www.sandmansignature.co.uk Open in urlscan Pro
2606:4700::6811:b764 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tcgms.net/tr/c/42fn28c30b2af28a2a32b92dt28e2fx2cf28m00/1046515
Effective URL:
https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af...
Submission: On April 09 via api (April 9th 2021, 8:05:20 am UTC) from US

Summary HTTP 96 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 25 domains to perform 96 HTTP transactions. The main IP is 2606:4700::6811:b764, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sandmansignature.co.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 5th 2021. Valid for: a year.

This is the only time www.sandmansignature.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	23.79.156.95 23.79.156.95	16625 (AKAMAI-AS) (AKAMAI-AS)
28	2606:4700::68... 2606:4700::6811:b764	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 6	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.222.179.72 52.222.179.72	16509 (AMAZON-02) (AMAZON-02)
7	2620:1ec:29::19 2620:1ec:29::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	195.244.31.25 195.244.31.25	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
1	2600:9000:209... 2600:9000:2093:3600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7 10	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.157.207.8 18.157.207.8	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
19	23.45.237.73 23.45.237.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f03... 2a03:2880:f03f:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	3.120.52.76 3.120.52.76	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f13... 2a03:2880:f13f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
96	27

2 23.79.156.95 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-156-95.deploy.static.akamaitechnologies.com

tcgms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700::6811:b764 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sandmansignature.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.40 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.179.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-72.ham50.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:29::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net

dynamic.travelclick-websolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2093:3600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.248.28.111 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.207.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-207-8.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.45.237.73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-237-73.deploy.static.akamaitechnologies.com

www.tcgms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f03f:1c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.52.76 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-76.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.50 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f13f:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	galaxy.tf cdn.galaxy.tf	3 MB
21	tcgms.net 1 redirects tcgms.net www.tcgms.net	301 KB
15	adroll.com 7 redirects s.adroll.com d.adroll.com	25 KB
9	clarity.ms 1 redirects www.clarity.ms c.clarity.ms	22 KB
7	sandmansignature.co.uk www.sandmansignature.co.uk	455 KB
6	google-analytics.com www.google-analytics.com	21 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	gstatic.com fonts.gstatic.com	59 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	openx.net 1 redirects us-u.openx.net	481 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	876 B
2	facebook.net connect.facebook.net	92 KB
2	travelclick-websolutions.com dynamic.travelclick-websolutions.com	6 KB
2	datadome.co js.datadome.co api-js.datadome.co	23 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	googletagmanager.com www.googletagmanager.com	97 KB
1	facebook.com www.facebook.com	147 B
1	yahoo.com ads.yahoo.com	444 B
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	bing.com 1 redirects c.bing.com	393 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	quantcount.com rules.quantcount.com	1 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
96	25

	Domain	Requested by
21	cdn.galaxy.tf	www.sandmansignature.co.uk
19	www.tcgms.net	tcgms.net www.tcgms.net
9	d.adroll.com	6 redirects www.sandmansignature.co.uk
7	www.clarity.ms	www.sandmansignature.co.uk www.clarity.ms
7	www.sandmansignature.co.uk	www.sandmansignature.co.uk
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.sandmansignature.co.uk
6	s.adroll.com	1 redirects www.googletagmanager.com www.sandmansignature.co.uk s.adroll.com d.adroll.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.sandmansignature.co.uk
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects www.sandmansignature.co.uk
2	ib.adnxs.com	1 redirects www.sandmansignature.co.uk
2	x.bidswitch.net	1 redirects www.sandmansignature.co.uk
2	connect.facebook.net	d.adroll.com connect.facebook.net
2	c.clarity.ms	1 redirects www.sandmansignature.co.uk
2	dynamic.travelclick-websolutions.com	www.sandmansignature.co.uk
2	www.googletagmanager.com	www.sandmansignature.co.uk
2	tcgms.net	1 redirects www.sandmansignature.co.uk
1	www.facebook.com	www.sandmansignature.co.uk
1	ads.yahoo.com	www.sandmansignature.co.uk
1	www.google.de	www.sandmansignature.co.uk
1	www.google.com	www.sandmansignature.co.uk
1	pixel.quantserve.com	www.sandmansignature.co.uk
1	stats.g.doubleclick.net	www.sandmansignature.co.uk
1	api-js.datadome.co	www.sandmansignature.co.uk
1	c.bing.com	1 redirects
1	d.adroll.mgr.consensu.org	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	js.datadome.co	www.sandmansignature.co.uk
1	secure.quantserve.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.sandmansignature.co.uk
96	31

This site contains links to these domains. Also see Links.

Domain
www.portmarnock.com
www.sandmanhotels.com
reservations.sandmansignature.co.uk
reservations.travelclick.com
sandmanhotels.prevueaps.com
rsvprewards.com
northland.ca
www.travelclick-websolutions.com

Subject Issuer	Validity	Valid
www.sandmansignature.co.uk Cloudflare Inc ECC CA-3	`2021-04-05` - `2022-04-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
cdn.galaxy.tf Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
secure.tcgms.net R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2019-10-08` - `2021-10-21`	2 years	crt.sh
www.clarity.ms DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-09-03`	a year	crt.sh
*.travelclick-websolutions.com Gandi Standard SSL CA 2	`2020-06-23` - `2021-07-06`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
c.msn.com Microsoft RSA TLS CA 02	`2021-02-03` - `2022-02-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-05-05`	a month	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
Frame ID: B129814B2B007EAFF04F2222D3D55A44
Requests: 77 HTTP requests in this frame

Frame: https://tcgms.net/app/new/NTE4ODc1MzEyNQ
Frame ID: 4918D35B9A33EED8680C9CB3331CE2EB
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tcgms.net/tr/c/42fn28c30b2af28a2a32b92dt28e2fx2cf28m00/1046515 HTTP 301
https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Em... Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

96
Requests

100 %
HTTPS

57 %
IPv6

25
Domains

31
Subdomains

27
IPs

6
Countries

4020 kB
Transfer

7430 kB
Size

17
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.portmarnock.com/
Title: Portmarnock Hotel & Golf Links

Search URL Search Domain Scan URL

URL: https://www.sandmanhotels.com/
Title: North America

Search URL Search Domain Scan URL

URL: https://reservations.sandmansignature.co.uk/113149?identifier=RELAX
Title: Book now opens in a new tab

Search URL Search Domain Scan URL

URL: https://reservations.sandmansignature.co.uk/113135?identifier=EXTEND
Title: Book now opens in a new tab

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/113058?RatePlanId=5284143
Title: Book now opens in a new tab

Search URL Search Domain Scan URL

URL: https://sandmanhotels.prevueaps.com/pages/openings/
Title: Careers opens in a new tab

