www.theoriginalshotels.com Open in urlscan Pro
2606:4700::6811:ba64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tcgms.net/tr/c/d1az15i1bu1al15n15u1d91c915a19u16i14400/1193202
Effective URL:
https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire...
Submission: On August 11 via manual (August 11th 2021, 10:14:01 am UTC) from IN

Summary HTTP 117 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 35 domains to perform 117 HTTP transactions. The main IP is 2606:4700::6811:ba64, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.theoriginalshotels.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2021. Valid for: a year.

This is the only time www.theoriginalshotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	23.45.237.73 23.45.237.73	16625 (AKAMAI-AS) (AKAMAI-AS)
28	2606:4700::68... 2606:4700::6811:ba64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.71.189 172.67.71.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:b964	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
10 18	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	89.185.38.89 89.185.38.89	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
6	104.26.3.32 104.26.3.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.131.137.7 95.131.137.7	47841 (OXALIDE) (OXALIDE)
1 3	3.127.51.194 3.127.51.194	16509 (AMAZON-02) (AMAZON-02)
1 2	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
1 2	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
2	151.80.200.208 151.80.200.208	16276 (OVH) (OVH)
1	51.158.29.13 51.158.29.13	12876 (Online SAS) (Online SAS)
1	51.15.145.115 51.15.145.115	12876 (Online SAS) (Online SAS)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6 6	3.66.103.148 3.66.103.148	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 3	51.89.7.199 51.89.7.199	16276 (OVH) (OVH)
2 2	18.192.147.144 18.192.147.144	16509 (AMAZON-02) (AMAZON-02)
1	52.48.145.41 52.48.145.41	16509 (AMAZON-02) (AMAZON-02)
1	18.196.127.76 18.196.127.76	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
5	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1	34.255.138.57 34.255.138.57	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.80.200.209 151.80.200.209	16276 (OVH) (OVH)
117	39

2 23.45.237.73 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-237-73.deploy.static.akamaitechnologies.com

tcgms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700::6811:ba64 (United States)

ASN13335 (CLOUDFLARENET, US)

www.theoriginalshotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.71.189 (United States)

ASN13335 (CLOUDFLARENET, US)

app.secureprivacy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:b964 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.230 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

8741099.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10140364.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10150729.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10227764.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.185.38.89 (Paris, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

u.logbor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.26.3.32 (United States)

ASN13335 (CLOUDFLARENET, US)

api-prod.secureprivacy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.131.137.7 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net

vu.adschoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.51.194 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-51-194.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.165.19 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.149 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.80.200.208 (Roubaix, France)

ASN16276 (OVH, FR)

apicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.29.13 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-29-13.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.145.115 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-115.rev.poneytelecom.eu

sddan.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.66.103.148 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-103-148.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.7.199 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: p21.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.147.144 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-147-144.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.145.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.127.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-127-76.eu-central-1.compute.amazonaws.com

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.28 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.138.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-138-57.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.80.200.209 (Roubaix, France)

ASN16276 (OVH, FR)

tags.clickintext.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	theoriginalshotels.com www.theoriginalshotels.com	973 KB
21	doubleclick.net 11 redirects 8741099.fls.doubleclick.net 10140364.fls.doubleclick.net 10150729.fls.doubleclick.net cm.g.doubleclick.net 5994599.fls.doubleclick.net ad.doubleclick.net 10227764.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	6 KB
10	google.com www.google.com adservice.google.com	2 KB
9	secureprivacy.ai app.secureprivacy.ai api-prod.secureprivacy.ai	42 KB
8	adform.net 4 redirects track.adform.net s2.adform.net	60 KB
6	facebook.com www.facebook.com	455 B
6	bidswitch.net 6 redirects x.bidswitch.net	3 KB
5	google-analytics.com www.google-analytics.com	21 KB
5	mathtag.com pixel.mathtag.com	4 KB
4	facebook.net connect.facebook.net	241 KB
4	googleapis.com maps.googleapis.com	159 KB
4	googletagmanager.com www.googletagmanager.com	176 KB
4	galaxy.tf cdn.galaxy.tf	2 MB
3	id5-sync.com 2 redirects id5-sync.com	4 KB
3	creative-serving.com 1 redirects ads.creative-serving.com	2 KB
2	360yield.com 2 redirects ice.360yield.com	1011 B
2	apicit.net apicit.net	2 KB
2	ad-srv.net 1 redirects ad.ad-srv.net	1 KB
2	redintelligence.net 1 redirects hal9000.redintelligence.net	2 KB
2	adschoom.com vu.adschoom.com	2 KB
2	logbor.com u.logbor.com	5 KB
2	tcgms.net 2 redirects tcgms.net	601 B
1	clickintext.net tags.clickintext.net	499 B
1	google.de www.google.de	64 B
1	adnxs.com secure.adnxs.com	1 KB
1	adsrvr.org insight.adsrvr.org	261 B
1	justpremium.com match.justpremium.com	325 B
1	demdex.net dpm.demdex.net	956 B
1	openx.net us-u.openx.net	106 B
1	pubmatic.com simage2.pubmatic.com	492 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	consensu.org sddan.mgr.consensu.org	194 B
1	cookieless-data.com js.cookieless-data.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	gstatic.com www.gstatic.com	133 KB
117	35

	Domain	Requested by
28	www.theoriginalshotels.com	www.theoriginalshotels.com
8	adservice.google.com	10140364.fls.doubleclick.net 8741099.fls.doubleclick.net 10150729.fls.doubleclick.net ad.ad-srv.net 5994599.fls.doubleclick.net 10227764.fls.doubleclick.net
6	www.facebook.com	www.theoriginalshotels.com connect.facebook.net
6	track.adform.net	4 redirects hal9000.redintelligence.net www.theoriginalshotels.com
6	x.bidswitch.net	6 redirects
6	api-prod.secureprivacy.ai	www.theoriginalshotels.com
5	www.google-analytics.com	app.secureprivacy.ai www.google-analytics.com
5	pixel.mathtag.com	hal9000.redintelligence.net
4	connect.facebook.net	app.secureprivacy.ai connect.facebook.net
4	ad.doubleclick.net	4 redirects
4	5994599.fls.doubleclick.net	2 redirects hal9000.redintelligence.net
4	maps.googleapis.com	www.theoriginalshotels.com maps.googleapis.com
4	www.googletagmanager.com	www.theoriginalshotels.com www.googletagmanager.com
4	cdn.galaxy.tf	www.theoriginalshotels.com
3	id5-sync.com	2 redirects www.theoriginalshotels.com
3	ads.creative-serving.com	1 redirects www.theoriginalshotels.com
3	10150729.fls.doubleclick.net	1 redirects www.googletagmanager.com www.theoriginalshotels.com
3	8741099.fls.doubleclick.net	1 redirects www.googletagmanager.com www.theoriginalshotels.com
3	app.secureprivacy.ai	www.theoriginalshotels.com app.secureprivacy.ai
2	10227764.fls.doubleclick.net	1 redirects ad.ad-srv.net
2	s2.adform.net	hal9000.redintelligence.net www.theoriginalshotels.com
2	ice.360yield.com	2 redirects
2	apicit.net	u.logbor.com apicit.net
2	ad.ad-srv.net	1 redirects u.logbor.com
2	hal9000.redintelligence.net	1 redirects www.theoriginalshotels.com
2	vu.adschoom.com	www.theoriginalshotels.com vu.adschoom.com
2	10140364.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	u.logbor.com	www.theoriginalshotels.com u.logbor.com
2	www.google.com	www.theoriginalshotels.com
2	tcgms.net	2 redirects
1	tags.clickintext.net	apicit.net
1	www.google.de	www.theoriginalshotels.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	secure.adnxs.com	app.secureprivacy.ai
1	googleads.g.doubleclick.net	app.secureprivacy.ai
1	insight.adsrvr.org	ad.ad-srv.net
1	cm.g.doubleclick.net	1 redirects
1	match.justpremium.com	www.theoriginalshotels.com
1	dpm.demdex.net	www.theoriginalshotels.com
1	us-u.openx.net	www.theoriginalshotels.com
1	simage2.pubmatic.com	www.theoriginalshotels.com
1	pixel.rubiconproject.com	www.theoriginalshotels.com
1	sddan.mgr.consensu.org	js.cookieless-data.com
1	js.cookieless-data.com	www.theoriginalshotels.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
117	46

This site contains links to these domains. Also see Links.

Domain
cdn.galaxy.tf
www.facebook.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.theoriginalshotels.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
cdn.galaxy.tf Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.logbor.com R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
vu.adschoom.com R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
*.creative-serving.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-23` - `2022-04-03`	a year	crt.sh
redintelligence.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
ad-srv.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
rdc.apicit.net R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
js.cookieless-data.com R3	`2021-07-23` - `2021-10-21`	3 months	crt.sh
sddan.mgr.consensu.org R3	`2021-06-08` - `2021-09-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.clickintext.net R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Frame ID: 20D0152C6DF0A6C3BBEBC9043ED74597
Requests: 90 HTTP requests in this frame

Frame: https://8741099.fls.doubleclick.net/activityi;dc_pre=CMLyj_vdqPICFWi6UQod7p4PAA;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400
Frame ID: B035D4E3BFA980AF7FE5F87EFA7B155A
Requests: 2 HTTP requests in this frame

Frame: https://10140364.fls.doubleclick.net/activityi;dc_pre=CJmaj_vdqPICFVTa1QodpG0PDg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161
Frame ID: 0D9B365C70B20BE6E4E8C954A4D82C18
Requests: 2 HTTP requests in this frame

Frame: https://10150729.fls.doubleclick.net/activityi;dc_pre=CPTDkPvdqPICFRDi1QodZWkH7A;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400
Frame ID: B30813C60D60C029162E214A37D3DAE3
Requests: 2 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Frame ID: D227BD67007566A47066E22E49FD1DD1
Requests: 8 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
Frame ID: DB724E4183D53CA994EA1E2DF1BE7810
Requests: 4 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMm1tPvdqPICFfHn5god8RkDZg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421
Frame ID: 56005BEB4FF45AF830D252E10A3B91A0
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ68tPvdqPICFWUHBgAdWQEHfQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777
Frame ID: C1F4B715253FCC0D1FE738989380415E
Requests: 2 HTTP requests in this frame

Frame: https://10227764.fls.doubleclick.net/activityi;dc_pre=CN_0tfvdqPICFQT21QodoocDUA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902
Frame ID: 346257BBB1F54D046046735ACEB30A0A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tcgms.net/tr/c/d1az15i1bu1al15n15u1d91c915a19u16i14400/1193202 HTTP 301
https://tcgms.net/tr/c/d1az15i1bu1al15n15u1d91c915a19u16i14400/1193202 HTTP 301
https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign... Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

117
Requests

100 %
HTTPS

35 %
IPv6

35
Domains

46
Subdomains

39
IPs

8
Countries

3634 kB
Transfer

6852 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.galaxy.tf/uploads/applications/documents/001/623/328/guide-simplifie-the-originals-maj-2021-ok.pdf
Title: Download our hotels guide

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theoriginalshotels/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the_originals_hotels/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/theoriginalshotels
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tcgms.net/tr/c/d1az15i1bu1al15n15u1d91c915a19u16i14400/1193202 HTTP 301
https://tcgms.net/tr/c/d1az15i1bu1al15n15u1d91c915a19u16i14400/1193202 HTTP 301
https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://8741099.fls.doubleclick.net/activityi;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400 HTTP 302
https://8741099.fls.doubleclick.net/activityi;dc_pre=CMLyj_vdqPICFWi6UQod7p4PAA;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400

Request Chain 39

https://10140364.fls.doubleclick.net/activityi;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161 HTTP 302
https://10140364.fls.doubleclick.net/activityi;dc_pre=CJmaj_vdqPICFVTa1QodpG0PDg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161

Request Chain 44

https://10150729.fls.doubleclick.net/activityi;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400 HTTP 302
https://10150729.fls.doubleclick.net/activityi;dc_pre=CPTDkPvdqPICFRDi1QodZWkH7A;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400

Request Chain 49

https://ads.creative-serving.com/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home HTTP 302
https://ads.creative-serving.com/ul_cb/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home

Request Chain 50

https://hal9000.redintelligence.net/retarget?a=48575&version=1 HTTP 302
https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

