27 GMT
location: https://match.adsrvr.org/track/upb/?adv=zlo6fa9&ref=https%3A%2F%2Fwww.sandos.com%2Fde%2F&upid=lg4f83p&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 sandos-universal123_6526_0_0.js Show response
bucket.cdnwebcloud.com/ 451 B
807 B 8ms
7ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/sandos-universal123_6526_0_0.js?n_one_v=20220112085930
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-universal123.js?z=0.8244672279022363
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0af5aabdf6cb074c8bf37eba37e4f442a36ddec1cc6c4f38b1d90a97c439fe49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 21:06:41 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jan 2022 08:59:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 15997306
etag: "6e61c42d2fe57e17d10d108c0800eb38"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
accept-ranges: bytes
content-length: 451
x-amz-cf-id: qCqngSQPMrPtpTiIPw3CJf2nCQms3QEr-TAgspQlEbeOxwqhfqwIfg==

GET
H2 200 sandos-es123.js Show response
bucket.cdnwebcloud.com/ 19 KB
5 KB 21ms
20ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/sandos-es123.js?z=0.4894813522227697
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-universal123_6526_0_0.js?n_one_v=20220112085930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40f7cc324d455d6d582d9cc123b32ff737d38e002f0c21ff8d71fbd55f82149d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:28 GMT
content-encoding: br
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Fri, 10 Mar 2023 11:02:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: W/"85b1e26fe080c640899d3c24de70a115"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id: LVppQRGAxGArt9LF5jhzuyWYmu9IutI_x0Uk4fw_r9fNy6rZ5LVLHg==

GET
H2 200 Image_Sandos_Caracol_AquaPark_Aerial.webp
www.sandos.com/sites/default/files/styles/85_48_1200/public/2022-11/ 154 KB
154 KB 112ms
112ms Image
image/webp 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandos.com/sites/default/files/styles/85_48_1200/public/2022-11/Image_Sandos_Caracol_AquaPark_Aerial.webp?h=2e111cc1&itok=X220-bvi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898dae211c9643abd151643e8d86b5e9ae2cfdf72afd1c0b9a4dd4136b28aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 04 Nov 2022 16:40:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2667a-5eca7bad3b2a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8UxTS%2BApLpY3YqoAx4KLCB0KRTwCniIRqVa1Cgrhl%2BDNsr2dCkQtnWpg48X4ZlAxxW5jMNbJmTU8WNDq%2FcaUDl04614L4kURfKPzrNKK6bBbVQnTlVxU6uMdUN11eqzwVnfUKBj9b15ZMQ%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7af41b78ee4830ed-FRA
content-length: 157306

GET
H2 200 sandos-es123_6530_0_0.js Show response
bucket.cdnwebcloud.com/ 3 KB
1 KB 7ms
7ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/sandos-es123_6530_0_0.js?n_one_v=20230310110246
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-es123.js?z=0.4894813522227697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80ac2d6b51df1c694c1fedfc44be43ef8706ab864b65d5799dd764eef4203f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 11:26:48 GMT
content-encoding: br
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Fri, 10 Mar 2023 11:02:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1603300
etag: W/"ee73360149f0b98106aeb7c3c05e43fb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
x-amz-cf-id: 7Y1zYw4_pGYZv03LkDFPSK4MN9ef2CYNeWHpFF-eXYlFGpjXmm94ag==

GET
H2 200 atd Show response
neural38.cdnwebcloud.com/ 0
221 B 107ms
37ms Script
text/plain 34.252.9.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://neural38.cdnwebcloud.com/atd?0.05029471346396197&touchpoint%5Bplatform%5D=Win32&touchpoint%5Bhref%5D=https%3A%2F%2Fwww.sandos.com%2Fde%2F&touchpoint%5Blocal_storage%5D=&touchpoint%5Bscreen_width%5D=1600&touchpoint%5Bscreen_height%5D=1200&touchpoint%5Breferrer%5D=&touchpoint%5Btag_id%5D=6530&&callback=readResponse
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-es123_6530_0_0.js?n_one_v=20230310110246
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.9.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-9-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Mar 2023 00:48:27 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 LiveChatWidgetFrame.css
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/styles/ 2 KB
736 B 9ms
9ms Stylesheet
text/css 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/styles/LiveChatWidgetFrame.css
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9a8f09ea4a6d80acb1d78af795ea6962e685766414bd754191b000e3aea0b6a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:26 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:07 GMT
x-azure-ref-originshield: 0GmIjZAAAAABSXokEsRhYS4KQaT1rPDdfRlJBMjMxMDUwNDE4MDM1AGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: vPalaAAocbbnNoUsQ6PQkw==
etag: 0x8DB2D5B9B181964
x-azure-ref: 024ojZAAAAADmiTgJRINRQYI7Ha6I8hG6RlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c48b3846-101e-0096-5db7-615e54000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 chat.html Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/ Frame D6A8 7 KB
2 KB 9ms
9ms Document
text/html 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 52f1d6cb9c8ac1bf66b5c13c439ba6b94f745404e47fd3301c872e577c7898d9