Search URL Search Domain Scan URL

URL: http://rsvprewards.com/
Title: Member Sign Up & Log In opens in a new tab

Search URL Search Domain Scan URL

URL: https://northland.ca/
Title: A Northland Properties Company

Search URL Search Domain Scan URL

URL: https://www.travelclick-websolutions.com/uploads/applications/documents/001/615/825/privacy-policy-sandman-signature-pdf.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.travelclick-websolutions.com/uploads/applications/documents/001/615/825/cookies-policy-sandman-signature-pdf.pdf
Title: Cookies Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tcgms.net/tr/c/42fn28c30b2af28a2a32b92dt28e2fx2cf28m00/1046515 HTTP 301
https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://s.adroll.com/j/exp/IZKONPD7LJBD3HTMRIT576/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 39

https://d.adroll.mgr.consensu.org/consent/iabcheck/IZKONPD7LJBD3HTMRIT576?_s=6f41bbeae493c761ee2b9bea61561a45&_b=2 HTTP 302
https://d.adroll.com/consent/check/IZKONPD7LJBD3HTMRIT576/?_s=6f41bbeae493c761ee2b9bea61561a45&_b=2

Request Chain 42

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=0200CB94A45D4B01894BB5EC28840121&RedC=c.clarity.ms&MXFR=3384658912246DE505AC759D16246324 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=0200CB94A45D4B01894BB5EC28840121&MUID=17FC0B2264FE62BB0F0F1B36652C6379

Request Chain 74

https://d.adroll.com/pixel/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&xid_ch=f&pv=53108767805.56251&cookie=&adroll_s_ref=&keyw=&adroll_external_data= HTTP 302
https://s.adroll.com/pixel/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF/U5JGCVQXHRHTLJT4I5C5BK.js

Request Chain 82

https://d.adroll.com/cm/r/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&xid_ch=f&advertisable=IZKONPD7LJBD3HTMRIT576 HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 83

https://d.adroll.com/cm/b/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&xid_ch=f&advertisable=IZKONPD7LJBD3HTMRIT576 HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg

Request Chain 84

https://d.adroll.com/cm/x/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&xid_ch=f&advertisable=IZKONPD7LJBD3HTMRIT576 HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg

Request Chain 86

https://d.adroll.com/cm/o/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&xid_ch=f&advertisable=IZKONPD7LJBD3HTMRIT576 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=517a06893b0cb4564c8dff1f29cdef18 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=517a06893b0cb4564c8dff1f29cdef18

Request Chain 87

https://d.adroll.com/cm/g/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&xid_ch=f&advertisable=IZKONPD7LJBD3HTMRIT576&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=UXoGiTsMtFZMjf8fKc3vGA HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=UXoGiTsMtFZMjf8fKc3vGA&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

96 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sandmansignature.co.uk/
Redirect Chain

https://tcgms.net/tr/c/42fn28c30b2af28a2a32b92dt28e2fx2cf28m00/1046515
https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00

122 KB
28 KB

287ms
253ms

Document
text/html

2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbd81f41feacfd98a9a850e25e5f8942bd34ae8e7bb2b61e98eebdfbea96b0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.sandmansignature.co.uk
:scheme: https
:path: /?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8c2d698ff89a303609fc04aeebeb793e1617955498; expires=Sun, 09-May-21 08:04:58 GMT; path=/; domain=.www.sandmansignature.co.uk; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 08 Apr 2021 23:45:51 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 1e14debf40c7c0d32192ed8ad517da21.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: VCQEZbgvjSUVSSQy4TriJECVzh-cte4_ZUj7ShQkKVtl_icEn2WGXA==
cf-cache-status: MISS
expires: Fri, 09 Apr 2021 08:24:58 GMT
cache-control: public, max-age=1200
cf-request-id: 095742c19a0000dfcb90121000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63d23a48fabcdfcb-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: Apache-Coyote/1.1
location: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
content-length: 0
date: Fri, 09 Apr 2021 08:04:58 GMT
set-cookie: 8670820235074=26a1d1097909; Expires=Sun, 09-May-2021 08:04:57 GMT; Path=/ GMS_REDIRECT=81700E0BFECE6045BBF448407B0F7A07; Path=/tr
content-security-policy: upgrade-insecure-requests

GET
H2 200 css
fonts.googleapis.com/ 3 KB
562 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Aleo:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca026e09ea3fea4eb37cb8542e915798bd8c712fd02c38c80ecae3ce7ff03061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 08:04:58 GMT
server: ESF
date: Fri, 09 Apr 2021 08:04:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Apr 2021 08:04:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
863 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86b5612d7c778080a41977a29f98f320cc045cdf88332bd62cbc31bf11011574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 08:04:58 GMT
server: ESF
date: Fri, 09 Apr 2021 08:04:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Apr 2021 08:04:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i%7CMontserrat:300,300i,400,400i,500,500i,600,700,700i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07a99c6a70bd3d0a07b80c73bcbd49a039b9fb1ba6cd107ff9d47c6c324405b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 07:59:39 GMT
server: ESF
date: Fri, 09 Apr 2021 08:04:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Apr 2021 08:04:58 GMT

GET
H2 200 main.css
www.sandmansignature.co.uk/css/custom/3775-cafb86f836c47339736aa2841704270e/ 496 KB
68 KB 33ms
33ms Stylesheet
text/css 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmansignature.co.uk/css/custom/3775-cafb86f836c47339736aa2841704270e/main.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7f2f36f454d16ed5867900d44adc9d38c64e38a49fb40481e08f748db97abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 28530
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 095742c2990000dfcb542be000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Apr 2021 23:45:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cf0f59832aaa29460a28cdc0b1743d19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
cf-ray: 63d23a4a8c3adfcb-FRA
x-amz-cf-id: QLPj0CDrUgJKOak7RrAxxMqFIuzPyQrr8K8YqCIm_Vi9j7TVbaUzvw==
expires: Sat, 09 Apr 2022 08:04:58 GMT

GET
H2 200 picturefill.min.js Show response
www.sandmansignature.co.uk/integration/tc-theme/public/js/ 12 KB
5 KB 46ms
45ms Script
application/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmansignature.co.uk/integration/tc-theme/public/js/picturefill.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 28530
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 095742c2cf0000dfcb4eaa6000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Apr 2021 23:45:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f350acdff40c79c5389997f7a4b17acf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
cf-ray: 63d23a4aec9edfcb-FRA
x-amz-meta-md5chksum: 81Cs3/QMecU4mZf3pLF6zw==
x-amz-cf-id: UjTnZLn3mEb5trfJGDxI449VkEdP01w0d4TSbw1jkZTq7tAwcSkaLA==
expires: Sat, 09 Apr 2022 08:04:58 GMT

GET
H2 200 gms-latest.min.js Show response
cdn.galaxy.tf/asset-galaxy/js/ 146 KB
44 KB 46ms
23ms Script
application/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?vf776f58443e10c84781d995aedde7f87

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf055b47be3428c71d97ef86af271850bba4ef48d125ad610954f29fbeab8d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 128557
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 095742c2b100004e5cbe233000000001
last-modified: Thu, 25 Mar 2021 10:08:26 GMT
server: cloudflare
etag: W/"249e1-5be5998b4ecbb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 63d23a4ab9a34e5c-FRA
expires: Sat, 09 Apr 2022 08:04:58 GMT