Request Chain 51

https://ad.ad-srv.net/retarget?a=52995&version=1 HTTP 302
https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

Request Chain 61

https://x.bidswitch.net/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=731 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=731 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=210da73b-4cb5-47d8-9688-dbf9d41a2f84&expires=30

Request Chain 62

https://x.bidswitch.net/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=304 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=304 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=210da73b-4cb5-47d8-9688-dbf9d41a2f84&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 63

https://x.bidswitch.net/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=800 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=800 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=210da73b-4cb5-47d8-9688-dbf9d41a2f84

Request Chain 64

https://id5-sync.com/s/101/80ed6d78-4d27-4b87-8e55-98455c4034f6/1.gif HTTP 302
https://id5-sync.com/c/101/101/1/1.gif?puid=80ed6d78-4d27-4b87-8e55-98455c4034f6&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOcHPz2GZrh5BMWr66UybiGbi8lqYHWjA1rAQHaw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOcHPz2GZrh5BMWr66UybiGbi8lqYHWjA1rAQHaw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/101/124/0/2.gif?puid=54c16079-72aa-4b22-a503-e5773515097c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
https://ads.creative-serving.com/gcm?google_gid=CAESEPkW1KaWOh77EJ6-xiITKrs&google_cver=1

Request Chain 74

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 75

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMm1tPvdqPICFfHn5god8RkDZg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421

Request Chain 76

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ68tPvdqPICFWUHBgAdWQEHfQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777

Request Chain 78

https://ad.doubleclick.net/ddm/activity/src=9949552;type=invmedia;cat=tp360000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=5842035732978.628 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9949552;dc_pre=CNGwtfvdqPICFQGW7QodGC4BCg;type=invmedia;cat=tp360000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=5842035732978.628 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CNGwtfvdqPICFQGW7QodGC4BCg;type=invmedia;cat=tp360000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=5842035732978.628

Request Chain 79

https://10227764.fls.doubleclick.net/activityi;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902 HTTP 302
https://10227764.fls.doubleclick.net/activityi;dc_pre=CN_0tfvdqPICFQT21QodoocDUA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902

Request Chain 80

https://ad.doubleclick.net/ddm/activity/src=9293064;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8835367466555.031 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9293064;dc_pre=COyxtfvdqPICFYjq7QodzS0Cxg;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8835367466555.031 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9293064;dc_pre=COyxtfvdqPICFYjq7QodzS0Cxg;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8835367466555.031

Request Chain 84

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 103

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=635920299680&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D48575%26version%3D1%26redirected%3D1 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=635920299680&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D48575%26version%3D1%26redirected%3D1

Request Chain 104

https://track.adform.net/Serving/TrackPoint/?pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=695417041671&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVyZT4iLCJpZCI6IjxpbnNlcnQgb3JkZXIgaWQgdmFsdWUgaGVyZT4ifQ&loc=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=695417041671&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVyZT4iLCJpZCI6IjxpbnNlcnQgb3JkZXIgaWQgdmFsdWUgaGVyZT4ifQ&loc=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request A-propos-du-pass-sanitaire Show response
www.theoriginalshotels.com/en/
Redirect Chain

http://tcgms.net/tr/c/d1az15i1bu1al15n15u1d91c915a19u16i14400/1193202
https://tcgms.net/tr/c/d1az15i1bu1al15n15u1d91c915a19u16i14400/1193202
https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400

205 KB
44 KB

227ms
162ms

Document
text/html

2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

024a762b84dfa3b66ca78390728d57d34229b6f6d1293197cdcb3f678bb42a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.theoriginalshotels.com
:scheme: https
:path: /en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
content-type: text/html; charset=UTF-8
last-modified: Tue, 10 Aug 2021 15:07:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Pt-yzHfS8AUJAPed335F4ZjbVMjIc5b8eO77emlOStYLqa956ae5Hw==
cf-cache-status: MISS
expires: Wed, 11 Aug 2021 10:33:40 GMT
cache-control: public, max-age=1200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67d0b14d6b994e13-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

server: Apache-Coyote/1.1
location: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
content-length: 0
date: Wed, 11 Aug 2021 10:13:39 GMT
set-cookie: 9361761198152=26a1d1019783; Expires=Fri, 10-Sep-2021 10:13:39 GMT; Path=/ GMS_REDIRECT=1F8F57F585EE39C808DA76E3BC19F0E3; Path=/tr
content-security-policy: upgrade-insecure-requests

GET
H2 200 5f1b3ff97df5d20864f53763.js Show response
app.secureprivacy.ai/script/ 5 KB
6 KB 195ms
78ms Script
application/octet-stream 172.67.71.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.secureprivacy.ai/script/5f1b3ff97df5d20864f53763.js
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2799cec22d6753a8d12423ce40d43ce6da847e5338613a45d09bfef4d4cfb935

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 23 Jul 2021 20:14:18 GMT
server: cloudflare
content-md5: SRYHfrvzXHuiuCEoJOlzBA==
etag: "0x8D94E1673D00559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOLs%2FKevdl7mwkCg4o8S%2BYaQpLZ5Sb%2FUlSrNL0HOnd5up7XabX12tMYzKT6tDjnz1axfuWSgGLl%2BGUqOWwfhjrZoIbB3u9vjcXzjKPKw0jyItJATWK%2Bav7Tj%2FPW0Cyde%2BIqUPwnE"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 060ab659-401e-004a-1799-8e0224000000
x-ms-version: 2018-03-28
accept-ranges: bytes
cf-ray: 67d0b14f58bf4c8c-AMS
content-length: 5554

GET
H3-29 200 main.css
www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/ 537 KB
86 KB 42ms
28ms Stylesheet
text/css 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b722727520073a73fc0a5177269317c4b181ee666f3caa78f964ba4bb78090b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /css/custom/257-671448651164791ba45348c602eaf8ec/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1fca7d54ac28ee9e5eb3e9409eb06c60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14e89462c42-FRA
x-amz-cf-id: VYF0fpwxtrke8c1pVfjfsaSee3YpANlFTOkNYp4vqI9c0uMXeZGTUA==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H2 200 gms-latest.min.js Show response
cdn.galaxy.tf/asset-galaxy/js/ 146 KB
46 KB 56ms
28ms Script
application/javascript 2606:4700::6811:b964
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v9e4a9c936dadbacd3e2ab171af4ae6be

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b964 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf055b47be3428c71d97ef86af271850bba4ef48d125ad610954f29fbeab8d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Mar 2021 10:08:26 GMT
server: cloudflare
age: 2945304
etag: W/"249e1-5be5998b4ecbb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 67d0b14eaddd2b35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8741099

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

179e854d911b628a102f1d3c3b18a16c28ff996808d7eae19303fffd9aa93cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37660
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Aug 2021 10:13:40 GMT

GET
H3-29 200 api.js Show response
www.theoriginalshotels.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 19ms
11ms Script
text/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 67d0b14ffc162c42-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 1608307107_5fdcd1a3aef5c-thumb.svg
cdn.galaxy.tf/thumb/sizeW200/uploads/s/cms_image/001/608/307/ 8 KB
3 KB 42ms
24ms Image
image/svg+xml 2606:4700::6811:b964
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW200/uploads/s/cms_image/001/608/307/1608307107_5fdcd1a3aef5c-thumb.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b964 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e1643fbbd726611ae85daa3796dfe933445cecff34d4fd149fb1ba42f22a44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4513717
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 67d0b1500ea3432d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 icon-user-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 662 B
994 B 33ms
25ms Image
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/icon-user-white.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6d0c93f1f8d80347943722f2eadb08d1a33045b05058db74931ca0d3ea1f709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/svg/icon-user-white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1639cde332b439d4dd184f888c82941f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ffc192c42-FRA
x-amz-meta-md5chksum: FjnN4zK0OdTdGE+IjIKUHw==
x-amz-cf-id: bomDudkZPQzCfGKjcBFaFnCyeXgCsRVynmHHZtACfXI5l2WSFzaabA==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 ico-arrow-down-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 198 B
792 B 33ms
25ms Image
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/ico-arrow-down-white.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f561b7fe08af5afa017a87fdef48c4afa2c2220e48cc9f17b4bfb46d265809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/svg/ico-arrow-down-white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:05:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a066c612fd4f5e8cf7ccfa2eca8f81e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ffc1b2c42-FRA
x-amz-meta-md5chksum: oGbGEv1PXoz3zPouyo+B5w==
x-amz-cf-id: FjiWyALFXndqLMlbudu9t6uvAIckiz_qZLkIRBFQ1jawJ7EB0GmLNA==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 ico-close-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 303 B
830 B 24ms
16ms Image
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/ico-close-white.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2fd82e920988463d77ceeef8481175e86cc88342962ceeb0e983eaf6fa4063c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/svg/ico-close-white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:05:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"de2a2a334148f179c64e377889b210aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ffc222c42-FRA
x-amz-meta-md5chksum: 3ioqM0FI8XnGTjd4ibIQqg==
x-amz-cf-id: YftwrHUuUA_4jFHnrFwVBeykoijRpzwAkaNLP16gWsn3aiK_hEtzeA==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 arrow-left-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 203 B
794 B 23ms
16ms Image
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/arrow-left-white.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

312e3949dc0d0ca10792535b1bf6a8d2ff5c0e69d78661a46b3a0ebdec700ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/svg/arrow-left-white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:05:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d4a7ee76d1079e78877cfe744450c15e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ffc252c42-FRA
x-amz-meta-md5chksum: 1KfudtEHnniHfP50RFDBXg==
x-amz-cf-id: iXzLAi0i9FiuSUQYZCTF3DXTqBppSTBDFO-JfVqrrrF2qu30myUhxA==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 arrow-right-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 202 B
795 B 33ms
25ms Image
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/arrow-right-white.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64554b950459b990eb022dc55fce559cb248e7f466a06ea57f66e64b76e4901c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/svg/arrow-right-white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:05:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ee6c843d467f39092a19987cb9a8dbf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ffc282c42-FRA
x-amz-meta-md5chksum: 7myEPUZ/OQkqGZh8uajb+Q==
x-amz-cf-id: w7loqcjrP4oFq7aFLoE-n5LkiuXm9PXgFF7xcqW2jKHWSmLnxVtv0g==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 arrow-up-thin-white.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 204 B
795 B 33ms
26ms Image
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/arrow-up-thin-white.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

794777a48f26375e8937e6e406b63b129592c604f6780d63b729da3e977d72b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/svg/arrow-up-thin-white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"589769780c08b9a2f4b62c602ae63cf1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ffc2a2c42-FRA
x-amz-meta-md5chksum: WJdpeAwIuaL0tixgKuY88Q==
x-amz-cf-id: pqliM6PpUNjwFQGEu2tVKhZYlih0fK0HX4SUUqUlJQ3SDQSh4R7-DA==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 fb.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 285 B
844 B 34ms
27ms Image
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/fb.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

318c18bf81911f5bf528004448e0dfb39faeaa5a55ccc4638636180464fa69df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/svg/fb.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:06:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"554031989015a5d0a8924e4f5f342499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ffc2b2c42-FRA
x-amz-meta-md5chksum: VUAxmJAVpdCokk5PXzQkmQ==
x-amz-cf-id: T5KeZHUuv78SBtX5erS_bC7ttsTA8xZwDroiZyA_wI-MhyJUIHV_lg==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 instagram.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 2 KB
1 KB 36ms
28ms Image
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/instagram.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c472576f4b565d32159c395fee6a3923b89b70d5041b95da1a3ee66504ccf837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/svg/instagram.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:03:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"967c9dd061c8e39ceecaa4dc622cbe5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ffc2d2c42-FRA
x-amz-meta-md5chksum: lnyd0GHI45zuyqTcYiy+Xg==
x-amz-cf-id: OA0SQkzhTmUleqX9OwQ-WZP0Zp5JdJhSPKlfDfEpqt-XyoQ3XtbWxA==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 linkedin.svg
www.theoriginalshotels.com/integration/seh/public/images/svg/ 647 B
1 KB 33ms
26ms Image
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/svg/linkedin.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a68de406188ab6e9cacf06d04ac1a379009da99d4cfd2bf59e136ab0efbaad0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/svg/linkedin.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"af82f460ada1c8e65b58cda94fc051eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ffc2e2c42-FRA
x-amz-meta-md5chksum: r4L0YK2hyOZbWM2pT8BR6w==
x-amz-cf-id: Vru3_vf2TaGZdBYfILDN7tAynlIvKxuhuC5CfStBP_E-JrAR0fa0uw==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 galaxy-helpers.js Show response
www.theoriginalshotels.com/frontend/galaxy-helpers/public/ 56 KB
21 KB 17ms
16ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-09df44f1-f6d3-413d-9c72-60e1b49b8be9