Request headers

Referer: https://www.sandos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: br
content-md5: YX38MWKHFfi3iKrIAf2XLw==
content-type: text/html
date: Wed, 29 Mar 2023 00:48:26 GMT
etag: 0x8DB2D5BA473ACC0
last-modified: Sat, 25 Mar 2023 18:06:22 GMT
x-azure-ref: 024ojZAAAAADXgzFddkYoS5VsmnR0hfzpRlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-azure-ref-originshield: 0vj4jZAAAAABxMi6J22euT6jTJB/VNu/HRlJBMjMxMDUwNDE3MDIxAGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
x-cache: TCP_HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 17ef1b5a-001e-0033-2d78-61082e000000
x-ms-version: 2009-09-19

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/ Frame D6A8 111 KB
18 KB 11ms
10ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0f7e9451044863a26d7373b942a06868dd3314359bcd2c02d059b1e7b8eb7270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:07 GMT
x-azure-ref-originshield: 03lQjZAAAAADZlNt7mOlPRJudpPVRbnF6RlJBMjMxMDUwNDE3MDI1AGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: b8GSp0qg5cmkaCwJ5u06Tg==
etag: 0x8DB2D5B9BA9E546
x-azure-ref: 024ojZAAAAAAalWO4QCZuSYZ89pcqkPdURlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 042d1c99-601e-00a3-7e54-613240000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=210923429331765&ev=Microdata&dl=https%3A%2F%2Fwww.sandos.com%2Fde%2F&rl=&if=false&ts=1680050907224&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sandos%20Resorts%20%7C%20All%20Inclusive%20Resorts%20in%20Spanien%20und%20Mexiko%22%2C%22meta%3Adescription%22%3A%22Sandos%20Hotels%20%26%20Resorts%20ist%20eine%20der%20beliebtesten%20All-Inclusive-Hotelketten%20der%20Welt.%20Unsere%20G%C3%A4ste%20kehren%20Jahr%20f%C3%BCr%20Jahr%20dank%20unserer%20hervorragenden%20Strandlage%20zur%C3%BCck%E2%80%A6%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40graph%22%3A%5B%7B%22%40type%22%3A%22LodgingBusiness%22%2C%22additionalType%22%3A%22Hotel%22%2C%22%40id%22%3A%22http%3A%2F%2Fwww.sandos.com%2Fde%22%2C%22description%22%3A%22Sandos%20HOTELS%20%26%20RESORTS%22%2C%22name%22%3A%22Sandos%22%2C%22url%22%3A%22http%3A%2F%2Fwww.sandos.com%2Fde%22%2C%22telephone%22%3A%22%2B52%20(55)%2085266116%22%2C%22image%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22http%3A%2F%2Fwww.sandos.com%2Fsites%2Fdefault%2Ffiles%2F2023-03%2FSplash_2.jpg%22%2C%22width%22%3A%221440%22%2C%22height%22%3A%22690%22%7D%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sandos.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fscale_height_130%2Fpublic%2FRe-Branding_Sandos_Hotels%2526Resorts_VERT.webp%22%7D%7D%2C%7B%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22http%3A%2F%2Fwww.sandos.com%2Fde%22%2C%22name%22%3A%22Sandos%20HOTELS%20%26%20RESORTS%22%2C%22url%22%3A%22http%3A%2F%2Fwww.sandos.com%2Fde%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=2&o=30&fbp=fb.1.1680050906705.1088192222&it=1680050906534&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Mar 2023 00:48:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 LiveChatWidgetLibs.min.js Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/ Frame D6A8 431 KB
115 KB 11ms
9ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 62116f1b005b63f8d58399647735f6c403d4c9849b35ddb94e4c6213ff953bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:27 GMT
x-azure-ref-originshield: 010cjZAAAAAC3f0jAMq2xQ7zJVLdOtbKcRlJBMjMxMDUwNDE4MDI1AGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: hjAm1O2cen+ZkRhRu32UBQ==
etag: 0x8DB2D5BA6FFA412
x-azure-ref: 024ojZAAAAABPPJSrvUl/Q6/incLciBIVRlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0038beb3-601e-0025-459b-61fef9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
419 B 106ms
106ms XHR
text/plain 34.235.68.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=1qaH4AXswcXRvL8OnxpwVg&is_js=true&landing_url=https%3A%2F%2Fwww.sandos.com%2Fde%2F&t=Sandos%20Resorts%20%7C%20All%20Inclusive%20Resorts%20in%20Spanien%20und%20Mexiko&tip=EhaIcU8f1-9uheBy2-9U57sEQa013I1S8WbkCjsbWHg&host=https://www.sandos.com&sa_conv_data_css_value=%20%220-b5743cb6-5552-5e46-709a-e3104a21e0b8%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9b5743cb655525e46709ae3104a21e0b8b9d59ba3&sa-user-id-v2=s%253AtXQ8tlVSXkZwmuMQSiHguLnVm6M.S5n24OGpu2ECrsFUMZtCl1o37y3%252Bl5LaJ3YSG2GPkUE&sa-user-id=s%253A0-b5743cb6-5552-5e46-709a-e3104a21e0b8.rAL%252FehF1LwotoCT6kqKshR1D%252B9jo%252FQLVsRHmJsI810s
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.68.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-68-114.compute-1.amazonaws.com
Software: /
Resource Hash: 223183c76575f3f5ef7012e43ce26e91bd409e6684e05362f9f2d8e28d79762c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 00:48:27 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.sandos.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 116