GET
H2 200 api.js Show response
www.sandmansignature.co.uk/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 10ms
10ms Script
text/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmansignature.co.uk/cdn-cgi/bm/cv/669835187/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 63d23a4aecaadfcb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 095742c2d60000dfcbce1f1000000001

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 14ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 129765
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
cf-request-id: 095742c2b40000645b3da14000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KW%2FW11bGWKwhrPBHia3%2F7zgcTQbnrzpIvsryXUwjc7GFEl5v75WGZxGBWr4Rjh3Etxnyveclj63fNw2v4urPwaQcShGxShclvk4%2B4E3RSDKAO0YARQFyzcqQGaya1qQr%2FA%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63d23a4ab8f1645b-FRA
expires: Wed, 30 Mar 2022 08:04:58 GMT

GET
H2 200 1613488835_602be2c36b0bd-thumb.svg
cdn.galaxy.tf/thumb/sizeW500/uploads/s/cms_image/001/613/488/ 31 KB
11 KB 24ms
20ms Image
image/svg+xml 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW500/uploads/s/cms_image/001/613/488/1613488835_602be2c36b0bd-thumb.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d763110f2d094cfb493e86c382fa1ae28d21dc9197c6bdc18f2bc8b204b109

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 63433
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 63d23a4b0a2b4e5c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 095742c2e200004e5cf12be000000001
expires: Sat, 09 Apr 2022 08:04:58 GMT

GET
H2 200 1613491056_602beb70604fb-thumb.jpg
cdn.galaxy.tf/thumb/sizeW567/uploads/2s/cms_image/001/613/491/ 32 KB
33 KB 18ms
16ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW567/uploads/2s/cms_image/001/613/491/1613491056_602beb70604fb-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64c7b73c05a8dc3b0970bcc21e23b9c432ed51a8794de0aa1c35d7d7a4b13dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
cf-cache-status: HIT
age: 63409
x-cache-key: _srcbfca34209738da8047f0873607ca3c5e_paree494389baeeb21f962f55816666e451.jpeg
cf-polished: origSize=33331, status=webp_bigger
content-disposition: inline; filename="1613491056_602beb70604fb-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33035
cf-request-id: 095742c2e300004e5cf7ad5000000001
last-modified: Tue, 16 Feb 2021 15:59:33 GMT
server: cloudflare
etag: "2e09f443395c59209da7fdacb8e0acf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4b0a2d4e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 1615393017_6048f0f91b03e-thumb.jpg
cdn.galaxy.tf/thumb/sizeW567/uploads/2s/cms_image/001/615/393/ 37 KB
37 KB 23ms
21ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW567/uploads/2s/cms_image/001/615/393/1615393017_6048f0f91b03e-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a981baa97adfe185f2ad887c5a23de05814462e4a0975e5a8b95e14521d87f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
cf-cache-status: HIT
age: 63409
x-cache-key: _src2341cec90a9213464106215957f36153_paree494389baeeb21f962f55816666e451.jpeg
cf-polished: origSize=38021, status=webp_bigger
content-disposition: inline; filename="1615393017_6048f0f91b03e-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37610
cf-request-id: 095742c2e300004e5ce7aab000000001
last-modified: Fri, 12 Mar 2021 16:01:32 GMT
server: cloudflare
etag: "b9b4a1309eb60346c539d31db99d2485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4b0a2e4e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 1615230540_6046764c06e94-thumb.jpg
cdn.galaxy.tf/thumb/sizeW567/uploads/2s/cms_image/001/615/230/ 47 KB
48 KB 583ms
580ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW567/uploads/2s/cms_image/001/615/230/1615230540_6046764c06e94-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d62fe4f55e0a07b095bc8c5f4a54223e3ee76bc00b3f0d40d2e438b5acd1508f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: MISS
x-cache-key: _src742b4fe63d2efb647671acb8ca618b94_paree494389baeeb21f962f55816666e451.jpeg
content-disposition: inline; filename="1615230540_6046764c06e94-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48604
cf-request-id: 095742c2e300004e5c8ca1c000000001
last-modified: Fri, 12 Mar 2021 16:01:32 GMT
server: cloudflare
etag: "99eff6acf83208030de074ffe0e1a75e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4b0a2f4e5c-FRA
x-local-cache: HIT
expires: Sat, 09 Apr 2022 08:04:59 GMT

GET
H2 200 adobestock-257504579-standard.jpg
cdn.galaxy.tf/thumb/sizeW560/unit-media/tc-default/uploads/images/offer_photo/001/615/937/ 22 KB
22 KB 17ms
14ms Image
image/webp 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW560/unit-media/tc-default/uploads/images/offer_photo/001/615/937/adobestock-257504579-standard.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c67c359df655ef58c9f2f46fc1eb52f46525670356b6e0e3b5a1cfc4f787e192

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
cf-cache-status: HIT
age: 30749
x-cache-key: _srcaeb1b226f115ff15b020be8b854b15a8_par949eb2026c8b8badc8ec1722c291cf87.jpeg
cf-polished: qual=85, origFmt=jpeg, origSize=25924
content-disposition: inline; filename="adobestock-257504579-standard.webp"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22412
cf-request-id: 095742c2e300004e5c8ab95000000001
last-modified: Wed, 17 Mar 2021 15:39:12 GMT
server: cloudflare
etag: "99767be5f1494652069ec437974edbf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4b0a304e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 adobestock-294551680-standard.jpg
cdn.galaxy.tf/thumb/sizeW560/unit-media/tc-default/uploads/images/offer_photo/001/616/714/ 31 KB
32 KB 15ms
13ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW560/unit-media/tc-default/uploads/images/offer_photo/001/616/714/adobestock-294551680-standard.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e835997d8afeee9b54a3271a0c7276e4cc46e25fb0bac86da01c5a9790ea93a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
cf-cache-status: HIT
age: 30749
x-cache-key: _src7be60e0d0b7a81fabd5f08a9fd291ff6_par949eb2026c8b8badc8ec1722c291cf87.jpeg
cf-polished: origSize=32622, status=webp_bigger
content-disposition: inline; filename="adobestock-294551680-standard.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32032
cf-request-id: 095742c2e300004e5c8d843000000001
last-modified: Fri, 26 Mar 2021 19:30:35 GMT
server: cloudflare
etag: "9773c60d70691cb40881c503ac08fc9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4b0a314e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 adobestock-277571433-standard.jpg
cdn.galaxy.tf/thumb/sizeW560/unit-media/tc-default/uploads/images/offer_photo/001/615/421/ 22 KB
23 KB 520ms
518ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW560/unit-media/tc-default/uploads/images/offer_photo/001/615/421/adobestock-277571433-standard.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9df7390a8de3e0efdfd8b0c0fcf93d51e5138cadae95230950084f9fb984903