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673efe84b8988e98907bfd58af22ba16785dfb1e25112482a7eff7c0ef25234c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-09df44f1-f6d3-413d-9c72-60e1b49b8be9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68632
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:03:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"fc5533db627b81a2d3c528b4e095f002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ee9e42c42-FRA
x-amz-meta-md5chksum: /FUz22J7gaLTxSi04JXwAg==
x-amz-cf-id: cEGjSQIzQOPhNcuK3m5qJK1uzkC5tEpLONob8FZ2r7xTlkNfNWXWdw==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 127 KB
42 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyA5kF3IVVjrwMwf2MOdHl1JBdbdBOgDas4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

fccb50801b1f82b58bf7ae7aca950a11f80211966e3891309e7f74a59fbf59b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42459
x-xss-protection: 0
expires: Wed, 11 Aug 2021 10:43:40 GMT

GET
H3-29 200 lazysizes.min.js Show response
www.theoriginalshotels.com/integration/seh/public/js/ 7 KB
4 KB 20ms
19ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/lazysizes.min.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

469e10df142a5884e59c7a93596294a29a0c1f5e57c830c0470647dcbeee334a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/js/lazysizes.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
x-amz-meta-static: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:03:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b25c550fe0d639b4049687bf16ec9193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14f4aea2c42-FRA
x-amz-meta-md5chksum: slxVD+DWObQEloe/FuyRkw==
x-amz-cf-id: IS78mzT6h_mq7DDS9Ui30zMQ6KElLaZF5c_IpD1Tbg3yZ4aCqIy0-Q==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/js/ 630 KB
181 KB 33ms
32ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9e4a9c936dadbacd3e2ab171af4ae6be

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ca5aacac78ad2ea93420d9edca15a673a52ff8ba8f80f304b5b17f3c75165c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/js/bundle.js?v9e4a9c936dadbacd3e2ab171af4ae6be
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ddd418b8c56489d387ef04f0ad8e70f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14f7b2e2c42-FRA
x-amz-meta-md5chksum: 3dQYuMVkidOH7wTwrY5w9Q==
x-amz-cf-id: MqQLO0F1FaqjNd2gfPtGbo61CdHGn3pLTDNAifaDW1ALf7rHtvoViQ==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 906 B
714 B 25ms
16ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onLoadCaptcha

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7f098a3e57e822de1b521c2fe69979c91812dbc3ebf5bc0c7be8311e56e2aa2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 571
x-xss-protection: 1; mode=block
expires: Wed, 11 Aug 2021 10:13:40 GMT

GET
H3-29 200 bundle.js Show response
www.theoriginalshotels.com/integration/seh/public/shared-galaxy-components/js/ 54 KB
18 KB 29ms
25ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/shared-galaxy-components/js/bundle.js?v9e4a9c936dadbacd3e2ab171af4ae6be

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799b56eab7270dfc6b1208944afd06c7a7c4f9f85ac0f842737efce2f293f033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/shared-galaxy-components/js/bundle.js?v9e4a9c936dadbacd3e2ab171af4ae6be
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68524
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:05:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"70f4148a69c157168fc8a6c290879d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b14ffc312c42-FRA
x-amz-meta-md5chksum: cPQUimnBVxaPyKbCkIedKA==
x-amz-cf-id: qszxO_YC9hxC3g_XC5Got2ZLOtUEASXpLYOHQ82674FBOBJt8UVy3g==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H2 200 secure-privacy-tc.js Show response
app.secureprivacy.ai/secureprivacy-plugin/web-plugin/ 78 KB
18 KB 94ms
89ms Script
application/javascript 172.67.71.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.secureprivacy.ai/secureprivacy-plugin/web-plugin/secure-privacy-tc.js?v=0.7060154252566182
Requested by: Host: app.secureprivacy.ai
URL: https://app.secureprivacy.ai/script/5f1b3ff97df5d20864f53763.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457a900959b9fcc04d5341f59c81579dc638304c797276144b4bb2a8ec4cf2cf

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: gA9MI/n5TQfsccot1LHubw==
last-modified: Tue, 10 Aug 2021 02:43:28 GMT
server: cloudflare
etag: W/"0x8D95BA8A28DE5CE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHSJfkhIsmx%2BNHB9fNE2HA8PANqyRH5q32GTMNOYs62QxHhyIY%2FWHzwlbBaqiQA8peSoTk6Q8lqMpyOV9Caix0JYP4OYLxUuSqTmmZjwsdLw7K5ca2tQmeMbkYjlNt2a0zBlW1Bl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: 7651a5f7-c01e-006b-6999-8e265f000000
cache-control: public, max-age=14400
x-ms-version: 2018-03-28
cf-ray: 67d0b15029984c8c-AMS
expires: Wed, 11 Aug 2021 14:13:40 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 142 KB
47 KB 26ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5be5c39f26830465f845cd641c61769e37f9c8664836f3a2a1aaf8cc5c3bed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Aug 2021 10:13:40 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
56 KB 34ms
30ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5da3bab32275e8f70a161cbc85e5134d3d42f4e784f72e5404abc9fc3debba0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57183
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Aug 2021 10:13:40 GMT

GET
H3-29 200 TruenoRg.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 14 KB
14 KB 42ms
17ms Font
application/octet-stream 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/TruenoRg.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29e056a988f874565b954c03f119955657ed0a369cb975a4645c79731914f9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/fonts/TruenoRg.woff2
pragma: no-cache
origin: https://www.theoriginalshotels.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68347
x-cache: Hit from cloudfront
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14088
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "584302e25fd9988ca4b4c8e1e63a0818"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 67d0b1504d362c42-FRA
x-amz-meta-md5chksum: WEMC4l/ZmIyktMjh5joIGA==
x-amz-cf-id: Pa0lhVBIzzvAZ0S0vSj-KYTqvTPgBJIz7Y3egKBXjDErL4E2vof3Rw==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 popin.png
www.theoriginalshotels.com/integration/seh/public/images/ 2 KB
3 KB 19ms
13ms Image
image/webp 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/popin.png

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b22f2953eca122aeb88385ff1076e6b4775f232e78aaa84c7454b0910bd3218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/popin.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68525
cf-polished: origFmt=png, origSize=2862
x-cache: Hit from cloudfront
content-disposition: inline; filename="popin.webp"
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1972
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7d1ef90dd29f9db486910039efa62f0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Thu, 11 Aug 2022 10:13:40 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 67d0b1504d4a2c42-FRA
x-amz-meta-md5chksum: fR75DdKfnbSGkQA576YvDw==
x-amz-cf-id: DduEtPs1-n3eFc7y5luHsb_msiSMytzoZHNvcDIn6oHMKBxlSuJ88g==
cf-bgj: imgq:100,h2pri

GET
H3-29 200 1628520192_61113f00ceeb0-thumb.jpg
cdn.galaxy.tf/uploads/2s/cms_image/001/628/520/ 2 MB
2 MB 21ms
16ms Image
image/jpeg 2606:4700::6811:b964
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/uploads/2s/cms_image/001/628/520/1628520192_61113f00ceeb0-thumb.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b964 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98f8b09bf08129672e3f72a3bd3125f9f55bcfcc03d0f28edf53ae823483d7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 67179
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1763391
last-modified: Mon, 09 Aug 2021 14:40:29 GMT
server: cloudflare
etag: "1ae83f-5c9215de06446"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
expires: Thu, 11 Aug 2022 10:13:40 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67d0b1505fa5432d-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 TruenoBlk.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 13 KB
13 KB 39ms
35ms Font
application/octet-stream 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/TruenoBlk.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389d9b1c8619cf7582d3a948e52734230352a55c4dd8b039a5b3c52095a0f448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/fonts/TruenoBlk.woff2
pragma: no-cache
origin: https://www.theoriginalshotels.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68347
x-cache: Hit from cloudfront
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13156
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8ef233ce3c8626265dcf9c1381567b11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 67d0b1504d432c42-FRA
x-amz-meta-md5chksum: jvIzzjyGJiZdz5wTgVZ7EQ==
x-amz-cf-id: rAAzpLGsVg5tES0Z_EBJdJuZRfyXCMgYL_wDSxYCoenyqwduDXnpPw==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 cormorant-regular.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 188 KB
189 KB 20ms
17ms Font
application/octet-stream 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/cormorant-regular.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a7c1752d0e51a9884db4c9e02880989c2711e45a4dfe0f962ad6d55431ae0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/fonts/cormorant-regular.woff2
pragma: no-cache
origin: https://www.theoriginalshotels.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68347
x-cache: Hit from cloudfront
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 192644
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "04c8ea6199a3fd5da4d9f4bfb218113e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
cf-ray: 67d0b1504d442c42-FRA
x-amz-meta-md5chksum: BMjqYZmj/V2k2fS/shgRPg==
x-amz-cf-id: 3M7NuH6g28de_7WSMQ5KA94UPEz59VgOx1TdX0WHllRKBFkfpXOyvQ==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 cormorant-italic.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 137 KB
137 KB 23ms
19ms Font
application/octet-stream 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/cormorant-italic.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008eedf237f732c94b135c5893db4af1a8ea8d547ffa4eab8a414cde17a8c561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/fonts/cormorant-italic.woff2
pragma: no-cache
origin: https://www.theoriginalshotels.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 34b26b9570d823536072a91c564a4d8d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68347
x-cache: Hit from cloudfront
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 140096
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:05:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "55b24217fab7b192b8fef0a071ee1945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
cf-ray: 67d0b1504d452c42-FRA
x-amz-meta-md5chksum: VbJCF/q3sZK4/vCgce4ZRQ==
x-amz-cf-id: RS5M2nmA6S_2UGYVVQ8QsSAGjY1KKwIL20_xYmDw61KXbsgkZ-gZ9w==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 TruenoSBd.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 18 KB
18 KB 25ms
22ms Font
application/octet-stream 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/TruenoSBd.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1d8362a60d16cfca89c19e6e6697eb0fbc1b3724192cb4f0e41bd58dfa4094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/fonts/TruenoSBd.woff2
pragma: no-cache
origin: https://www.theoriginalshotels.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 dbf5a139061b80ff53ac8f18a1e0b49f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68347
x-cache: Hit from cloudfront
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18080
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:05:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f0ddd57ee93a6bf7d71d2ed4e9f61c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
cf-ray: 67d0b1504d472c42-FRA
x-amz-meta-md5chksum: Xw3dV+6Tpr99cdLtTp9hww==
x-amz-cf-id: 4ztfKWWaJmP75bwROvw6Wl_GelFxraCx-sFDeg3hXo05PfBNTN6VBg==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 cormorant-semibold.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 189 KB
189 KB 23ms
20ms Font
application/octet-stream 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/cormorant-semibold.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd82cf0ab21c7dbb540e83b216e6eda1e93fa34113a7ab5d976d590c26ca012d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/fonts/cormorant-semibold.woff2
pragma: no-cache
origin: https://www.theoriginalshotels.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68347
x-cache: Hit from cloudfront
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 193276
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:03:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "bf3204f891e533e960a6ae590360e39f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 67d0b1504d492c42-FRA
x-amz-meta-md5chksum: vzIE+JHlM+lgpq5ZA2Djnw==
x-amz-cf-id: b8vYJXrfOA2QR73zIVihygEUlucWQY1bg6M3-NEt17HNA2lr8nIHJA==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 TruenoBd.woff2
www.theoriginalshotels.com/integration/seh/public/fonts/ 14 KB
14 KB 20ms
20ms Font
application/octet-stream 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/integration/seh/public/fonts/TruenoBd.woff2