GET
H2 200 LiveChatWidgetScripts.min.js Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/ Frame D6A8 476 KB
88 KB 10ms
10ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 922250104d78f22f60627c88b8b9cff1da061138ead5fe17478a4d59fdab2f34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:08 GMT
x-azure-ref-originshield: 0X1IjZAAAAACY8LERvVe9R6rco4tePshDRlJBMjMxMDUwNDE3MDUxAGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: 4xvRAyqjeU/gHbrELf/Jdg==
etag: 0x8DB2D5B9BF08197
x-azure-ref: 024ojZAAAAADlnE437PXpQIPKx/2zIVpIRlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 295ae678-901e-0021-2ea9-6173fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 LiveChatWidgetAll.min.css
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/styles/ Frame D6A8 55 KB
10 KB 10ms
10ms Stylesheet
text/css 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/styles/LiveChatWidgetAll.min.css
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 472cc785463481fa5fdb22aa5c79d2b0cc968ff8dd3dc58786ae8bdd663d858d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:06 GMT
x-azure-ref-originshield: 0xh8jZAAAAAApz/58ofSVSYAZJi+v7nPNRlJBMjMxMDUwNDE3MDMxAGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: /03DbCPG2W7ppz3KZfwk2g==
etag: 0x8DB2D5B9AF24709
x-azure-ref: 024ojZAAAAAAJfZgikgBBQ49IfOgCzvdGRlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: cac0735e-d01e-00b6-2e98-6125f3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 jquery-3.6.0.min.js Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/ Frame D6A8 106 KB
39 KB 9ms
9ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/jquery-3.6.0.min.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8da45f216e38f539915dbb50154f2ecb50e95f8dcc070cbcb0f649a9b1c6daa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:26 GMT
x-azure-ref-originshield: 0EHgjZAAAAADeECfw9MCKR5KZhzTAtioFRlJBMjMxMDUwNDE4MDUzAGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: YTyyw0OcZ8oIAAbghEu+DA==
etag: 0x8DB2D5BA6D7FD3C
x-azure-ref: 024ojZAAAAADlb93FpbSDS6BXrRO4njanRlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4891798a-601e-000a-3278-61f332000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 prod.json Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/configs/ Frame D6A8 3 KB
1 KB 14ms
13ms XHR
application/json 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/configs/prod.json
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/jquery-3.6.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8384f24c42d2a617e671e1176c65de8ee78d761fedb84c662121cd3ac7695dbf

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:22 GMT
x-azure-ref-originshield: 0EmIjZAAAAAB1SLOgQuVuSb5wV5Xm8g+DRlJBMjMxMDUwNDE4MDUxAGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: SSVCUm0Wx7kR9twJ4ZLFAA==
etag: 0x8DB2D5BA42374C9
x-azure-ref: 024ojZAAAAACYSxtX9VOXRoFmjdVfHQdnRlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3d29b634-c01e-003c-30bd-617e42000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 appinsights.js Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/ Frame D6A8 24 KB
11 KB 12ms
11ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/appinsights.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 20944a3c92d8671df8f6e24fc52b434b3abf24db5c9a3e552b9ce7082a3111de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:24 GMT
x-azure-ref-originshield: 0EHgjZAAAAACFRgvu7q+lQ5FImVK42HX3RlJBMjMxMDUwNDE4MDUxAGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: CHwiPOiYR3/AfY9Tg/XVKA==
etag: 0x8DB2D5BA5AC7750
x-azure-ref: 024ojZAAAAADEj0kST3HITJkTTCpt0p5LRlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 785148bf-501e-0073-339e-610f16000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 webchat.js Show response
cdn.botframework.com/botframework-webchat/4.15.7/ Frame D6A8 4 MB
883 KB 76ms
7ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.botframework.com/botframework-webchat/4.15.7/webchat.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE5) /
Resource Hash: 93124788450eacece23586a38a2b4db07afa3fce35a086fd7a81b187eca41afe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: gzip
content-md5: MOUCWWsi60Qy9dD9I82RXw==
age: 1888
x-cache: HIT
content-length: 903345
x-ms-lease-status: unlocked
last-modified: Thu, 16 Feb 2023 02:11:33 GMT
server: ECAcc (frc/4CE5)
etag: 0x8DB0FC320506811
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 45214160-e01e-0042-24d3-61d63a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Wed, 29 Mar 2023 04:48:27 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame D6A8 118 KB
45 KB 63ms
11ms Script
text/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/appinsights.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7e6eb5a9a8a048fbc98c8f37e104b59fdd19a077ece48b1ed11e6d4a54f93d38