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: MISS
x-cache-key: _src95963dc9e7d37fe2a54002607ae5ce60_par949eb2026c8b8badc8ec1722c291cf87.jpeg
content-disposition: inline; filename="adobestock-277571433-standard.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22979
cf-request-id: 095742c2e300004e5c94846000000001
last-modified: Thu, 11 Mar 2021 16:07:55 GMT
server: cloudflare
etag: "6b12f439028c1b5ae3963eda7fd42fa7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4b0a324e5c-FRA
x-local-cache: HIT
expires: Sat, 09 Apr 2022 08:04:59 GMT

GET
H2 200 1615392135_6048ed8798cae-thumb.jpg
cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/392/ 159 KB
160 KB 22ms
20ms Image
image/webp 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/392/1615392135_6048ed8798cae-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9bac9b186086d62442dc94c73c202953222836b6006e4cff8d6ae5de8643f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
cf-cache-status: HIT
age: 63429
x-cache-key: _srcdcb0d7a3f48f1a11836b95767a90135f_par23e48250a6ee445908dfc16354adc1d4.jpeg
cf-polished: qual=85, origFmt=jpeg, origSize=224566
content-disposition: inline; filename="1615392135_6048ed8798cae-thumb.webp"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 163024
cf-request-id: 095742c2e300004e5cc733b000000001
last-modified: Wed, 10 Mar 2021 16:13:16 GMT
server: cloudflare
etag: "69c558592773e0fb1cee9cff8fe29783"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4b0a334e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 1615555162_604b6a5a1d5a0-thumb.jpg
cdn.galaxy.tf/thumb/sizeW560/uploads/2s/cms_image/001/615/555/ 49 KB
49 KB 22ms
21ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW560/uploads/2s/cms_image/001/615/555/1615555162_604b6a5a1d5a0-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cf00b50a8f674e7a7f7ccae376f0f3fa6d623d690b3ea95c790a76f631a15d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
cf-cache-status: HIT
age: 63409
x-cache-key: _src121067cfe029e4bf634107f54259bded_par949eb2026c8b8badc8ec1722c291cf87.jpeg
cf-polished: origSize=50476, status=webp_bigger
content-disposition: inline; filename="1615555162_604b6a5a1d5a0-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50271
cf-request-id: 095742c2e300004e5ce0208000000001
last-modified: Fri, 12 Mar 2021 13:19:30 GMT
server: cloudflare
etag: "14165721d1fee50a3ab37c11fbf5e3ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4b0a354e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 1615555013_604b69c55a702-thumb.jpg
cdn.galaxy.tf/thumb/sizeW560/uploads/2s/cms_image/001/615/555/ 34 KB
34 KB 32ms
30ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW560/uploads/2s/cms_image/001/615/555/1615555013_604b69c55a702-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ccb40d23832df0cfa2c30637ee81fac758128d0397367e075072889cb15206

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
cf-cache-status: HIT
age: 63409
x-cache-key: _src15cc67831a6657f48ab336f5f0e78799_par949eb2026c8b8badc8ec1722c291cf87.jpeg
cf-polished: origSize=35337, status=webp_bigger
content-disposition: inline; filename="1615555013_604b69c55a702-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34913
cf-request-id: 095742c2e400004e5cef2a7000000001
last-modified: Fri, 12 Mar 2021 13:15:19 GMT
server: cloudflare
etag: "6089d141483ed95f8d242f9cad64fbda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4b0a364e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 1615555215_604b6a8feefe9-thumb.jpg
cdn.galaxy.tf/thumb/sizeW560/uploads/2s/cms_image/001/615/555/ 37 KB
38 KB 22ms
20ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW560/uploads/2s/cms_image/001/615/555/1615555215_604b6a8feefe9-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9351d0e6e40b7262313121fd85208a2ab0743f056ab341a68f3469032519db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
cf-cache-status: HIT
age: 63409
x-cache-key: _srcd843739b935587aa9fd0bc24a1499b22_par949eb2026c8b8badc8ec1722c291cf87.jpeg
cf-polished: origSize=38382, status=webp_bigger
content-disposition: inline; filename="1615555215_604b6a8feefe9-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38069
cf-request-id: 095742c2e400004e5c9b0f7000000001
last-modified: Fri, 12 Mar 2021 13:19:30 GMT
server: cloudflare
etag: "422f72be07cd75fa990b6439db07bd07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4b0a374e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 134 KB
42 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88b0ad1a3372815110b5081811bc96fe1b530f14776634d7e9e93848a2e339e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43055
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Apr 2021 08:04:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
55 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HXZ8R5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5878bb1293bbc0f432ed4bcd088535a6798639ff38ecbb8a7aa0278458dd404f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56134
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Apr 2021 08:04:58 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.sandmansignature.co.uk
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
age: 597681
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 galaxy-helpers.js Show response
www.sandmansignature.co.uk/frontend/galaxy-helpers/public/ 56 KB
19 KB 27ms
25ms Script
application/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmansignature.co.uk/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-0c46abc7-5ed7-44f9-a62f-976bb2ad7cb0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673efe84b8988e98907bfd58af22ba16785dfb1e25112482a7eff7c0ef25234c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 28530
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 095742c2f80000dfcb7a9da000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Apr 2021 23:45:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"fc5533db627b81a2d3c528b4e095f002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
cf-ray: 63d23a4b2cfedfcb-FRA
x-amz-meta-md5chksum: /FUz22J7gaLTxSi04JXwAg==
x-amz-cf-id: XAqWubRhGt44d_j6prCEAhRjIuWzNPQEF_tvocWiEOjCn-Q5AmznhA==
expires: Sat, 09 Apr 2022 08:04:58 GMT

GET
H2 200 bundle.js Show response
www.sandmansignature.co.uk/integration/tc-theme/public/js/ 1 MB
325 KB 63ms
61ms Script
application/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8be313c366ab8bc751ba26c7089c9aeeb1685411f3c4ebe77e6168c4455a637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 28530
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 095742c2fb0000dfcba9adc000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Apr 2021 23:45:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2f26fb530251178e2f9499da40aa8eb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
cf-ray: 63d23a4b2d01dfcb-FRA
x-amz-meta-md5chksum: Lyb7UwJRF44vlJnaQKqOtQ==
x-amz-cf-id: 23xGiyCXZ33oci7qx6744F-NjB75O-2nudZfkQLfLdTg0pbnYUkWnA==
expires: Sat, 09 Apr 2022 08:04:58 GMT

GET
H2 200 NTE4ODc1MzEyNQ Show response
tcgms.net/app/new/ Frame 4918 39 KB
9 KB 394ms
393ms Document
text/html 23.79.156.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.156.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-156-95.deploy.static.akamaitechnologies.com

Software

Apache-Coyote/1.1 /

Resource Hash

4a100b32642d43a738a9ed093575bd7347c139ad4191d39bff7a3afcc54dbefe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: tcgms.net
:scheme: https
:path: /app/new/NTE4ODc1MzEyNQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00

Response headers

server: Apache-Coyote/1.1
content-type: text/html;charset=UTF-8
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 09 Apr 2021 08:04:59 GMT
content-length: 9419
content-security-policy: upgrade-insecure-requests