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b99d411bd16e842ca2482a4559a2f61d66f1bf7852a08e7185c1417c543a997d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.theoriginalshotels.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: loginpromo=appeared; galaxy-has-visited=1
:path: /integration/seh/public/fonts/TruenoBd.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68347
x-cache: Hit from cloudfront
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14108
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:03:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d2640845b9b74a7a6cfb1fb94c92d050"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 67d0b151f87a2c42-FRA
x-amz-meta-md5chksum: 0mQIRbm3Snps+x+5TJLQUA==
x-amz-cf-id: 8XkmLQsAFzA_gv-Gg7Q1Votm095wRKFHWW5f9x8nXTnMJmrKZOTvKQ==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H3-29 200 hotels-booking-mask Show response
www.theoriginalshotels.com/en/json/search/5/1/ 74 KB
11 KB 18ms
17ms XHR
application/json 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/en/json/search/5/1/hotels-booking-mask

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-09df44f1-f6d3-413d-9c72-60e1b49b8be9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da083fda74d13c58cea7fa43e89dfb3d52b2811edc4a2022285ed45b68c7694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /en/json/search/5/1/hotels-booking-mask
pragma: no-cache
cookie: loginpromo=appeared; galaxy-has-visited=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67260
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d754e740ef50ef0d6e8af94c6cdb58ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/json
vary: Accept-Encoding
cache-control: public, max-age=1200
x-amz-cf-pop: FRA50-C1
cf-ray: 67d0b15289ea2c42-FRA
x-amz-cf-id: CTZIf59iSYbOz_TUD3JpigwKBEh3chG_sO_TQfeAjv8epjn_r6AVQg==
expires: Wed, 11 Aug 2021 10:33:40 GMT

GET
H3-29 200 initPersonalization.bundle.js Show response
www.theoriginalshotels.com/frontend/galaxy-helpers/public/ 25 KB
9 KB 17ms
16ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/initPersonalization.bundle.js?ver=0ef0fd159c00c50e8250

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-09df44f1-f6d3-413d-9c72-60e1b49b8be9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a913e7426ff30f6e7cddd1aed158af64fa43cbfcbd11de9639a7314dec96eb9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /frontend/galaxy-helpers/public/initPersonalization.bundle.js?ver=0ef0fd159c00c50e8250
pragma: no-cache
cookie: loginpromo=appeared; galaxy-has-visited=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:40 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68521
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:05:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4f0275dde2b579b83e1d84e5c0c70f0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
cf-ray: 67d0b15299f52c42-FRA
x-amz-meta-md5chksum: TwJ13eK1ebg+HYTlwMcPCg==
x-amz-cf-id: bTNM99Tpv9liNe8GzYAHLhgSfZnrJjl9y_xcc1ubhkVKnQahRmZO_Q==
expires: Thu, 11 Aug 2022 10:13:40 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ 341 KB
133 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadCaptcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.theoriginalshotels.com
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135980
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 07:11:17 GMT

GET
H3-29

200

activityi;dc_pre=CMLyj_vdqPICFWi6UQod7p4PAA;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=ht... Show response
8741099.fls.doubleclick.net/ Frame B035
Redirect Chain

https://8741099.fls.doubleclick.net/activityi;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=...
https://8741099.fls.doubleclick.net/activityi;dc_pre=CMLyj_vdqPICFWi6UQod7p4PAA;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-pr...

622 B
488 B

153ms
86ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8741099.fls.doubleclick.net/activityi;dc_pre=CMLyj_vdqPICFWi6UQod7p4PAA;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

a9bfaf8d6561585f99423b43a0473ceedcfcab5b05daa9442c4e27f7349a2e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8741099.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMLyj_vdqPICFWi6UQod7p4PAA;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmes1ntgi0Xdj5iYRD-0M5kPSWUlwVAsFPtoCBmS1xyLnJnG5GksDp1mRr0-yE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:41 GMT
expires: Wed, 11 Aug 2021 10:13:41 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 465
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8741099.fls.doubleclick.net/activityi;dc_pre=CMLyj_vdqPICFWi6UQod7p4PAA;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 194ms
70ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13981
x-xss-protection: 0
server: cafe
etag: 6132654052448080839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 10:13:41 GMT

GET
H/1.1 200
OK / Show response
u.logbor.com/p/ 6 KB
3 KB 238ms
73ms Script
text/javascript 89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/p/?i=2631&n=__dot

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx/1.14.0 /

Resource Hash

464e1b405dc25d57a8fad36f7f8683f950b7507ab9a5001670aad386bca0691a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.14.0
ETag: W/"181e-Ly7C/LVNEdFYTHlF4ItXUxgW1zw"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H3-29

200

activityi;dc_pre=CJmaj_vdqPICFVTa1QodpG0PDg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161 Show response
10140364.fls.doubleclick.net/ Frame 0D9B
Redirect Chain

https://10140364.fls.doubleclick.net/activityi;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161?
https://10140364.fls.doubleclick.net/activityi;dc_pre=CJmaj_vdqPICFVTa1QodpG0PDg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7...

399 B
345 B

143ms
74ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10140364.fls.doubleclick.net/activityi;dc_pre=CJmaj_vdqPICFVTa1QodpG0PDg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQBH8T4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

4e5207c54dcd8e568a16eae61ca39d6556dff847c1b5f2a4fb765404c7088416

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10140364.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJmaj_vdqPICFVTa1QodpG0PDg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmes1ntgi0Xdj5iYRD-0M5kPSWUlwVAsFPtoCBmS1xyLnJnG5GksDp1mRr0-yE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:41 GMT
expires: Wed, 11 Aug 2021 10:13:41 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10140364.fls.doubleclick.net/activityi;dc_pre=CJmaj_vdqPICFVTa1QodpG0PDg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10150729&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8741099

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0278f1e1f3ce6d858b7b9306471243f6808a92947ecffb694b1b7aa6a5ae47f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37653
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Aug 2021 10:13:41 GMT

GET
H2 200 activityi;register_conversion=1;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2F...
8741099.fls.doubleclick.net/ 0
0 190ms
69ms Image
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8741099.fls.doubleclick.net/activityi;register_conversion=1;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400?
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

OPTIONS
H2 200 ipinfo
api-prod.secureprivacy.ai/api/adminsettings/displaypage/ Frame 0
0 227ms
135ms Preflight 104.26.3.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-prod.secureprivacy.ai/api/adminsettings/displaypage/ipinfo
Protocol: H2
Server: 104.26.3.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.theoriginalshotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Allow, Authorization, Origin, Access-Control-Allow-Origin, X-ss-id, X-CSRF-Token, Request-Id, Request-Context Request-Id, Request-Context
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.theoriginalshotels.com
request-context: appId=cid-v1:54a4b8c7-15ac-40b2-8efe-9c21784db750
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fu8eM2oQXc3gzWBwn56M4Vj5o0HoaYv06L4707YDPZ3TlcQejladnOwBApWklfqfeNo4FqJMro7txirts5dM46c9HzDvkWq4pGDja80hwI7SoIeneXjgN9Q8yxtc0BBZqhVEuEh9df0fZZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67d0b1553ff81669-ARN

GET
H2 200 ipinfo Show response
api-prod.secureprivacy.ai/api/adminsettings/displaypage/ 289 B
654 B 105ms
102ms XHR
application/json 104.26.3.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-prod.secureprivacy.ai/api/adminsettings/displaypage/ipinfo
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9e4a9c936dadbacd3e2ab171af4ae6be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0794c0d07b9e6345c36bef3bb4c2a01d4b37b918eb1ece24b83998773b711ff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theoriginalshotels.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRkXD351Kaa485xwzitlM%2FJKzdtZC7UXD841jAQhUVjL55VISGyHK6Difu4zSbfCnqWahuQlK7utCCW5qrtsv%2FfesZrwjcytkAd0jAcBxo0EpJx5Ur1YGKXKhVXCEisEfJ4oHQzql09hd%2BI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 67d0b1560a5a1669-ARN
access-control-allow-headers: Content-Type, Allow, Authorization, Origin, Access-Control-Allow-Origin, X-ss-id, X-CSRF-Token, Request-Id, Request-Context
request-context: appId=cid-v1:54a4b8c7-15ac-40b2-8efe-9c21784db750

GET
H3-29

200

activityi;dc_pre=CPTDkPvdqPICFRDi1QodZWkH7A;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%... Show response
10150729.fls.doubleclick.net/ Frame B308
Redirect Chain

https://10150729.fls.doubleclick.net/activityi;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2F...
https://10150729.fls.doubleclick.net/activityi;dc_pre=CPTDkPvdqPICFRDi1QodZWkH7A;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%...

578 B
475 B

149ms
79ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10150729.fls.doubleclick.net/activityi;dc_pre=CPTDkPvdqPICFRDi1QodZWkH7A;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10150729&l=dataLayer&cx=c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

90e836431cec9de289f32669d85804f21614ce9edebc4aa8dedafd580b087b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10150729.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPTDkPvdqPICFRDi1QodZWkH7A;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmes1ntgi0Xdj5iYRD-0M5kPSWUlwVAsFPtoCBmS1xyLnJnG5GksDp1mRr0-yE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:41 GMT
expires: Wed, 11 Aug 2021 10:13:41 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10150729.fls.doubleclick.net/activityi;dc_pre=CPTDkPvdqPICFRDi1QodZWkH7A;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activityi;register_conversion=1;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-d...
10150729.fls.doubleclick.net/ 0
0 78ms
63ms Image
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10150729.fls.doubleclick.net/activityi;register_conversion=1;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400?
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 204 result Show response
www.theoriginalshotels.com/cdn-cgi/bm/cv/ 0
475 B 11ms
10ms XHR
text/plain 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theoriginalshotels.com/cdn-cgi/bm/cv/result?req_id=67d0b14d6b994e13
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://www.theoriginalshotels.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: loginpromo=appeared; galaxy-has-visited=1; _gcl_au=1.1.160178545.1628676821; galaxy-session-cookie-en=true
content-length: 616
:path: /cdn-cgi/bm/cv/result?req_id=67d0b14d6b994e13
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
server: cloudflare
set-cookie: __cf_bm=3997b7e716393f58d753dc7db49e7d54d1bef26c-1628676821-1800-AYQUxEMO7fKRmCLpHR0EiYQ0wUEuCHmT/IoPQBgINx+Zs/c3u8zQdav6hRZ3o6jYhzFwfaNtrYOktxKEOzgevAWvmneuHiEKKZl1FyFBl41UW1o/enpD2pWGOwCyCipYc7iy9GtU/UZ6siAEwpM/vSA=; path=/; expires=Wed, 11-Aug-21 10:43:41 GMT; domain=.www.theoriginalshotels.com; HttpOnly; Secure; SameSite=None
cf-ray: 67d0b15558c32c42-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H/1.1 200
OK tcs Show response
u.logbor.com/ 12 KB
2 KB 75ms
75ms Script
text/javascript 89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/tcs?cxid=2631&cu=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&d_productID=undefined&d_cartProductsID=

Requested by

Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2631&n=__dot

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx/1.14.0 /

Resource Hash

b65d57c541fde4c17e0d66fd0796ae8066cb346d9620d52228bb3eabc49766f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.14.0
ETag: W/"309b-ogrwEYv0GR9U/d0S9gTe9TtNDqY"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK retar.php Show response
vu.adschoom.com/trafic/ 961 B
1013 B 246ms
65ms Script
text/javascript 95.131.137.7
OXALIDE

General

Check archive.org

Show headers Download Go to

Full URL: https://vu.adschoom.com/trafic/retar.php?boutique={1883}&type=HOME&topfr=https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400&topfr2=
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.137.7 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: not.updated.oxalide.net
Software: nginx /
Resource Hash: 6d3c9446ea12497ec7d965c368058c1a33f823623c2b0cdacf812ca7accbfb31

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 10:13:41 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: close
Expires: Sun, 01 Aug 2021 12:13:41 GMT

GET
H/1.1

200
OK

pixel Show response
ads.creative-serving.com/ul_cb/
Redirect Chain

https://ads.creative-serving.com/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home
https://ads.creative-serving.com/ul_cb/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home

870 B
1 KB

60ms
60ms

Script
text/javascript

3.127.51.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.creative-serving.com/ul_cb/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.51.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-51-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6f573c2d272c861e64c99e9353ab2ff77134ae73247b9b8437792549c5e636bc

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 870
Content-Type: text/javascript

Redirect headers

Location: https://ads.creative-serving.com/ul_cb/pixel?id=3153104&type=js&customer_extra=&customer_amount=&customer_id=3153104_Home
Date: Wed, 11 Aug 2021 10:13:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Cookie set retarget Show response
hal9000.redintelligence.net/ Frame D227
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=48575&version=1
https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