Request headers

Referer: https://oc-cdn-public-eur.azureedge.net/
Origin: https://oc-cdn-public-eur.azureedge.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
x-azure-ref-originshield: 0NoYjZAAAAABG3vtdqDYKSatZhZTcE3ulRlJBMjMxMDUwNDE4MDQ5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: unyOJ/DZA0HScX9iyq6ldA==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.11.min.js
last-modified: Wed, 15 Mar 2023 18:34:46 GMT
x-ms-meta-aijssdkver: 2.8.11
etag: 0x8DB2583F3E2030A
x-azure-ref: 024ojZAAAAACNqvHNB/uGSKUUVZa5xa1yRlJBMzFFREdFMDMxNgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: e1366237-601e-00b0-5ed5-61eecf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 purify.min.js Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/ Frame D6A8 35 KB
15 KB 10ms
9ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/purify.min.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0b7e47ca77862602e4c75db13afc5d36cc113d2b3cbf097a88997fd1f178fa44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:27 GMT
x-azure-ref-originshield: 08kAjZAAAAAAU5b+Gv2fVSIgDJRRfT5wKRlJBMjMxMDUwNDE3MDI5AGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: Gg2Ja+nj7RU82IqYEdXe9Q==
etag: 0x8DB2D5BA7246528
x-azure-ref: 024ojZAAAAAB6eFCdUk6JTZpUKW8iV8hjRlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 465f6013-501e-0063-6b9f-61ca7e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 botframework-webchat-adapter-ic3.production.min.js Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/ Frame D6A8 133 KB
34 KB 10ms
9ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/botframework-webchat-adapter-ic3.production.min.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 295f8e6f3f8de861994889baf146addbf464371d56cbec8297170e0945034dbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:25 GMT
x-azure-ref-originshield: 0LkYjZAAAAACU9IY5kjyeQYXu1/Tgj6F/RlJBMjMxMDUwNDE4MDQ1AGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: AMz7ykneMXVtwj+jD8FGOA==
etag: 0x8DB2D5BA5FE0E9E
x-azure-ref: 024ojZAAAAAAugVnwo7JUSqgg3yWD8rSqRlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a58fe79e-401e-00a4-5673-615e23000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 SDK.min.js Show response
comms.omnichannelengagementhub.com/ams/0.1.5-main.06ca67a/ Frame D6A8 31 KB
6 KB 66ms
10ms Script
application/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://comms.omnichannelengagementhub.com/ams/0.1.5-main.06ca67a/SDK.min.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2de67a1a5b78b733dc668414aaa41c13f87674c06a9033c3b70d5e741508ab3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Tue, 14 Feb 2023 20:09:36 GMT
x-azure-ref-originshield: 0XVgjZAAAAAAUcTiI55yUQaMfDx9OgvjoRlJBMjMxMDUwNDE3MDUxADMxM2JjYWFkLTU5MmUtNGQwOC1iNTkxLWYyY2UyNWQ3NmY1Nw==
content-md5: o77BMBnNHUlj5/MLceyNVw==
etag: 0x8DB0EC7655635D9
x-azure-ref: 03IojZAAAAAB6XNWB8cAORoJvkk5h4IGqRlJBMzFFREdFMDkyMgAzMTNiY2FhZC01OTJlLTRkMDgtYjU5MS1mMmNlMjVkNzZmNTc=
x-cache: TCP_HIT
content-type: application/javascript
x-ms-request-id: 6dccbff4-e01e-005a-59b1-601481000000
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 chat-adapter-0.0.35-beta.15.js Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/ Frame D6A8 538 KB
128 KB 10ms
9ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/chat-adapter-0.0.35-beta.15.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 311ce464ac00cf3928c4221984676f60f7cb742bb2408b731c3747a24ef19047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:26 GMT
x-azure-ref-originshield: 0ei8jZAAAAABpOCfILXpXTb3+HhHTaXD0RlJBMjMxMDUwNDE3MDExAGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: 6UHk7JU6/285ylaPFKtXzg==
etag: 0x8DB2D5BA688887E
x-azure-ref: 03IojZAAAAABh5lY4fZWCTLwys/CHyv14RlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7abb8b56-201e-0024-10a1-61a125000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 SDK.min.js Show response
ocsdk-prod.azureedge.net/release/0.3.4-main.9898859/ Frame D6A8 713 KB
114 KB 45ms
9ms Script
application/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ocsdk-prod.azureedge.net/release/0.3.4-main.9898859/SDK.min.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9822d434731768a0f5cc1ad338f26b1cf34fb025e6da97b8ae1e04bf67104e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:27 GMT
content-encoding: br
x-azure-ref-originshield: 0zvsiZAAAAABIy3tY+19mTKVM+qrjfh+sRlJBMjMxMDUwNDE3MDMxADk3OTcxN2E0LWY0ODUtNGM5NS1hZDZiLWI4YWIxNWJmYjNhMg==
content-md5: SJjYdk+oAiWxKTDbNQ2arg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 01:53:16 GMT
etag: 0x8DB1477910833D0
x-azure-ref: 03IojZAAAAAAAHqO4HiQgSpOfYcF+u5dLRlJBMzFFREdFMDQxNwA5Nzk3MTdhNC1mNDg1LTRjOTUtYWQ2Yi1iOGFiMTViZmIzYTI=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0088cfa8-d01e-006e-7552-614802000000
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 204 unip Show response
trc-events.taboola.com/1339827/log/3/ 0
246 B 75ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1339827/log/3/unip?en=pre_d_eng_tb&tos=1571&scd=0&ssd=1&est=1680050906552&ver=36&isls=true&src=i&invt=1500&msa=7348&rv=1&tim=1680050908124&vi=1680050906548&ri=3853717eba73f166e34064f27401aa6d&ref=null&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fwww.sandos.com%2Fde%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1339827/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: https://www.sandos.com
pragma: no-cache
date: Wed, 29 Mar 2023 00:48:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK c66ade2d-d985-49c3-946c-4d9e319b2585 Show response
804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com/livechatconnector/config/724f6079-2bee-4c93-a060-1bbcfc464bce/ Frame D6A8 14 KB
14 KB 284ms
15ms XHR
application/json 13.94.245.101
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com/livechatconnector/config/724f6079-2bee-4c93-a060-1bbcfc464bce/c66ade2d-d985-49c3-946c-4d9e319b2585?requestId=15cd158e-1305-4404-917b-13825563affa&channelId=lcw