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 28ms
13ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.sandmansignature.co.uk
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
age: 597681
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H3-Q050 200 c4mv1nF8G8_swA3J0Q.woff2
fonts.gstatic.com/s/aleo/v4/ 28 KB
28 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/aleo/v4/c4mv1nF8G8_swA3J0Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Aleo:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c661089dddb9797c4617a25a50e392b2c04d3e25911d476e1d55a28e1559fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.sandmansignature.co.uk
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 03:49:33 GMT
server: sffe
age: 597680
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:38 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 23ms
7ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HXZ8R5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 16 Apr 2021 08:04:58 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 41 KB
13 KB 90ms
31ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HXZ8R5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ecfec6edd361b81190425a403385fb537c339984464c26413437ef7dc551a0a3

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nkHCm_xeWIjraGkeLYKhlD5Mi9FxU1pe
Content-Encoding: gzip
ETag: "64986b995b49e1feeccb58c9c06afef7"
x-amz-request-id: M8JT0DRWSNHQWNF2
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12936
x-amz-id-2: UaJgkqahhvnmY+EprGUVU7rj5UlsD+G3+MfQdOHzuTlVw1GAtQCvkxib4Sev/d0/doHcrvTIDEQ=
Last-Modified: Mon, 05 Apr 2021 16:54:49 GMT
Server: AmazonS3
Date: Fri, 09 Apr 2021 08:04:58 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 tags.js Show response
js.datadome.co/ 140 KB
23 KB 111ms
39ms Script
text/javascript 52.222.179.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-72.ham50.r.cloudfront.net

Software

Apache /

Resource Hash

248ea9a5eb1327df2a59fdaa13d7164b0db3b745b8410156938a9d40bdb2c890

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:12 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 46
x-cache: Hit from cloudfront
content-length: 23095
access-control-allow-origin: *
last-modified: Fri, 09 Apr 2021 08:04:00 GMT
server: Apache
etag: "230ef-5bf859b4c074d-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac41.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
x-amz-cf-id: MRHirvujvWzO6zqHNbvTq3xgp4PCLQ-_fnMQi7cup_jCt7trdIb--Q==
expires: Fri, 09 Apr 2021 09:04:12 GMT

GET
H2 200 56f6aomfh1 Show response
www.clarity.ms/tag/ 445 B
825 B 180ms
134ms Script
application/x-javascript 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/56f6aomfh1
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c472ac9df5c62f8fc85276f3c9e22195e2414c9f120375224e4cdda6d57fd5f6

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store
x-azure-ref: 0qgpwYAAAAACNDP2xvhuWQIhqIrQnyiYuTE9OMjFFREdFMTUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
request-context: appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f
content-length: 446
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HXZ8R5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1200
date: Fri, 09 Apr 2021 07:44:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 09 Apr 2021 09:44:58 GMT

POST
H/1.1 200
OK 3775 Show response
dynamic.travelclick-websolutions.com/view/ 2 KB
2 KB 614ms
395ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/view/3775

Requested by

Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

3d3100957260dcaf25908b89b326587909277e861bb191d80e08759a2ca3c8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 09 Apr 2021 08:04:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-02
Strict-Transport-Security: max-age=15768000
Content-Length: 1035
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK 3775 Show response
dynamic.travelclick-websolutions.com/list/ 22 KB
4 KB 576ms
366ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/list/3775

Requested by

Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

90c6c752faaf8d96e0df6fb0962a7d5f9ea85ebdea2cdf2e0e89374c2dc8ba3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 09 Apr 2021 08:04:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-04
Strict-Transport-Security: max-age=15768000
Content-Length: 3791
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 1615392152_6048ed98b8339-thumb.jpg
cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/392/ 278 KB
278 KB 15ms
15ms Image
image/webp 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/392/1615392152_6048ed98b8339-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da822d470ab8c265535b251210d0eab8f11fa9eff462829df942f520378368e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: HIT
age: 63429
x-cache-key: _srce54e02c78d899c133279c5f73e4c346e_par23e48250a6ee445908dfc16354adc1d4.jpeg
cf-polished: qual=85, origFmt=jpeg, origSize=295733
content-disposition: inline; filename="1615392152_6048ed98b8339-thumb.webp"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 284334
cf-request-id: 095742c46800004e5c1328a000000001
last-modified: Wed, 10 Mar 2021 16:03:32 GMT
server: cloudflare
etag: "205858e07e15cace2643608230bdc280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:59 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4d7e714e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 rules-p-t-Y4C8b3TMpU2.js Show response
rules.quantcount.com/ 2 KB
1 KB 56ms
24ms Script
application/x-javascript 2600:9000:2093:3600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-t-Y4C8b3TMpU2.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:3600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13b3262bd17b82af659ff836fc4879b17ea9d597447f1eb1fd294dfcb036e110

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 07:08:02 GMT
content-encoding: gzip
last-modified: Thu, 31 Jan 2019 22:39:23 GMT
server: AmazonS3
age: 3418
etag: W/"18f7988cb7e82b9ae42f1ad4c4ee7637"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e783bb6c29f662cfdd94e8ac169d6a36.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: u4rY-F1OGW8MctwArr5REpZAxXosqmsY4vnKe6V8jxzxzNXGSwfSXw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/IZKONPD7LJBD3HTMRIT576/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

29ms
29ms

Script
application/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A6E4D842C4F3666B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified: Tue, 19 Jan 2021 16:25:36 GMT
Server: AmazonS3
Date: Fri, 09 Apr 2021 08:04:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Fri, 09 Apr 2021 08:04:59 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF/ 0
773 B 258ms
204ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OJxsLsMhKrp.sSXljlCS4BEpWm2q.2.0
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: NG2EY1R79C3Q99NB
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: 9SkhudshomF3BTzbTRasARSjP1lTJz6N024knXKj+BqQvUO/bfIz2WaWQ83/wHD1FRtZNxWJJ5k=
Last-Modified: Thu, 08 Apr 2021 19:22:09 GMT
Server: AmazonS3
Date: Fri, 09 Apr 2021 08:04:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/IZKONPD7LJBD3HTMRIT576/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/IZKONPD7LJBD3HTMRIT576?_s=6f41bbeae493c761ee2b9bea61561a45&_b=2
https://d.adroll.com/consent/check/IZKONPD7LJBD3HTMRIT576/?_s=6f41bbeae493c761ee2b9bea61561a45&_b=2

394 B
863 B

48ms
46ms

Script
application/javascript

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/IZKONPD7LJBD3HTMRIT576/?_s=6f41bbeae493c761ee2b9bea61561a45&_b=2
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2c123021b125ae37f774e395c7d38bf743fdddd14470c8d850e4dec114b0c5f6

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: application/javascript
content-length: 394
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/IZKONPD7LJBD3HTMRIT576/?_s=6f41bbeae493c761ee2b9bea61561a45&_b=2
date: Fri, 09 Apr 2021 08:04:59 GMT
server: nginx/1.18.0
content-length: 105