2 KB
1 KB

210ms
80ms

Document
text/html

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 1c93fd0976853452a33fa9a8643cbe4c30ffa0ee335c2597f1dcd5a54fcb92cb

Request headers

Host: hal9000.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=03dce8bc7b306581
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400

Response headers

Date: Wed, 11 Aug 2021 10:13:41 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=03dce8bc7b306581; expires=Tue, 09-Nov-2021 10:13:41 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 814
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 11 Aug 2021 10:13:41 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=03dce8bc7b306581; expires=Tue, 09-Nov-2021 10:13:41 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: ?a=48575&version=1&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Cookie set retarget Show response
ad.ad-srv.net/ Frame DB72
Redirect Chain

https://ad.ad-srv.net/retarget?a=52995&version=1
https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

2 KB
1002 B

209ms
79ms

Document
text/html

138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
Requested by: Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2631&n=__dot
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7e5b4c5967bc45fd8aedaa1d0dc8449f783862135ee1efd65b83e15978ac4235

Request headers

Host: ad.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: kdb0xdq3ls8m_uid=94fd55a1dd9cfe29
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400

Response headers

Date: Wed, 11 Aug 2021 10:13:41 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: kdb0xdq3ls8m_uid=94fd55a1dd9cfe29; expires=Tue, 09-Nov-2021 10:13:41 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 482
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 11 Aug 2021 10:13:41 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: kdb0xdq3ls8m_uid=94fd55a1dd9cfe29; expires=Tue, 09-Nov-2021 10:13:41 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Location: ?a=52995&version=1&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
apicit.net/target/ 4 KB
2 KB 196ms
60ms Script
application/javascript 151.80.200.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://apicit.net/target/
Requested by: Host: u.logbor.com
URL: https://u.logbor.com/p/?i=2631&n=__dot
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.200.208 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 499a9ecc99aea91ace906958fca31ea80ad67b4cbeea41cb859d75d2c80b83d9

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-encoding: gzip
last-modified: Wed, 13 May 2013 13:13:13 GMT
server: nginx
etag: W/"60721b3b-1080"
content-type: application/javascript
cache-control: max-age=86400, public
expires: Thu, 12 Aug 2021 10:13:41 GMT

GET
H/1.1 200
OK LAL.d Show response
js.cookieless-data.com/ 4 KB
2 KB 202ms
66ms Script
text/javascript 51.158.29.13
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/LAL.d?pa=22425&u=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&r=&cat_name=CATEGORY_NAME

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-29-13.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

48d9cf1326c1bbc9232d58ea9d9158a2838baa3ced0efec124298ab8913d63f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 10:13:41 GMT
Content-Encoding: gzip
Server: nginx/1.11.3
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: text/javascript
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 visitor
api-prod.secureprivacy.ai/api/adminsettings/displaypage/ Frame 0
0 86ms
86ms Preflight 104.26.3.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-prod.secureprivacy.ai/api/adminsettings/displaypage/visitor?ComplianceLawType=&ApiKey=8b6fedbcd5c244fcb6ac50820cff802364c5bf96b0c443618bbeb5a3808d4eacc3aaff3b831244ff80d35a381764f872&Domain=5f1b3ff97df5d20864f53763&v=1.2
Protocol: H2
Server: 104.26.3.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.theoriginalshotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Allow, Authorization, Origin, Access-Control-Allow-Origin, X-ss-id, X-CSRF-Token, Request-Id, Request-Context Request-Id, Request-Context
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.theoriginalshotels.com
request-context: appId=cid-v1:54a4b8c7-15ac-40b2-8efe-9c21784db750
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOxMwP9qzhflcl3e97Nv6zYcmS%2B2%2B3Bkp2JcVJoTKx9Ua1LkYkIH43HxiNLHjY2lTDwSLIjrcMjVBvfxFsSkMogtWFOyuM9sbfmuO7CRcaetUKvmrtIbxCFf2%2B%2FoBAm0Wda6m9FlYx%2FLXDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67d0b157beb21669-ARN

GET
H2 200 visitor Show response
api-prod.secureprivacy.ai/api/adminsettings/displaypage/ 58 KB
8 KB 41ms
40ms XHR
application/json 104.26.3.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-prod.secureprivacy.ai/api/adminsettings/displaypage/visitor?ComplianceLawType=&ApiKey=8b6fedbcd5c244fcb6ac50820cff802364c5bf96b0c443618bbeb5a3808d4eacc3aaff3b831244ff80d35a381764f872&Domain=5f1b3ff97df5d20864f53763&v=1.2
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9e4a9c936dadbacd3e2ab171af4ae6be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9095af3b32097c5dc93c298feb80caa007be6dd29a341884db4d24b03f804dff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3344
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
request-context: appId=cid-v1:54a4b8c7-15ac-40b2-8efe-9c21784db750
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyIXOKD7isSLRVrn5azNpFZoe5IU8S%2FsJwsU3AW%2FGu8pGvgTJb0q4fvKHN5wzlA3cUtMjMcJAybk7MkocQk6wAk%2Bi2q%2FRU%2BbRIwg9M3J%2FGbQVatE2PX5V5%2BbCUeUYxqcapnSAeD3SfiBEPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 67d0b15848161669-ARN
access-control-allow-headers: Content-Type, Allow, Authorization, Origin, Access-Control-Allow-Origin, X-ss-id, X-CSRF-Token, Request-Id, Request-Context
expires: Wed, 11 Aug 2021 14:13:41 GMT

GET
H/1.1 200
OK get-consent Show response
sddan.mgr.consensu.org/api/v1/public/ 0
194 B 194ms
63ms Script
text/plain 51.15.145.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://sddan.mgr.consensu.org/api/v1/public/get-consent?redirect=https%3A%2F%2Fjs.cookieless-data.com%2FLAL.d%3Fcat_name%3DCATEGORY_NAME%26pa%3D22425%26r%3D%26u%3Dhttps%253A%252F%252Fwww.theoriginalshotels.com%252Fen%252FA-propos-du-pass-sanitaire%253Futm_medium%253Demail%2526utm_source%253DOffer%2526utm_campaign%253D2021-Pass-sanitaire-EN-aout-3%2526pl%253Dd1az15i1bu1al15n15u1d91c915a19u16i14400&vendor_ids=53,916&user_id=NmI3OTgyNTMzYzQ2ZTQwNjhlZDExYzRiFpUsdUcM4l1LF4cDQNsM7e5C3S1lHVncQfIzvj4NkkIq6S3YLXejHKLGt6ZFEoxpneFUuLs1129V

Requested by

Host: js.cookieless-data.com
URL: https://js.cookieless-data.com/LAL.d?pa=22425&u=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&r=&cat_name=CATEGORY_NAME

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-15-145-115.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:41 GMT
Server: nginx/1.11.3
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload

GET
H2 200 dc_pre=CJmaj_vdqPICFVTa1QodpG0PDg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161
adservice.google.com/ddm/fls/z/ Frame 0D9B 42 B
262 B 41ms
40ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJmaj_vdqPICFVTa1QodpG0PDg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161

Requested by

Host: 10140364.fls.doubleclick.net
URL: https://10140364.fls.doubleclick.net/activityi;dc_pre=CJmaj_vdqPICFVTa1QodpG0PDg;src=10140364;type=theor0;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=929545083758.7161?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10140364.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMLyj_vdqPICFWi6UQod7p4PAA;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=*;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2Fwww.theoriginalsh...
adservice.google.com/ddm/fls/z/ Frame B035 42 B
107 B 74ms
74ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMLyj_vdqPICFWi6UQod7p4PAA;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=*;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400

Requested by

Host: 8741099.fls.doubleclick.net
URL: https://8741099.fls.doubleclick.net/activityi;dc_pre=CMLyj_vdqPICFWi6UQod7p4PAA;src=8741099;type=websi971;cat=sehho123;ord=1;num=2861369808398;gtm=2wg891;auiddc=160178545.1628676821;u9=%2Fen%2FA-propos-du-pass-sanitaire;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8741099.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPTDkPvdqPICFRDi1QodZWkH7A;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%...
adservice.google.com/ddm/fls/z/ Frame B308 42 B
107 B 74ms
74ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPTDkPvdqPICFRDi1QodZWkH7A;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400

Requested by

Host: 10150729.fls.doubleclick.net
URL: https://10150729.fls.doubleclick.net/activityi;dc_pre=CPTDkPvdqPICFRDi1QodZWkH7A;src=10150729;type=invmedia;cat=visit00;ord=1816976953858;gtm=2od891;auiddc=160178545.1628676821;ps=1;~oref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10150729.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK retar_js.php Show response
vu.adschoom.com/trafic/ 8 B
550 B 231ms
70ms Script
text/javascript 95.131.137.7
OXALIDE

General

Check archive.org

Show headers Download Go to

Full URL: https://vu.adschoom.com/trafic/retar_js.php?type=HOME&boutique={1883}&categorie_id=&produit_id=&data=&transaction_id=0&transaction_amount=0&valid=1&rid_tt=&refer=https%3A//www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&refer2=&shopf=false&random=471977723
Requested by: Host: vu.adschoom.com
URL: https://vu.adschoom.com/trafic/retar.php?boutique={1883}&type=HOME&topfr=https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400&topfr2=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.137.7 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: not.updated.oxalide.net
Software: nginx /
Resource Hash: 45336bf2c27960347588ebaedc466e533d74cb661ed98b7d8b45c27a54e0e596

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 10:13:41 GMT
Server: nginx
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 8
Expires: Sun, 01 Aug 2021 12:13:41 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=731
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=731
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=210da73b-4cb5-47d8-9688-dbf9d41a2f84&expires=30

0
239 B

65ms
64ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=210da73b-4cb5-47d8-9688-dbf9d41a2f84&expires=30
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

location: //pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=210da73b-4cb5-47d8-9688-dbf9d41a2f84&expires=30
date: Wed, 11 Aug 2021 10:13:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=304
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=304
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=210da73b-4cb5-47d8-9688-dbf9d41a2f84&gdpr=&gdpr_consent=&gdpr_pd=

1 B
492 B

196ms
63ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=210da73b-4cb5-47d8-9688-dbf9d41a2f84&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:42 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:503
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=210da73b-4cb5-47d8-9688-dbf9d41a2f84&gdpr=&gdpr_consent=&gdpr_pd=
date: Wed, 11 Aug 2021 10:13:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=800
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=80ed6d78-4d27-4b87-8e55-98455c4034f6&ssp=&expires=30&user_group=2&cb=800
https://us-u.openx.net/w/1.0/sd?id=537072968&val=210da73b-4cb5-47d8-9688-dbf9d41a2f84

43 B
106 B

61ms
58ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=210da73b-4cb5-47d8-9688-dbf9d41a2f84
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=210da73b-4cb5-47d8-9688-dbf9d41a2f84
date: Wed, 11 Aug 2021 10:13:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

2.gif
id5-sync.com/cq/101/124/0/
Redirect Chain

https://id5-sync.com/s/101/80ed6d78-4d27-4b87-8e55-98455c4034f6/1.gif
https://id5-sync.com/c/101/101/1/1.gif?puid=80ed6d78-4d27-4b87-8e55-98455c4034f6&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOcHPz2GZrh5BMWr66UybiGbi8lqYHWjA1rAQHaw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOcHPz2GZrh5BMWr66UybiGbi8lqYHWjA1rAQHaw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fp...
https://id5-sync.com/cq/101/124/0/2.gif?puid=54c16079-72aa-4b22-a503-e5773515097c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

43 B
1 KB

58ms
57ms

Image
image/gif

51.89.7.199
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/101/124/0/2.gif?puid=54c16079-72aa-4b22-a503-e5773515097c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.7.199 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p21.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:26 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/101/124/0/2.gif?puid=54c16079-72aa-4b22-a503-e5773515097c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
date: Wed, 11 Aug 2021 10:13:42 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK ibs:dpid=393426&dpuuid=80ed6d78-4d27-4b87-8e55-98455c4034f6
dpm.demdex.net/ 42 B
956 B 76ms
75ms Image
image/gif 52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=80ed6d78-4d27-4b87-8e55-98455c4034f6