Requested by

Host: ocsdk-prod.azureedge.net
URL: https://ocsdk-prod.azureedge.net/release/0.3.4-main.9898859/SDK.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.94.245.101 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6c9d606b904034bbfb02dddc72dfea152463d2b9b13e15babcfba22546f648e6

Security Headers

Name	Value
Content-Security-Policy	default-src "none"
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://oc-cdn-public-eur.azureedge.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src "none"
Date: Wed, 29 Mar 2023 00:48:28 GMT
X-Content-Type-Options: nosniff
Correlation-Vector: HdfDMh8+Y0mzhyma9qtSLQ.40
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Transaction-Id,ErrorCode,Message
Cache-Control: no-store, must-revalidate, no-cache
Transaction-Id: 27ad655a-9c08-4397-9802-b1df837d0e7c
Expires: Wed, 29 Mar 2023 00:48:28 GMT

GET
H2 200 1033.js Show response
oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/locale/ Frame D6A8 31 KB
12 KB 9ms
9ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/locale/1033.js
Requested by: Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfc59d372c8e9410952f34cd66380fe4442e12a547f1832cd4d1833ca99befaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=c66ade2d-d985-49c3-946c-4d9e319b2585&data-org-id=724f6079-2bee-4c93-a060-1bbcfc464bce&data-org-url=https://804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com&hostname=www.sandos.com&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:28 GMT
content-encoding: br
last-modified: Sat, 25 Mar 2023 18:06:10 GMT
x-azure-ref-originshield: 0QxUjZAAAAAAOOeLrTozEQaOQPiBeSLSpRlJBMjMxMDUwNDE3MDM1AGUxN2Q5YWFjLTAyZjctNDgxYy05Njg3LTk4ZjdiM2Q5YmViNg==
content-md5: H+bnaF7lahtSozqMJy+Apw==
etag: 0x8DB2D5B9D61928C
x-azure-ref: 03IojZAAAAABzlOQ8AcQDSKyr+yq8ZIcORlJBMzFFREdFMDQxNwBlMTdkOWFhYy0wMmY3LTQ4MWMtOTY4Ny05OGY3YjNkOWJlYjY=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 54ca8e3b-501e-004c-5a3f-61c7b5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 chatIcon.svg
oc-cdn-ocprod.azureedge.net/livechatwidget/images/ Frame D6A8 4 KB
2 KB 46ms
9ms Image
image/svg+xml 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/images/chatIcon.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c752010e5b4d646db0e324e5ef6bdb3808052906284ee96f435f9924e734be5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Mar 2023 00:48:28 GMT
content-encoding: br
x-azure-ref-originshield: 0wh0gZAAAAACvgLBXmO1CTq1GH7wcqLIHRlJBMjMxMDUwNDE3MDMxADRiMmU3Y2ZiLWYwYmItNDA4Yi1iZWUzLTAwNGY1NDMyN2FhNA==
content-md5: vgnZH1oe5bC15YtgL+1AfA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:13 GMT
etag: 0x8D9D7EFEDC9CF79
x-azure-ref: 03IojZAAAAACFzpLEl6dXS4ZyFpuIW24qRlJBMzFFREdFMDQxNwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: af8ca45d-601e-00da-28be-5e09bf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 sandos-es123_6535_0_0.js Show response
bucket.cdnwebcloud.com/ 1 KB
976 B 7ms
7ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/sandos-es123_6535_0_0.js?n_one_v=20230310110245
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-es123.js?z=0.4894813522227697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f196bb8092d512967cf838401aacaadbcd06ff611bf2c06603aab182617caf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 11:26:50 GMT
content-encoding: br
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Fri, 10 Mar 2023 11:02:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1603300
etag: W/"730735dc5b462f861fef1e22ada47c3b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
x-amz-cf-id: U_3Cd6vLqx9dyqSLQFuSEdNyBdwS-3PZrwBtqdI0RvW2Xlcwh6NiwQ==