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 07:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1265
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 09 Apr 2021 08:43:54 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/scus/s/0.6.10/ 45 KB
20 KB 129ms
128ms Script
application/javascript 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/scus/s/0.6.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/56f6aomfh1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 601ecef6383d02e04903fdf3dd7cfdd968fb09973e39f74b583eb7b9773e8f0e

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:58 GMT
content-encoding: br
etag: "1d72c83154636e0"
last-modified: Thu, 08 Apr 2021 14:25:54 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0qwpwYAAAAAC6ZKsyjVZbRrjYJSea9DczTE9OMjFFREdFMTUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=0200CB94A45D4B01894BB5EC28840121&RedC=c.clarity.ms&MXFR=3384658912246DE505AC759D16246324
https://c.clarity.ms/c.gif?CtsSyncId=0200CB94A45D4B01894BB5EC28840121&MUID=17FC0B2264FE62BB0F0F1B36652C6379

42 B
357 B

43ms
42ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=0200CB94A45D4B01894BB5EC28840121&MUID=17FC0B2264FE62BB0F0F1B36652C6379
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:58 GMT
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "506f5bd17ad71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:58 GMT
x-msedge-ref: Ref A: CD6D0F8CF138405EB532807DCAEC5F48 Ref B: FRAEDGE1315 Ref C: 2021-04-09T08:04:59Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=0200CB94A45D4B01894BB5EC28840121&MUID=17FC0B2264FE62BB0F0F1B36652C6379
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 200
OK / Show response
api-js.datadome.co/js/ 221 B
476 B 120ms
31ms XHR
application/json 18.157.207.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.207.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-207-8.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 35703e608d556e81fcc6dce7d5a4cf45fa58fdf37644905e4fd24c4864daa06b

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 09 Apr 2021 08:04:59 GMT
Server: DataDome
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 221
Expires: 0

POST
H2 204 result Show response
www.sandmansignature.co.uk/cdn-cgi/bm/cv/ 0
350 B 13ms
13ms XHR
text/plain 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandmansignature.co.uk/cdn-cgi/bm/cv/result?req_id=63d23a48fabcdfcb
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 63d23a4e1817dfcb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-request-id: 095742c4d40000dfcb5da44000000001

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
74 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=1722606026&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&ul=en-us&de=UTF-8&dt=Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%2C%20Aberdeen%20%26%20Newcastle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEALAAAAAC~&jid=2029838213&gjid=1643202814&cid=1385161079.1617955499&tid=UA-25327496-1&_gid=1367240296.1617955499&_r=1&gtm=2wg3v05HXZ8R5&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd16=no&cd19=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&z=1491382375

Requested by

Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandmansignature.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=1722606026&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&ul=en-us&de=UTF-8&dt=Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%2C%20Aberdeen%20%26%20Newcastle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEALBAAAAC~&jid=724931435&gjid=1078642948&cid=1385161079.1617955499&tid=UA-193985224-1&_gid=1367240296.1617955499&_r=1&gtm=2wg3v05HXZ8R5&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd16=no&cd19=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&z=474793467

Requested by

Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandmansignature.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=1722606026&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&ul=en-us&de=UTF-8&dt=Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%2C%20Aberdeen%20%26%20Newcastle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEALBAAAAC~&jid=722558897&gjid=1440948015&cid=1385161079.1617955499&tid=UA-162681275-1&_gid=1367240296.1617955499&_r=1&gtm=2wg3v0TL2MM4B&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cg1=web&cg2=not_applicable&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&cd39=not_applicable&cd40=sandmansignature.co.uk&cd41=GTM-TL2MM4B&cd42=20&z=700103715

Requested by

Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandmansignature.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=1722606026&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&ul=en-us&de=UTF-8&dt=Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%2C%20Aberdeen%20%26%20Newcastle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=errors%20tracking&ea=datalayer%20tool%20error%3A%20TypeError%3A%20Cannot%20read%20property%20%27tc_1100262%27%20of%20null&el=www.sandmansignature.co.uk&_u=aGDACEALBAAAAC~&jid=336398464&gjid=906770354&cid=1385161079.1617955499&tid=UA-162681275-3&_gid=1367240296.1617955499&_r=1&gtm=2wg3v0TL2MM4B&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cg1=web&cg2=not_applicable&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&cd39=not_applicable&cd40=sandmansignature.co.uk&cd41=GTM-TL2MM4B&cd42=20&z=1966800115

Requested by

Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandmansignature.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1615392490_6048eeea02cd0-thumb.jpg
cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/392/ 295 KB
296 KB 17ms
16ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/392/1615392490_6048eeea02cd0-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04de90c885ff3a5779df40287d86a056c73d0c3c1b34d9f4e36be1d3454fc6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: HIT
age: 63427
x-cache-key: _src9cd4ba197313daafefe88e84ecbe4430_par23e48250a6ee445908dfc16354adc1d4.jpeg
cf-polished: origSize=305043, status=webp_bigger
content-disposition: inline; filename="1615392490_6048eeea02cd0-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302125
cf-request-id: 095742c4f100004e5cd0bdc000000001
last-modified: Wed, 10 Mar 2021 16:10:47 GMT
server: cloudflare
etag: "5f3c7740cfaf70697ab0cb8b80ac8d8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:59 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4e4fb54e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
96 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-25327496-1&cid=1385161079.1617955499&jid=2029838213&gjid=1643202814&_gid=1367240296.1617955499&_u=aGBAAEAKAAAAAC~&z=783384943

Requested by

Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 09 Apr 2021 08:04:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.sandmansignature.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dialogs.css
www.tcgms.net/scripts/dialogs/css/ Frame 4918 27 KB
5 KB 277ms
182ms Stylesheet
text/css 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/dialogs/css/dialogs.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2d5f55af6b26f54540a0b432dd6f4fbda74ac3391ce1c81c2da35b0eee52356e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2013 19:44:34 GMT
server: Apache
etag: "6d0c-4edac0a8ccc80"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 5292

GET
H2 200 jquery-ui.min.css
www.tcgms.net/scripts/responsive/ Frame 4918 28 KB
7 KB 260ms
165ms Stylesheet
text/css 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

235811eea35afea6661df621dcd80615b44d0abf0f4e30141bcb062c3edcecea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "6f91-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6942

GET
H2 200 jquery-ui.structure.min.css
www.tcgms.net/scripts/responsive/ Frame 4918 14 KB
5 KB 1086ms
992ms Stylesheet
text/css 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.structure.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c1f78372fef6004ba25f660c5e2a8377c7e057e1386281df289973abb4cebabf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:05:00 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "39ac-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4738

GET
H2 200 jquery-ui.theme.min.css
www.tcgms.net/scripts/responsive/ Frame 4918 13 KB
2 KB 274ms
180ms Stylesheet
text/css 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.theme.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad276a9b384daf069f7458062d26b31838d009086e6b3a5e0c69a5682063239c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "351f-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2284