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-071874892.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: DoGf3AfWRsI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 p161
match.justpremium.com/match/ 43 B
325 B 187ms
64ms Image
image/gif 18.196.127.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/p161?ex_uid=80ed6d78-4d27-4b87-8e55-98455c4034f6
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.127.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-127-76.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

gcm
ads.creative-serving.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc
https://ads.creative-serving.com/gcm?google_gid=CAESEPkW1KaWOh77EJ6-xiITKrs&google_cver=1

43 B
220 B

59ms
58ms

Image
image/gif

3.127.51.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/gcm?google_gid=CAESEPkW1KaWOh77EJ6-xiITKrs&google_cver=1
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.51.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-51-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.creative-serving.com/gcm?google_gid=CAESEPkW1KaWOh77EJ6-xiITKrs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 visitor
api-prod.secureprivacy.ai/api/banner/ Frame 0
0 80ms
80ms Preflight 104.26.3.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-prod.secureprivacy.ai/api/banner/visitor?ComplianceLawType=&ApiKey=8b6fedbcd5c244fcb6ac50820cff802364c5bf96b0c443618bbeb5a3808d4eacc3aaff3b831244ff80d35a381764f872&Domain=5f1b3ff97df5d20864f53763&v=1.2
Protocol: H2
Server: 104.26.3.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.theoriginalshotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Allow, Authorization, Origin, Access-Control-Allow-Origin, X-ss-id, X-CSRF-Token, Request-Id, Request-Context Request-Id, Request-Context
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.theoriginalshotels.com
request-context: appId=cid-v1:54a4b8c7-15ac-40b2-8efe-9c21784db750
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FP11m16o%2FHyzkFBeFoLB8rSR0U1QUt9%2BwCc4Y9UdiEYjBfHj2Teex5%2FeFVpoP3BI%2F5hsJm1yjQVGkN2Bbt%2Bd79smLNWVAyxwQ5OztH5JaqtB31Wf76Ob5vGYqiH5cd%2FFe8UhG%2F8SvhkYnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67d0b15898fb1669-ARN

GET
H2 200 banners-tc.css
app.secureprivacy.ai/secureprivacy-plugin/web-plugin/ 3 KB
1 KB 65ms
64ms Stylesheet
text/css 172.67.71.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.secureprivacy.ai/secureprivacy-plugin/web-plugin/banners-tc.css
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9e4a9c936dadbacd3e2ab171af4ae6be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b5e93aab7bc03cbbb19cc46eef171922495b0d4d86a8c7bbae7605249c040cc

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: zhnVHcE979KX8GgTd6mS5g==
age: 7721
cf-polished: origSize=2657
last-modified: Tue, 10 Aug 2021 02:43:28 GMT
cf-bgj: minify
server: cloudflare
etag: W/"0x8D95BA8A2763ADD"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBIc3oiRrsSMw2X2ZzpvWCvBwcpRGuFz3ThKpq8D41AKBw76YWy2sYdqMrQZs%2BfLle7xl9efLKd9LzGKqc5VsMAFl9RdK45EMreMOTmrupFEobMEWyaRUwMrH5hYOKFF%2Fzn0d8DP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-ms-request-id: 5eaa9eb6-e01e-006c-5b9c-8d4a3c000000
cache-control: public, max-age=14400
x-ms-version: 2018-03-28
cf-ray: 67d0b158ab894c8c-AMS
expires: Wed, 11 Aug 2021 14:13:41 GMT

GET
H2 200 visitor Show response
api-prod.secureprivacy.ai/api/banner/ 138 KB
8 KB 59ms
58ms XHR
application/json 104.26.3.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-prod.secureprivacy.ai/api/banner/visitor?ComplianceLawType=&ApiKey=8b6fedbcd5c244fcb6ac50820cff802364c5bf96b0c443618bbeb5a3808d4eacc3aaff3b831244ff80d35a381764f872&Domain=5f1b3ff97df5d20864f53763&v=1.2
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9e4a9c936dadbacd3e2ab171af4ae6be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1b7109012632693b410ff1f9eb5cd8035a0d00b4cf5ca1d91d5bd3d67b3ea0c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 11 Aug 2021 10:13:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3344
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
request-context: appId=cid-v1:54a4b8c7-15ac-40b2-8efe-9c21784db750
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owEfHtDnYNY9v64kn28hBY6FMcDBDBZZOAv0dafmHPHrcKdhHsgmaAXNpLp83wfUoNGx46wAI5NLCHkJMLvu6LcWLjPb5lz%2Bdi3O1sv8E7OKDL5cQu2YrAop61eXcF4rJEviXSjEg7j%2BbTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 67d0b1591a691669-ARN
access-control-allow-headers: Content-Type, Allow, Authorization, Origin, Access-Control-Allow-Origin, X-ss-id, X-CSRF-Token, Request-Id, Request-Context
expires: Wed, 11 Aug 2021 14:13:41 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame D227 597 B
920 B 216ms
87ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406673&mt_adid=222959&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3831 a91c15f master cdg-pixel-x2 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:42 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 11 Aug 2021 10:16:49 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame D227 597 B
921 B 209ms
79ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3831 a91c15f master cdg-pixel-x29 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:42 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 11 Aug 2021 10:16:49 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame D227 597 B
921 B 213ms
84ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406081&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3831 a91c15f master cdg-pixel-x25 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:42 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 11 Aug 2021 10:16:49 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame D227
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

139ms
44ms

Script
application/x-javascript

37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:42 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 07:34:20 GMT
server: nginx
etag: W/"60a21c7c-13e2b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Wed, 11 Aug 2021 10:13:42 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3-29

200

activityi;dc_pre=CMm1tPvdqPICFfHn5god8RkDZg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421 Show response
5994599.fls.doubleclick.net/ Frame 5600
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMm1tPvdqPICFfHn5god8RkDZg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421?

392 B
346 B

79ms
78ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMm1tPvdqPICFfHn5god8RkDZg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

a43fe71f490aaf56afe884e74e2c5a9e9ef1186af40cd289cff7b240526f9c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMm1tPvdqPICFfHn5god8RkDZg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmes1ntgi0Xdj5iYRD-0M5kPSWUlwVAsFPtoCBmS1xyLnJnG5GksDp1mRr0-yE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:42 GMT
expires: Wed, 11 Aug 2021 10:13:42 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMm1tPvdqPICFfHn5god8RkDZg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

activityi;dc_pre=CJ68tPvdqPICFWUHBgAdWQEHfQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777 Show response
5994599.fls.doubleclick.net/ Frame C1F4
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ68tPvdqPICFWUHBgAdWQEHfQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191....

400 B
351 B

80ms
79ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ68tPvdqPICFWUHBgAdWQEHfQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

8fc72aed7c2b5a1fc079ab258b648ed551bee04ab08a55359056801f9edadf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJ68tPvdqPICFWUHBgAdWQEHfQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmes1ntgi0Xdj5iYRD-0M5kPSWUlwVAsFPtoCBmS1xyLnJnG5GksDp1mRr0-yE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:42 GMT
expires: Wed, 11 Aug 2021 10:13:42 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 328
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ68tPvdqPICFWUHBgAdWQEHfQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame DB72 70 B
261 B 220ms
71ms Image
image/gif 34.255.138.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=1c14q3c&ct=0:qxxu0mu&fmt=4&gdpr=&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.138.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-138-57.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

src=9949552;dc_pre=CNGwtfvdqPICFQGW7QodGC4BCg;type=invmedia;cat=tp360000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=5842035732978.628
adservice.google.com/ddm/fls/z/ Frame DB72
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9949552;type=invmedia;cat=tp360000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=5842035732978.628?
https://ad.doubleclick.net/ddm/activity/src=9949552;dc_pre=CNGwtfvdqPICFQGW7QodGC4BCg;type=invmedia;cat=tp360000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;or...
https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CNGwtfvdqPICFQGW7QodGC4BCg;type=invmedia;cat=tp360000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord...

42 B
63 B

74ms
74ms

Image
image/gif

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CNGwtfvdqPICFQGW7QodGC4BCg;type=invmedia;cat=tp360000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=5842035732978.628

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CNGwtfvdqPICFQGW7QodGC4BCg;type=invmedia;cat=tp360000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=5842035732978.628
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CN_0tfvdqPICFQT21QodoocDUA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902 Show response
10227764.fls.doubleclick.net/ Frame 3462
Redirect Chain

https://10227764.fls.doubleclick.net/activityi;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902?
https://10227764.fls.doubleclick.net/activityi;dc_pre=CN_0tfvdqPICFQT21QodoocDUA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_conse...

422 B
360 B

79ms
78ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10227764.fls.doubleclick.net/activityi;dc_pre=CN_0tfvdqPICFQT21QodoocDUA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902?

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

afa034e5b87bddb1059108ce0c8994d8e0493559b94284bea570446a93e2f8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10227764.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CN_0tfvdqPICFQT21QodoocDUA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.ad-srv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmes1ntgi0Xdj5iYRD-0M5kPSWUlwVAsFPtoCBmS1xyLnJnG5GksDp1mRr0-yE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.ad-srv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:42 GMT
expires: Wed, 11 Aug 2021 10:13:42 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 10:13:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10227764.fls.doubleclick.net/activityi;dc_pre=CN_0tfvdqPICFQT21QodoocDUA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

src=9293064;dc_pre=COyxtfvdqPICFYjq7QodzS0Cxg;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8835367466555.031
adservice.google.com/ddm/fls/z/ Frame DB72
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9293064;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8835367466555.031?
https://ad.doubleclick.net/ddm/activity/src=9293064;dc_pre=COyxtfvdqPICFYjq7QodzS0Cxg;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8835367466555.031?
https://adservice.google.com/ddm/fls/z/src=9293064;dc_pre=COyxtfvdqPICFYjq7QodzS0Cxg;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8835367466555.031

42 B
63 B

42ms
41ms

Image
image/gif

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9293064;dc_pre=COyxtfvdqPICFYjq7QodzS0Cxg;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8835367466555.031

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=52995&version=1&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9293064;dc_pre=COyxtfvdqPICFYjq7QodzS0Cxg;type=invmedia;cat=oliro0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8835367466555.031
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.secureprivacy.ai
URL: https://app.secureprivacy.ai/script/5f1b3ff97df5d20864f53763.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: fvHF9YU/goDzmQtx4ljCaciUuuo32rnnCztc7q/R1eQbyFVtPx6iPy01J7LhtkdlJNZiLZTWnVnjyBOIzgGX2A==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 11 Aug 2021 10:13:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
4ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.secureprivacy.ai
URL: https://app.secureprivacy.ai/script/5f1b3ff97df5d20864f53763.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2227
date: Wed, 11 Aug 2021 09:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 11 Aug 2021 11:36:34 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/798183250/ 3 KB
1 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/798183250/?random=1628676821391&cv=9&fst=1628676821391&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&tiba=Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: app.secureprivacy.ai
URL: https://app.secureprivacy.ai/script/5f1b3ff97df5d20864f53763.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e797739478f27e73819b68b0fa10897f21d74a137545b7073017df5d366383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1137
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

166ms
95ms

Script
application/x-javascript

37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:42 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 07:34:20 GMT
server: nginx
etag: W/"60a21c7c-13e2b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Wed, 11 Aug 2021 10:13:42 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H/1.1 200
OK seg Show response
secure.adnxs.com/ 0
1 KB 239ms
120ms Script
application/javascript 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=11906172&t=1

Requested by

Host: app.secureprivacy.ai
URL: https://app.secureprivacy.ai/script/5f1b3ff97df5d20864f53763.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 10:13:42 GMT
X-Proxy-Origin: 86.106.103.22; 86.106.103.22; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c2f535ac-830c-4134-9c8b-447b41f20292
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 139
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Wed, 11 Aug 2021 11:11:23 GMT

GET
H3-29 200 385128758895809 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/385128758895809?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6805152f6221f661778940b51484b06f20c5914158ac0270f99723f8e23ac6d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73362
x-xss-protection: 0
pragma: public
x-fb-debug: +Zd3t8qxdCFIVFcacrnl0SwhVw9vT0hWACQ0D2JrRh6KeCrDgWC3Zmu6bmApHUov1aTQUmX+p5oUvCeRyXzztA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 11 Aug 2021 10:13:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
26 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=479749536&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&ul=en-us&de=UTF-8&dt=Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEALAAAAAC~&jid=2014208356&gjid=1724902831&cid=1155157639.1628676822&tid=UA-129815972-1&_gid=135391340.1628676822&_r=1&gtm=2wg891MQBH8T4&cg1=not_applicable&cd1=not_set&cd2=not_applicable&cd3=not_applicable&cd4=not_applicable&cd5=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&cd15=no&z=1385709502