GET
H2 200 atd Show response
neural38.cdnwebcloud.com/ 0
220 B 28ms
28ms Script
text/plain 34.252.9.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://neural38.cdnwebcloud.com/atd?0.811976283066874&touchpoint%5Bplatform%5D=Win32&touchpoint%5Bhref%5D=https%3A%2F%2Fwww.sandos.com%2Fde%2F&touchpoint%5Blocal_storage%5D=&touchpoint%5Bscreen_width%5D=1600&touchpoint%5Bscreen_height%5D=1200&touchpoint%5Breferrer%5D=&touchpoint%5Bcustom_params%5D%5B01%20Check-in%5D=&touchpoint%5Bcustom_params%5D%5B02%20Check-out%5D=&touchpoint%5Bcustom_params%5D%5B03%20Adults%2FChildren%5D=&touchpoint%5Bcustom_params%5D%5B05%20Hotel%5D=&touchpoint%5Bcustom_params%5D%5B06%20Room%20types%5D=&touchpoint%5Bcustom_params%5D%5B07%20Language%5D=&touchpoint%5Bcustom_params%5D%5B08%20Section%5D=home&touchpoint%5Bcustom_params%5D%5B09%20Page_Title%5D=Sandos%20Resorts%20%7C%20All%20Inclusive%20Resorts%20in%20Spanien%20und%20Mexiko&touchpoint%5Bcustom_params%5D%5B10%20Path_Name%5D=%2Fde%2F&touchpoint%5Bcustom_params%5D%5B11%20Domain%5D=www.sandos.com&touchpoint%5Btag_id%5D=6535&touchpoint%5Btptype%5D=4&callback=readResponse
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/sandos-es123_6535_0_0.js?n_one_v=20230310110245
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.9.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-9-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Mar 2023 00:48:29 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

POST
H/1.1 200
OK / Show response
eu-mobile.events.data.microsoft.com/Collector/3.0/ Frame D6A8 0
442 B 133ms
29ms XHR
application/json 20.50.201.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-mobile.events.data.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.2&x-apikey=c7655518acf1403f93ff6b9f77942f0a-d01a02fd-6b50-4de3-a566-62eda11f93bc-7083&client-time-epoch-millis=1680050909432&time-delta-to-apply-millis=use-collector-delta

Requested by

Host: oc-cdn-public-eur.azureedge.net
URL: https://oc-cdn-public-eur.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.201.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oc-cdn-public-eur.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 29 Mar 2023 00:48:28 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 111
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1339827/log/3/ 0
245 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1339827/log/3/unip?en=pre_d_eng_tb&tos=4572&scd=0&ssd=1&est=1680050906552&ver=36&isls=true&src=i&invt=3000&msa=7348&rv=1&tim=1680050911125&vi=1680050906548&ri=3853717eba73f166e34064f27401aa6d&ref=null&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fwww.sandos.com%2Fde%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1339827/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: https://www.sandos.com
pragma: no-cache
date: Wed, 29 Mar 2023 00:48:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

455 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sandos.com/	1970-01-20 10:43:43	Name: pod_id Value: 1680050904.432.26.795917\|a5408b282e2515526c5bb050d6cd6bfa
.sandos.com/	1970-01-20 10:40:52	Name: __cf_bm Value: t4jrJ20naCuQ_5sp5.5rTA9_6wOoIJcGbo3j9K8tSaI-1680050905-0-AdcUgMaQinQiHf9b8VQydtmS6NWkEf/E4cFNl2nocwzcz/9FrurOOrmyrL5TbT9sGh5pBrnmXZYZ9E4Lc11UjOo94zYC9tsd/YMi8a1LJpZD1kzn/dW6zmTJcJJMOOxRXg==
.doubleclick.net/	1970-01-20 20:02:26	Name: IDE Value: AHWqTUmM1vFXTNxqESQDt7PObYXwoKSI6PQNMxfe09Llpz_0EEqo38Pwu57sPo-7zXU
tags.srv.stackadapt.com/	1970-01-20 19:26:26	Name: sa-user-id Value: s%3A0-b5743cb6-5552-5e46-709a-e3104a21e0b8.rAL%2FehF1LwotoCT6kqKshR1D%2B9jo%2FQLVsRHmJsI810s
tags.srv.stackadapt.com/	1970-01-20 19:26:26	Name: sa-user-id-v2 Value: s%3AtXQ8tlVSXkZwmuMQSiHguLnVm6M.S5n24OGpu2ECrsFUMZtCl1o37y3%2Bl5LaJ3YSG2GPkUE
.srv.stackadapt.com/	1970-01-20 19:26:26	Name: sa-user-id-v2 Value: s%3AtXQ8tlVSXkZwmuMQSiHguLnVm6M.S5n24OGpu2ECrsFUMZtCl1o37y3%2Bl5LaJ3YSG2GPkUE
.adsrvr.org/	1970-01-20 19:27:53	Name: TDID Value: 231428d0-03dd-4624-95db-ce5fb2165b3f
.neural38.cdnwebcloud.com/	1970-01-20 19:26:26	Name: n_one Value: 6a9af2d5-cdcb-11ed-8010-0242ac110002