GET
H2 200 jquery-ui-slider-pips.css
www.tcgms.net/scripts/responsive/ Frame 4918 11 KB
2 KB 366ms
273ms Stylesheet
text/css 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui-slider-pips.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

dff41f45bf1410d70bbaa825268ce556be0a4c1eb3c293600971e60e565a218b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "2baa-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2034

GET
H2 200 jquery.mobile-1.4.5.min.css
www.tcgms.net/scripts/responsive/ Frame 4918 203 KB
25 KB 562ms
469ms Stylesheet
text/css 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile-1.4.5.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "32a69-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 25215

GET
H2 200 jquery.mobile.custom.theme.min.css
www.tcgms.net/scripts/responsive/ Frame 4918 12 KB
2 KB 619ms
526ms Stylesheet
text/css 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.theme.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

291e4ceacea80004276a4500a661d05acd5912b405fb13a2fe5fa6fc4c676eee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "3071-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2243

GET
H2 200 jquery.mobile.custom.structure.min.css
www.tcgms.net/scripts/responsive/ Frame 4918 66 KB
10 KB 885ms
793ms Stylesheet
text/css 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.structure.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8964e438a1f1a01489df821e32816d1651550b39b55b783ad7f5d85e43c6247b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:05:00 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "10953-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 9788

GET
H2 200 intlTelInput.css
www.tcgms.net/scripts/responsive/intlTelInput/ Frame 4918 21 KB
3 KB 752ms
660ms Stylesheet
text/css 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/intlTelInput/intlTelInput.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a06428ba01c0ceafa7d68c9c6cf720ae3543831c878ca0c66dc38ad74eb5c74b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Tue, 06 Dec 2016 03:58:21 GMT
server: Apache
etag: "54a4-542f56a489b33"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 3187

GET
H2 200 jquery-1.11.1.min.js Show response
www.tcgms.net/scripts/responsive/ Frame 4918 94 KB
33 KB 1120ms
1028ms Script
application/javascript 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-1.11.1.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:05:00 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "1762a-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 33266

GET
H2 200 custom-jquery-scripts.js Show response
www.tcgms.net/scripts/responsive/ Frame 4918 112 B
286 B 752ms
660ms Script
application/javascript 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/custom-jquery-scripts.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4018d80284d0b380e6f0187eea93cd2006c976d7990a9a59234bbb3f7e4d48a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Mon, 07 Dec 2015 18:15:35 GMT
server: Apache
etag: "70-52652d7e77fc0"
content-type: application/javascript
date: Fri, 09 Apr 2021 08:04:59 GMT
accept-ranges: bytes
content-length: 112

GET
H2 200 jquery-ui.min.js Show response
www.tcgms.net/scripts/responsive/ Frame 4918 235 KB
63 KB 1214ms
1122ms Script
application/javascript 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a8bd2ffb1e86cd8ab362d0c57f12860bc2b35b243d9f9a9ed63b663ca2ae82ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:05:00 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "3ab26-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes

GET
H2 200 jquery-ui-slider-pips.js Show response
www.tcgms.net/scripts/responsive/ Frame 4918 22 KB
5 KB 752ms
660ms Script
application/javascript 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui-slider-pips.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d14a1b9791657bcd13c89ddc2d2bfcddc5491c377ebf7b4ef6a86c5b89eb18c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "59d3-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4630

GET
H2 200 jquery.mobile.custom.min.js Show response
www.tcgms.net/scripts/responsive/ Frame 4918 181 KB
51 KB 1164ms
1072ms Script
application/javascript 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

77db1e92623f53f39a92474ff79429f547485f839dc0b30bc33a5f65ce880da8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:05:00 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "2d37a-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes

GET
H2 200 iframeResizer.contentWindow.min.js Show response
www.tcgms.net/scripts/responsive/ Frame 4918 13 KB
5 KB 711ms
620ms Script
application/javascript 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/iframeResizer.contentWindow.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:33 GMT
server: Apache
etag: "3445-525ea79683240"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 5005

GET
H2 200 intlTelInput.min.js Show response
www.tcgms.net/scripts/responsive/intlTelInput/ Frame 4918 22 KB
9 KB 733ms
642ms Script
application/javascript 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/intlTelInput/intlTelInput.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ffc992202755637f8b6d51b4f61d30e3b47fc797403d923a9cd618a47c6ca184

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Tue, 06 Dec 2016 03:58:21 GMT
server: Apache
etag: "56bf-542f56a48a2f5"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 9108

GET
H2 200 utils.js Show response
www.tcgms.net/scripts/responsive/intlTelInput/ Frame 4918 233 KB
51 KB 1646ms
1555ms Script
application/javascript 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/intlTelInput/utils.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3d5c31a7e56cfc12b784ae9f7d946c74b9f0e301032ddc6b786a83c3be2773db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:05:00 GMT
content-encoding: gzip
last-modified: Tue, 06 Dec 2016 03:58:21 GMT
server: Apache
etag: "3a41e-542f56a48aeac"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes

GET
H2 200 qrcode.min.js Show response
www.tcgms.net/scripts/responsive/ Frame 4918 19 KB
7 KB 723ms
632ms Script
application/javascript 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/qrcode.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4ODc1MzEyNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2017 12:04:19 GMT
server: Apache
etag: "4dd7-5491d4be08778"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7007

GET
H2 200 pixel;r=1646797113;labels=keywords.%2Ctitle.Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%20%20Aberdeen%20%26%20Newcastle;source=gtm;rf=0;a=p-t-Y4C8b3TMpU2;url=https%3A%2F%2Fwww.sandma...
pixel.quantserve.com/ 35 B
371 B 10ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1646797113;labels=keywords.%2Ctitle.Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%20%20Aberdeen%20%26%20Newcastle;source=gtm;rf=0;a=p-t-Y4C8b3TMpU2;url=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-415915465-1617955499260;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=sandmansignature.co.uk;je=0;sr=1600x1200x24;dst=1;et=1617955499260;tzo=-120;ogl=site_name.Sandman%20Signature%20UK%2Curl.https%3A%2F%2Fwww%252Esandmansignature%252Eco%252Euk%2F%2Ctitle.Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%252C%20Aberdeen%20%26%20Newcastle%2Cdescription.Sandman%20Signature%20Hotels%20UK%20are%20designed%20with%20the%20expressed%20purpose%20of%20providing%2Clocale.en_US

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-25327496-1&cid=1385161079.1617955499&jid=2029838213&_u=aGBAAEAKAAAAAC~&z=1054520291

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-25327496-1&cid=1385161079.1617955499&jid=2029838213&_u=aGBAAEAKAAAAAC~&z=1054520291