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
25 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=479749536&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&ul=en-us&de=UTF-8&dt=Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEALBAAAAC~&jid=842543486&gjid=2142555915&cid=1155157639.1628676822&tid=UA-162681275-1&_gid=135391340.1628676822&_r=1&gtm=2wg891TL2MM4B&cg1=web&cd13=custom&cg2=not_applicable&cd19=tvs_yes&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&cd39=not_applicable&cd40=theoriginalshotels.com&cd41=GTM-TL2MM4B&cd42=22&z=982062091

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=479749536&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&ul=en-us&de=UTF-8&dt=Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=errors%20tracking&ea=datalayer%20tool%20error%3A%20TypeError%3A%20Cannot%20read%20property%20%27tc_863971%27%20of%20null&el=www.theoriginalshotels.com&_u=aGDACEALBAAAAC~&jid=1643522391&gjid=689119191&cid=1155157639.1628676822&tid=UA-162681275-3&_gid=135391340.1628676822&_r=1&gtm=2wg891TL2MM4B&cg1=web&cd13=custom&cg2=not_applicable&cd19=tvs_yes&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&cd39=not_applicable&cd40=theoriginalshotels.com&cd41=GTM-TL2MM4B&cd42=22&z=791887525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
92 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-129815972-1&cid=1155157639.1628676822&jid=2014208356&gjid=1724902831&_gid=135391340.1628676822&_u=aGBAAEAKAAAAAC~&z=1159973047

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 Aug 2021 10:13:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/798183250/ 42 B
64 B 24ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/798183250/?random=1628676821391&cv=9&fst=1628676000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&frm=0&url=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&tiba=Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels&async=1&fmt=3&is_vtc=1&random=3192554230&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/798183250/ 42 B
64 B 30ms
26ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/798183250/?random=1628676821391&cv=9&fst=1628676000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&frm=0&url=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&tiba=Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels&async=1&fmt=3&is_vtc=1&random=3192554230&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 636014493475340 Show response
connect.facebook.net/signals/config/ 256 KB
72 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/636014493475340?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

787955308184dfd488a3816752d3dc27247ab71ba68a00347719a624b078965c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73849
x-xss-protection: 0
pragma: public
x-fb-debug: rE1DQG+jOM/Pu68Rg3+IE2tna3eg1tyAJv6+pNzGWoxxlV31SlEfhL6GezoU5yGf9rPW8Jd2xsO3mltfWYebXA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 11 Aug 2021 10:13:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=385128758895809&ev=PageView&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&rl=&if=false&ts=1628676822085&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1628676822083.720371276&it=1628676822036&coo=false&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 11 Aug 2021 10:13:42 GMT

GET
H3-29 200 dc_pre=CMm1tPvdqPICFfHn5god8RkDZg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421
adservice.google.com/ddm/fls/z/ Frame 5600 42 B
63 B 91ms
76ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMm1tPvdqPICFfHn5god8RkDZg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMm1tPvdqPICFfHn5god8RkDZg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1427892347965.9421?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_pre=CJ68tPvdqPICFWUHBgAdWQEHfQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777
adservice.google.com/ddm/fls/z/ Frame C1F4 42 B
63 B 89ms
76ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ68tPvdqPICFWUHBgAdWQEHfQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ68tPvdqPICFWUHBgAdWQEHfQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6043843456191.777?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_pre=CN_0tfvdqPICFQT21QodoocDUA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902
adservice.google.com/ddm/fls/z/ Frame 3462 42 B
63 B 86ms
74ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CN_0tfvdqPICFQT21QodoocDUA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902

Requested by

Host: 10227764.fls.doubleclick.net
URL: https://10227764.fls.doubleclick.net/activityi;dc_pre=CN_0tfvdqPICFQT21QodoocDUA;src=10227764;type=invmedia;cat=theor0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1112195780107.1902?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10227764.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryEdHelBFmkWF2cFoY

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 11 Aug 2021 10:13:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.theoriginalshotels.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 1441323799393005 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1441323799393005?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f8fac4370ee7764fde73adeacd631efde041c54736e560cdbf97e3c09c4055a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73378
x-xss-protection: 0
pragma: public
x-fb-debug: KHbPMhyZc808syucsIwryl7je6jegmMWqG4ssynKE58QUE2u5BYcejdiY6NpulQ+8lMrOqt0riDd2Z7G3aSG+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 11 Aug 2021 10:13:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame D227 43 B
480 B 87ms
86ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3831 a91c15f master cdg-pixel-x25 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:42 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 11 Aug 2021 10:16:49 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1441323799393005&ev=PageView&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&rl=&if=false&ts=1628676822133&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628676822083.720371276&it=1628676822036&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 11 Aug 2021 10:13:42 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame D227
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=635920299680&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotels.com...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=635920299680&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotel...

111 B
592 B

41ms
41ms

Script
text/javascript

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=635920299680&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D48575%26version%3D1%26redirected%3D1

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=48575&version=1&redirected=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=635920299680&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D48575%26version%3D1%26redirected%3D1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=695417041671&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVy...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=695417041671&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWU...

104 B
585 B

42ms
41ms

Script
text/javascript

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=695417041671&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVyZT4iLCJpZCI6IjxpbnNlcnQgb3JkZXIgaWQgdmFsdWUgaGVyZT4ifQ&loc=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

093554855150e5e313e6d83dff1cbfc374b2842efefce4679064e09fc184dfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 179
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1607309&ADFPageName=Home&ADFdivider=%7C&ord=695417041671&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IjxpbnNlcnQgc2FsZXMgdmFsdWUgaGVyZT4iLCJpZCI6IjxpbnNlcnQgb3JkZXIgaWQgdmFsdWUgaGVyZT4ifQ&loc=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 ping.php Show response
apicit.net/target/ 457 B
763 B 63ms
62ms Script
application/javascript 151.80.200.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://apicit.net/target/ping.php?ref=https%3A//www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&apicitsrc=&fromtimeout=0
Requested by: Host: apicit.net
URL: https://apicit.net/target/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.200.208 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2b7318703d52f9c63f6d69e12510e9019ac4923b88b99f09a12a7c9d366293f1

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
content-encoding: gzip
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: application/javascript
content-length: 321
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
tags.clickintext.net/replicate.log/ 32 B
499 B 221ms
85ms Script
text/html 151.80.200.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickintext.net/replicate.log/?ishttps=1&ee=6663&apicitIdPAPXTime=ad63861cc3ffcf748f5cc645986aaa18&apicitIdPAPXTimeMore=
Requested by: Host: apicit.net
URL: https://apicit.net/target/ping.php?ref=https%3A//www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&apicitsrc=&fromtimeout=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2601016993234cfa1d6df1e81e9564a1ae4c56994be9307d3ee012d4033afc4f

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:42 GMT
content-encoding: gzip
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=ISO-8859-1
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 1576601976_5df909786f5db-thumb.png
cdn.galaxy.tf/uploads/3s/cms_image/001/576/601/ 14 KB
15 KB 18ms
17ms Image
image/webp 2606:4700::6811:b964
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/uploads/3s/cms_image/001/576/601/1576601976_5df909786f5db-thumb.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b964 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a9966fb0b5ea3c3f7834e2454b353369ba12e341886901b386cb405f899831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:42 GMT
vary: Accept
cf-cache-status: HIT
age: 563718
cf-polished: origFmt=png, origSize=28848
content-disposition: inline; filename="1576601976_5df909786f5db-thumb.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14474
last-modified: Tue, 17 Dec 2019 16:58:50 GMT
server: cloudflare
etag: "70b0-599e93e05118b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/webp
expires: Thu, 11 Aug 2022 10:13:42 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67d0b15ccaad432d-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 loader.gif
www.theoriginalshotels.com/integration/seh/public/images/ 2 KB
2 KB 15ms
15ms Image
image/gif 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theoriginalshotels.com/integration/seh/public/images/loader.gif

Requested by

Host: www.theoriginalshotels.com
URL: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f09759d7dde484b7a51cb76c60a1929711993e3e2642b03284c12e38a40dad0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /integration/seh/public/images/loader.gif
pragma: no-cache
cookie: loginpromo=appeared; galaxy-has-visited=1; _gcl_au=1.1.160178545.1628676821; galaxy-session-cookie-en=true; __cf_bm=3997b7e716393f58d753dc7db49e7d54d1bef26c-1628676821-1800-AYQUxEMO7fKRmCLpHR0EiYQ0wUEuCHmT/IoPQBgINx+Zs/c3u8zQdav6hRZ3o6jYhzFwfaNtrYOktxKEOzgevAWvmneuHiEKKZl1FyFBl41UW1o/enpD2pWGOwCyCipYc7iy9GtU/UZ6siAEwpM/vSA=; _ga=GA1.2.1155157639.1628676822; _gid=GA1.2.135391340.1628676822; _gat_OGH_ga=1; _gat_tct=1; _gat_UA-162681275-3=1; _fbp=fb.1.1628676822083.720371276
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theoriginalshotels.com
referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theoriginalshotels.com/css/custom/257-671448651164791ba45348c602eaf8ec/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:42 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68523
cf-polished: origSize=3208, status=webp_bigger
x-cache: Hit from cloudfront
x-amz-meta-static: true
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1819
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:04:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d3812b26de0e9068f7a1bde147ccb890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/gif
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 67d0b15cc87a2c42-FRA
x-amz-meta-md5chksum: 04ErJt4OkGj3ob3hR8y4kA==
x-amz-cf-id: -KhMnN-GnkQzvDwEUMT0cQOO-P5_38sWwHwYp3ObFVL7Z0ha9Qk_gg==
expires: Thu, 11 Aug 2022 10:13:42 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=385128758895809&ev=Microdata&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&rl=&if=false&ts=1628676822587&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22The%20Originals%20Hotels%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%22%2C%22og%3Atitle%22%3A%22Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%22%2C%22name%22%3A%22tout%20savoir%20sur%20le%20pass%20sanitaire%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1628676822083.720371276&it=1628676822036&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 11 Aug 2021 10:13:42 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=636014493475340&ev=Microdata&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&rl=&if=false&ts=1628676822612&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22The%20Originals%20Hotels%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%22%2C%22og%3Atitle%22%3A%22Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%22%2C%22name%22%3A%22tout%20savoir%20sur%20le%20pass%20sanitaire%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1628676822083.720371276&it=1628676822036&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 11 Aug 2021 10:13:42 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1441323799393005&ev=Microdata&dl=https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&rl=&if=false&ts=1628676822635&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22The%20Originals%20Hotels%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%22%2C%22og%3Atitle%22%3A%22Tout%20savoir%20sur%20le%20pass%20sanitaire%20%7C%20The%20Originals%20Hotels%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%22%2C%22name%22%3A%22tout%20savoir%20sur%20le%20pass%20sanitaire%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628676822083.720371276&it=1628676822036&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:13:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 11 Aug 2021 10:13:42 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ 85 KB
31 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyA5kF3IVVjrwMwf2MOdHl1JBdbdBOgDas4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 02:23:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31670
x-xss-protection: 0
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 02:23:03 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ 280 KB
86 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyA5kF3IVVjrwMwf2MOdHl1JBdbdBOgDas4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 09:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87588
x-xss-protection: 0
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 09:19:34 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
84 B 51ms
51ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.theoriginalshotels.com%2Fen%2FA-propos-du-pass-sanitaire%3Futm_medium%3Demail%26utm_source%3DOffer%26utm_campaign%3D2021-Pass-sanitaire-EN-aout-3%26pl%3Dd1az15i1bu1al15n15u1d91c915a19u16i14400&4sAIzaSyA5kF3IVVjrwMwf2MOdHl1JBdbdBOgDas4&callback=_xdc_._1s4a7u&key=AIzaSyA5kF3IVVjrwMwf2MOdHl1JBdbdBOgDas4&token=45796