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

804cff4b96b84492805837332aeeb0-crm4.omnichannelengagementhub.com
ad.doubleclick.net
adservice.google.com
api.ipify.org
assets-tracking.crazyegg.com
bookingcore.sandos.com
bookingengine.sandos.com
bookingform.sandos.com
bucket.cdnwebcloud.com
cdn.botframework.com
cdn.taboola.com
comms.omnichannelengagementhub.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
eu-mobile.events.data.microsoft.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
ip2c.org
js.adsrvr.org
js.monitor.azure.com
match.adsrvr.org
neural38.cdnwebcloud.com
oc-cdn-ocprod.azureedge.net
oc-cdn-public-eur.azureedge.net
ocsdk-prod.azureedge.net
pagestates-tracking.crazyegg.com
region1.analytics.google.com
script.crazyegg.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
tracking.crazyegg.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.sandos.com
108.138.15.119
13.32.27.91
13.94.245.101
141.226.228.48
142.250.185.70
15.197.193.217
151.101.193.44
152.199.19.160
18.66.122.129
18.66.122.45
188.68.232.26
20.50.201.195
2001:4860:4802:34::36
2600:9000:2240:4000:10:b1ea:9e80:93a1
2606:4700:3108::ac42:2909
2606:4700::6810:3965
2606:4700::6813:9408
2620:1ec:4e:1::45
2620:1ec:4f:1::45
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c09::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::300
34.235.68.114
34.252.9.99
34.96.102.137
52.48.251.179
54.76.61.197
64.185.227.155
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
08b9edf0f3bd319707225dd01bbdaace4d609ab453565081a3d7936d33f56803
0ad33a20dd9dca3977a412bd7b0225b02b897bc65baa395fe56ac7b0734ad874
0af5aabdf6cb074c8bf37eba37e4f442a36ddec1cc6c4f38b1d90a97c439fe49
0b7e47ca77862602e4c75db13afc5d36cc113d2b3cbf097a88997fd1f178fa44
0e57175cbe60042619ffc1fcb200c304e9a156e44b7c63b5d17ffd80f2287d71
0f7e9451044863a26d7373b942a06868dd3314359bcd2c02d059b1e7b8eb7270
0fdd7bd50bcce30c23494cca8fa6b04f118db4378402df658a84be366b29be85
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
136af894578fc298f7e6a2fd9ab1d91667e8cc99a00bf5f2fe802a44db652975
14ebdb84e5f0d5f1f86a9f9828566eb4e8b69dc8aa67a442c510ea41f91006de
188032b69cded598a056d67266c38da7a56e30f6f1a51c20535a15c82c8d0eda
1d9b684d696fb17e63ba06d80995171e5cbb6d3d3da0dbf66983d18783acd1d1
1f196bb8092d512967cf838401aacaadbcd06ff611bf2c06603aab182617caf9
20944a3c92d8671df8f6e24fc52b434b3abf24db5c9a3e552b9ce7082a3111de
2110061660d87ffde804d8d46a39b0ac83be9c096723986fb280d484579222e4
223183c76575f3f5ef7012e43ce26e91bd409e6684e05362f9f2d8e28d79762c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
275b2ea97be6b0d3f008517431c04c9c1c380f4c2e880711c3a96810740783d8
295f8e6f3f8de861994889baf146addbf464371d56cbec8297170e0945034dbe
2a5af4522378cac12b6766cae17729894c3f288e2bbd16ee9afd3352f82599be
2de67a1a5b78b733dc668414aaa41c13f87674c06a9033c3b70d5e741508ab3e
2dea39cbea2fbc1c4a456334634eac273a10ddc4006d2e90c80f9ff35cec47fa
311ce464ac00cf3928c4221984676f60f7cb742bb2408b731c3747a24ef19047
338475984975373feafc24e24ed1d4f16b611ba127cf7f7f29ce02b43f850609
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
36ad0624eedbc00a480d7f6e0d2968ab805d9fd16b33d483a12ddb1101c3ce52
3a8859e9a76c029ed60cf40d9d5da9c2ad1f76494f222e76b367a8064f47763b
3b71f61bb60c98bd3b4f071b4becd3059283e54c574565676e6726e9105a45e8
3fd41be56cd49b8a82aa027457b99bff0f1f18c4224f6ea0b1efb9dc9ad7cdaf
4061452a25a17309c22eebbda8f67b75483a0b930fc11874ed1caabc5151d2d7
40f7cc324d455d6d582d9cc123b32ff737d38e002f0c21ff8d71fbd55f82149d
4305641db88470afc5d68eadf2f6164de72bc37e54255846207b006d67f187da
472cc785463481fa5fdb22aa5c79d2b0cc968ff8dd3dc58786ae8bdd663d858d
4859e01a51d0c86874f85af2e696659906c97b9cb7a715981a05eef6dad63e38
4a916262726c7e8fc89bda68ab2056033658066ee62408df6d6798c865e06ab1
4b9e15eb51ff039d12f0187b3eb749d6ce356a8a34bf19598694c53a6c287871
4cbecf79af5ebeefdf3f7545a7a97304338eb6f4732c110036ab940f86ec1f97
52206035d784ca1b49adfb7fc216e117c966c9ebb282c630b231c871f2e6a47f
52f1d6cb9c8ac1bf66b5c13c439ba6b94f745404e47fd3301c872e577c7898d9
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59affc1a1d07d2b09b5c674a6226e4b9ad0a983c53069a0b3bbc9307ea4a1814
59e510ebea1d7974d26c779d9f148ddf5fefc8d88d839daec3c960088a0f613f
619dec50cd0a88e3317087f5e025f0ec0ea63d06b361ee0b879ecb3089284b89
62116f1b005b63f8d58399647735f6c403d4c9849b35ddb94e4c6213ff953bf7
6b77bf158bffd6ddcb923496df10881ec790b6b00cf384af12f9c5858fbe36ca
6c9d606b904034bbfb02dddc72dfea152463d2b9b13e15babcfba22546f648e6
6e35636052b89175a1f6a32e17ee203c28a5600174695097c9bab5ee6f44fd8a
6edb13348c2e720cbcba944ae97cef975833e5346e0cb334c840fe9e8ca72000
705a76ecf866725e156571e265be8f7e2f57febc0eb35264feace7aee9b3ec8b
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
7078ee46e8af3a161a3fba62f74bab02ebf7ca34b6df175e44d99038d2cf89df
728abc4751854b5bdf1945c2d8a6707a6099f37e334cbd966a126d59b6f3e170
73a61de8f2587ee652c407be595f6840728d2ccb08be8960f0e67d0bad5edd27
759f42ac848f71882d14ce1e07d5908ddb982fd77d4c4db315b73d613d525c28
7c5112469a2b487beb6be62905d05affafb7e806ddadb82f41f66726bfe1fa0e
7e6eb5a9a8a048fbc98c8f37e104b59fdd19a077ece48b1ed11e6d4a54f93d38
80ac2d6b51df1c694c1fedfc44be43ef8706ab864b65d5799dd764eef4203f61
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8384f24c42d2a617e671e1176c65de8ee78d761fedb84c662121cd3ac7695dbf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
893b3e00d89e38291b923c8511fe115524363c5b069809ebcae41c3f68bd7617
898dae211c9643abd151643e8d86b5e9ae2cfdf72afd1c0b9a4dd4136b28aa5e
8da45f216e38f539915dbb50154f2ecb50e95f8dcc070cbcb0f649a9b1c6daa5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
922250104d78f22f60627c88b8b9cff1da061138ead5fe17478a4d59fdab2f34
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93124788450eacece23586a38a2b4db07afa3fce35a086fd7a81b187eca41afe
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9822d434731768a0f5cc1ad338f26b1cf34fb025e6da97b8ae1e04bf67104e7b
9a8f09ea4a6d80acb1d78af795ea6962e685766414bd754191b000e3aea0b6a0
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542
a90f643a1ba4184827f57d5a65d544e358e8e03067e0f80e842473ff8d849e98
a91d51d21928f5ab1f5adae0d0076d05c1586bfbe2ad56b749f2153208264e4e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1e360945436d878e0a533732555c3edd537f1bd923fb2a5dc397a2e3e62042
b2505ce0da0a636b6fbe4321dce60d98b811d0fc78315120f4b038a7d161b17e
b661e681900f3b8f3a6916038cef360771c5750de13b6daf3313b8fefb106787
c37b2a2328cef7b92d59242479cd156e4e79f59dfa4f0019acf1cc25a785a542
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c752010e5b4d646db0e324e5ef6bdb3808052906284ee96f435f9924e734be5b
ca0ef49850f90adf5678569895c4361ea50daa2387f414595359c890aec00cd8
d3c56240a12eb11d7d35ba6ab4ab63d2d82f972842a688ad0f780a59fc38de30
d872f8fcad24375e872b840bdcd57740231aa9f680bff4915165055e3ebd486c
da47d8bbfe5a741c3b28a4940f9417de826eb23796ace339062bd1de4b2f5e56
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dc82a55670d9ee64776214901f75a58d379afa017365043f1865950cb3c83f65
df02fe14833a568f9c4f87a40ed316398617b768b4901d8e03499f52f2e20bc4
dfc59d372c8e9410952f34cd66380fe4442e12a547f1832cd4d1833ca99befaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8baba5eba3aded84b590da979bdf612c989e90d0074cd4211c869cfb5f60d2b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38c3158be4219a873d20c9cd29d8d982020123fd50ada96484437f1c3ce6388
f44ea1b9a1a4be06e76652f5f16ff9cc692509b3e718404ef86c5fb4feefb8f6
f46fcb7e4634c57612a6afcaa743f50462d4812d0e4f149108051e188b789cb9
f51ee65c08798ce0874fa4453b7b7eccd4a2cc6225bcfd24f71fcd8a99ca41fa
fad297ee556e6457dade7619aee08775633b67c70859b18d69c0d5c1c50a548d
fc7bb70734fc84937d79fd60df6382002554cca4e3a945e186fa0b1ee42289b9
fcea1d064db3d83b743504d2a34341554f207a2e79cebe7e6fca9834044cd2cd
fdb584d57da7393fdae5f4b723310f0441a0b9c2f4c0cd788a5aa90d4dd543d6
fe0059e2e192a9f78f8e4865edcd3dba162599382422a7dc8843d00bf23d1453

www.sandos.com Open in urlscan Pro 2606:4700:3108::ac42:2909 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

98 %HTTPS

50 %IPv6

24 Domains

42 Subdomains

36 IPs

6 Countries

3992 kBTransfer

11011 kBSize

8 Cookies

12 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sandos.com Open in urlscan Pro
2606:4700:3108::ac42:2909 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

42
Subdomains

36
IPs

6
Countries

3992 kB
Transfer

11011 kB
Size

8
Cookies

135 HTTP transactions
0 data transactions