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

66cb916a20ec88d46fdccef3332a72f3b579bf86ab2a28a2bbce703594ecbbd6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theoriginalshotels.com/en/A-propos-du-pass-sanitaire?utm_medium=email&utm_source=Offer&utm_campaign=2021-Pass-sanitaire-EN-aout-3&pl=d1az15i1bu1al15n15u1d91c915a19u16i14400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 10:13:45 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=29
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame D227 43 B
634 B 75ms
75ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3831 a91c15f master cdg-pixel-x5 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 10:13:52 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 11 Aug 2021 10:13:48 GMT

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad-srv.net/	1970-01-19 22:34:12	Name: kdb0xdq3ls8m_uid Value: 94fd55a1dd9cfe29
.redintelligence.net/	1970-01-19 22:34:12	Name: 8lcfmzhxc8d6_uid Value: 03dce8bc7b306581
.theoriginalshotels.com/	1970-01-19 22:34:12	Name: _fbp Value: fb.1.1628676822083.720371276
.theoriginalshotels.com/	1970-01-19 20:24:36	Name: _gat_tct Value: 1
www.theoriginalshotels.com/	1969-12-31 23:59:59	Name: loginpromo Value: appeared
.theoriginalshotels.com/	1970-01-20 13:55:48	Name: _ga Value: GA1.2.1155157639.1628676822
.theoriginalshotels.com/	1970-01-19 20:24:36	Name: _gat_OGH_ga Value: 1
.www.theoriginalshotels.com/	1970-01-19 20:24:38	Name: __cf_bm Value: 3997b7e716393f58d753dc7db49e7d54d1bef26c-1628676821-1800-AYQUxEMO7fKRmCLpHR0EiYQ0wUEuCHmT/IoPQBgINx+Zs/c3u8zQdav6hRZ3o6jYhzFwfaNtrYOktxKEOzgevAWvmneuHiEKKZl1FyFBl41UW1o/enpD2pWGOwCyCipYc7iy9GtU/UZ6siAEwpM/vSA=
.doubleclick.net/	1970-01-20 05:46:12	Name: IDE Value: AHWqTUmes1ntgi0Xdj5iYRD-0M5kPSWUlwVAsFPtoCBmS1xyLnJnG5GksDp1mRr0-yE
.theoriginalshotels.com/	1970-01-19 20:24:36	Name: _gat_UA-162681275-3 Value: 1
.theoriginalshotels.com/	1970-01-19 22:34:12	Name: _gcl_au Value: 1.1.160178545.1628676821
www.theoriginalshotels.com/	1970-01-19 21:07:48	Name: galaxy-has-visited Value: 1
www.theoriginalshotels.com/en	1969-12-31 23:59:59	Name: __tcet Value: 1628676821
.theoriginalshotels.com/	1970-01-19 20:26:03	Name: _gid Value: GA1.2.135391340.1628676822
www.theoriginalshotels.com/	1970-01-19 20:24:38	Name: galaxy-session-cookie-en Value: true

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9e4a9c936dadbacd3e2ab171af4ae6be(Line 80) Message: [object Object]
console-api	log	URL: https://www.theoriginalshotels.com/integration/seh/public/js/bundle.js?v9e4a9c936dadbacd3e2ab171af4ae6be(Line 80) Message: pushed!
console-api	log	URL: https://app.secureprivacy.ai/secureprivacy-plugin/web-plugin/secure-privacy-tc.js?v=0.7060154252566182(Line 1) Message: Secure Privacy GDPR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10140364.fls.doubleclick.net
10150729.fls.doubleclick.net
10227764.fls.doubleclick.net
5994599.fls.doubleclick.net
8741099.fls.doubleclick.net
ad.ad-srv.net
ad.doubleclick.net
ads.creative-serving.com
adservice.google.com
api-prod.secureprivacy.ai
apicit.net
app.secureprivacy.ai
cdn.galaxy.tf
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
ice.360yield.com
id5-sync.com
insight.adsrvr.org
js.cookieless-data.com
maps.googleapis.com
match.justpremium.com
pixel.mathtag.com
pixel.rubiconproject.com
s2.adform.net
sddan.mgr.consensu.org
secure.adnxs.com
simage2.pubmatic.com
stats.g.doubleclick.net
tags.clickintext.net
tcgms.net
track.adform.net
u.logbor.com
us-u.openx.net
vu.adschoom.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.theoriginalshotels.com
x.bidswitch.net
104.26.3.32
138.201.63.149
142.250.185.162
142.250.185.230
142.250.185.66
151.80.200.208
151.80.200.209
172.67.71.189
18.192.147.144
18.196.127.76
185.33.220.241
185.64.190.80
2.18.233.201
23.45.237.73
2606:4700::6811:b964
2606:4700::6811:ba64
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c1b::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.127.51.194
3.66.103.148
34.255.138.57
34.98.64.218
37.157.4.28
37.157.5.72
51.15.145.115
51.158.29.13
51.89.7.199
52.48.145.41
69.173.144.165
88.99.165.19
89.185.38.89
95.131.137.7
008eedf237f732c94b135c5893db4af1a8ea8d547ffa4eab8a414cde17a8c561
024a762b84dfa3b66ca78390728d57d34229b6f6d1293197cdcb3f678bb42a86
0278f1e1f3ce6d858b7b9306471243f6808a92947ecffb694b1b7aa6a5ae47f5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
093554855150e5e313e6d83dff1cbfc374b2842efefce4679064e09fc184dfd1
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0da083fda74d13c58cea7fa43e89dfb3d52b2811edc4a2022285ed45b68c7694
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
179e854d911b628a102f1d3c3b18a16c28ff996808d7eae19303fffd9aa93cb2
1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e
1c93fd0976853452a33fa9a8643cbe4c30ffa0ee335c2597f1dcd5a54fcb92cb
2601016993234cfa1d6df1e81e9564a1ae4c56994be9307d3ee012d4033afc4f
2799cec22d6753a8d12423ce40d43ce6da847e5338613a45d09bfef4d4cfb935
29e056a988f874565b954c03f119955657ed0a369cb975a4645c79731914f9ef
2b7318703d52f9c63f6d69e12510e9019ac4923b88b99f09a12a7c9d366293f1
312e3949dc0d0ca10792535b1bf6a8d2ff5c0e69d78661a46b3a0ebdec700ae0
318c18bf81911f5bf528004448e0dfb39faeaa5a55ccc4638636180464fa69df
36a9966fb0b5ea3c3f7834e2454b353369ba12e341886901b386cb405f899831
389d9b1c8619cf7582d3a948e52734230352a55c4dd8b039a5b3c52095a0f448
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
45336bf2c27960347588ebaedc466e533d74cb661ed98b7d8b45c27a54e0e596
457a900959b9fcc04d5341f59c81579dc638304c797276144b4bb2a8ec4cf2cf
45f561b7fe08af5afa017a87fdef48c4afa2c2220e48cc9f17b4bfb46d265809
464e1b405dc25d57a8fad36f7f8683f950b7507ab9a5001670aad386bca0691a
469e10df142a5884e59c7a93596294a29a0c1f5e57c830c0470647dcbeee334a
48d9cf1326c1bbc9232d58ea9d9158a2838baa3ced0efec124298ab8913d63f3
499a9ecc99aea91ace906958fca31ea80ad67b4cbeea41cb859d75d2c80b83d9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5207c54dcd8e568a16eae61ca39d6556dff847c1b5f2a4fb765404c7088416
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a7c1752d0e51a9884db4c9e02880989c2711e45a4dfe0f962ad6d55431ae0d2
5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5
5b722727520073a73fc0a5177269317c4b181ee666f3caa78f964ba4bb78090b
5da3bab32275e8f70a161cbc85e5134d3d42f4e784f72e5404abc9fc3debba0a
64554b950459b990eb022dc55fce559cb248e7f466a06ea57f66e64b76e4901c
66cb916a20ec88d46fdccef3332a72f3b579bf86ab2a28a2bbce703594ecbbd6
673efe84b8988e98907bfd58af22ba16785dfb1e25112482a7eff7c0ef25234c
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
6b5e93aab7bc03cbbb19cc46eef171922495b0d4d86a8c7bbae7605249c040cc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3c9446ea12497ec7d965c368058c1a33f823623c2b0cdacf812ca7accbfb31
6f573c2d272c861e64c99e9353ab2ff77134ae73247b9b8437792549c5e636bc
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
787955308184dfd488a3816752d3dc27247ab71ba68a00347719a624b078965c
794777a48f26375e8937e6e406b63b129592c604f6780d63b729da3e977d72b6
799b56eab7270dfc6b1208944afd06c7a7c4f9f85ac0f842737efce2f293f033
7e5b4c5967bc45fd8aedaa1d0dc8449f783862135ee1efd65b83e15978ac4235
7f098a3e57e822de1b521c2fe69979c91812dbc3ebf5bc0c7be8311e56e2aa2e
7f8fac4370ee7764fde73adeacd631efde041c54736e560cdbf97e3c09c4055a
8b22f2953eca122aeb88385ff1076e6b4775f232e78aaa84c7454b0910bd3218
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fc72aed7c2b5a1fc079ab258b648ed551bee04ab08a55359056801f9edadf6e
9095af3b32097c5dc93c298feb80caa007be6dd29a341884db4d24b03f804dff
90e836431cec9de289f32669d85804f21614ce9edebc4aa8dedafd580b087b79
98f8b09bf08129672e3f72a3bd3125f9f55bcfcc03d0f28edf53ae823483d7c7
9e1643fbbd726611ae85daa3796dfe933445cecff34d4fd149fb1ba42f22a44a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a43fe71f490aaf56afe884e74e2c5a9e9ef1186af40cd289cff7b240526f9c14
a5be5c39f26830465f845cd641c61769e37f9c8664836f3a2a1aaf8cc5c3bed3
a68de406188ab6e9cacf06d04ac1a379009da99d4cfd2bf59e136ab0efbaad0a
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
a913e7426ff30f6e7cddd1aed158af64fa43cbfcbd11de9639a7314dec96eb9a
a9bfaf8d6561585f99423b43a0473ceedcfcab5b05daa9442c4e27f7349a2e19
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
afa034e5b87bddb1059108ce0c8994d8e0493559b94284bea570446a93e2f8e8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2fd82e920988463d77ceeef8481175e86cc88342962ceeb0e983eaf6fa4063c
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
b65d57c541fde4c17e0d66fd0796ae8066cb346d9620d52228bb3eabc49766f7
b6d0c93f1f8d80347943722f2eadb08d1a33045b05058db74931ca0d3ea1f709
b99d411bd16e842ca2482a4559a2f61d66f1bf7852a08e7185c1417c543a997d
bd82cf0ab21c7dbb540e83b216e6eda1e93fa34113a7ab5d976d590c26ca012d
c0794c0d07b9e6345c36bef3bb4c2a01d4b37b918eb1ece24b83998773b711ff
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c472576f4b565d32159c395fee6a3923b89b70d5041b95da1a3ee66504ccf837
cf055b47be3428c71d97ef86af271850bba4ef48d125ad610954f29fbeab8d79
d0e797739478f27e73819b68b0fa10897f21d74a137545b7073017df5d366383
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ed1d8362a60d16cfca89c19e6e6697eb0fbc1b3724192cb4f0e41bd58dfa4094
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09759d7dde484b7a51cb76c60a1929711993e3e2642b03284c12e38a40dad0c
f1b7109012632693b410ff1f9eb5cd8035a0d00b4cf5ca1d91d5bd3d67b3ea0c
f2ca5aacac78ad2ea93420d9edca15a673a52ff8ba8f80f304b5b17f3c75165c
f6805152f6221f661778940b51484b06f20c5914158ac0270f99723f8e23ac6d
fccb50801b1f82b58bf7ae7aca950a11f80211966e3891309e7f74a59fbf59b7

www.theoriginalshotels.com Open in urlscan Pro 2606:4700::6811:ba64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

100 %HTTPS

35 %IPv6

35 Domains

46 Subdomains

39 IPs

8 Countries

3634 kBTransfer

6852 kBSize

15 Cookies

4 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theoriginalshotels.com Open in urlscan Pro
2606:4700::6811:ba64 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

100 %
HTTPS

35 %
IPv6

35
Domains

46
Subdomains

39
IPs

8
Countries

3634 kB
Transfer

6852 kB
Size

15
Cookies

117 HTTP transactions
0 data transactions