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1615392173_6048edad805e7-thumb.jpg
cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/392/ 188 KB
188 KB 42ms
42ms Image
image/webp 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/392/1615392173_6048edad805e7-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdba32ddd84343fd3c815649d51f768724798d2db35df5c747fe4303a9d374b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: HIT
age: 63426
x-cache-key: _src8fdc2dd8042fa7cdda87c657dba52928_par23e48250a6ee445908dfc16354adc1d4.jpeg
cf-polished: qual=85, origFmt=jpeg, origSize=224733
content-disposition: inline; filename="1615392173_6048edad805e7-thumb.webp"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 192446
cf-request-id: 095742c50700004e5cbb891000000001
last-modified: Wed, 10 Mar 2021 16:03:43 GMT
server: cloudflare
etag: "6dcbcc059bd709fac39282cb9392910b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:59 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4e78124e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 1615393736_6048f3c89202c-thumb.jpg
cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/393/ 343 KB
344 KB 19ms
19ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/393/1615393736_6048f3c89202c-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7a33832989b49df2a855271593bfe8f93985927795af8ceb39dfd10a9a02178

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: HIT
age: 63425
x-cache-key: _srcf5dd3ca2a38c6079bedae86194171488_par23e48250a6ee445908dfc16354adc1d4.jpeg
cf-polished: origSize=354105, status=webp_bigger
content-disposition: inline; filename="1615393736_6048f3c89202c-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 350930
cf-request-id: 095742c56a00004e5c00186000000001
last-modified: Wed, 10 Mar 2021 16:28:31 GMT
server: cloudflare
etag: "43ea6a42a037edb59977573dec4f214d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:59 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4f09164e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

U5JGCVQXHRHTLJT4I5C5BK.js Show response
s.adroll.com/pixel/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF/
Redirect Chain

https://d.adroll.com/pixel/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3D...
https://s.adroll.com/pixel/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF/U5JGCVQXHRHTLJT4I5C5BK.js

4 KB
2 KB

210ms
209ms

Script
text/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF/U5JGCVQXHRHTLJT4I5C5BK.js
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 567ae377640ad91fd6c6189602ce8fc8dbd9eae9559ac31b2714258bf3858b14

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DgYJnki9_b5hq2z3KrWU531yMbP_i06e
Content-Encoding: gzip
ETag: "8d3842e3d233c20e9de259de8d61e98b"
x-amz-request-id: 53E86A2D2D63AE0E
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1473
x-amz-id-2: Pr2/nmcMvCiE8WDtHgMiDuW8iJWhd8HjtC0Jkh4YCY6PqW5g7KrqYT3HCWtSi6WZ+eg3yomm7RQ=
Last-Modified: Tue, 08 Dec 2020 23:26:07 GMT
Server: AmazonS3
Date: Fri, 09 Apr 2021 08:04:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *
date: Fri, 09 Apr 2021 08:04:59 GMT
x-segment-eid: U5JGCVQXHRHTLJT4I5C5BK
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF/U5JGCVQXHRHTLJT4I5C5BK.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: Visitors to Unsegmented Pages
x-pixel-eid: 6QXKPUIFG5HKJIN3JJEOCF
x-segment-name: *
x-advertisable-eid: IZKONPD7LJBD3HTMRIT576
content-length: 0
x-conversion-currency

GET
H2 200 1615392718_6048efceea6c6-thumb.jpg
cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/392/ 322 KB
323 KB 23ms
23ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/392/1615392718_6048efceea6c6-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36a51100566885e0ff326fb4ffb9aa44add1a5a8a38528c9b15d42889404795

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: HIT
age: 63422
x-cache-key: _src49119bd82761516d9051b1a132f72747_par23e48250a6ee445908dfc16354adc1d4.jpeg
cf-polished: origSize=334388, status=webp_bigger
content-disposition: inline; filename="1615392718_6048efceea6c6-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 330109
cf-request-id: 095742c58600004e5cec3ff000000001
last-modified: Wed, 10 Mar 2021 16:10:57 GMT
server: cloudflare
etag: "e6654618ddfba0454d20936d649061a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:59 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4f39534e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 1615393017_6048f0f91b03e-thumb.jpg
cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/393/ 301 KB
302 KB 16ms
15ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/393/1615393017_6048f0f91b03e-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2abe129656245b41b12925df9f7ee2acb094debbcc0857a0c238e87fe1fc4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: HIT
age: 63421
x-cache-key: _src2341cec90a9213464106215957f36153_par23e48250a6ee445908dfc16354adc1d4.jpeg
cf-polished: origSize=312269, status=webp_bigger
content-disposition: inline; filename="1615393017_6048f0f91b03e-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 308711
cf-request-id: 095742c5aa00004e5cf12f2000000001
last-modified: Wed, 10 Mar 2021 16:15:26 GMT
server: cloudflare
etag: "c447ca2fcd0c1e82d59ddf8c93203c97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:59 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4f79974e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 1615556066_604b6de275230-thumb.jpg
cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/556/ 238 KB
238 KB 18ms
18ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/556/1615556066_604b6de275230-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27e66c3a895f819d8a0a45a26260a3280bd8b09a1aaf9c309fc5436c2916336e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: HIT
age: 63420
x-cache-key: _src8381ac8fe4bc255fb1823dbe05a9e9ad_par23e48250a6ee445908dfc16354adc1d4.jpeg
cf-polished: origSize=245593, status=webp_bigger
content-disposition: inline; filename="1615556066_604b6de275230-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 243394
cf-request-id: 095742c5bf00004e5c0018b000000001
last-modified: Fri, 12 Mar 2021 13:32:41 GMT
server: cloudflare
etag: "89bc549888a7e7a0386f948aa6b3185c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:59 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4f99c84e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 1615476310_604a36564afae-thumb.jpg
cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/476/ 133 KB
133 KB 14ms
13ms Image
image/webp 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/476/1615476310_604a36564afae-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b921b1dc45ffca0ebc8130f29b78c4f6a465952e284c5e8f4d0a65826de4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: HIT
age: 63418
x-cache-key: _src04a48e3bd1509f020c34c94570da856c_par23e48250a6ee445908dfc16354adc1d4.jpeg
cf-polished: qual=85, origFmt=jpeg, origSize=150176
content-disposition: inline; filename="1615476310_604a36564afae-thumb.webp"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 136174
cf-request-id: 095742c5da00004e5c03275000000001
last-modified: Thu, 11 Mar 2021 15:23:27 GMT
server: cloudflare
etag: "bdbf5273be714d47839bb0523a2e0821"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:59 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4fca104e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 1615564632_604b8f5895704-thumb.jpg
cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/564/ 266 KB
267 KB 21ms
21ms Image
image/jpeg 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.galaxy.tf/thumb/sizeW1920/uploads/2s/cms_image/001/615/564/1615564632_604b8f5895704-thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aafb8ece4b3654bb8d1e77170c748226dfe9c5b30c89b68c4b5c8d86b1795f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cf-cache-status: HIT
age: 63416
x-cache-key: _src9d3bbbfb4ca40083399e89f259bd1fd9_par23e48250a6ee445908dfc16354adc1d4.jpeg
cf-polished: origSize=277252, status=webp_bigger
content-disposition: inline; filename="1615564632_604b8f5895704-thumb.jpg"
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 272835
cf-request-id: 095742c5f200004e5c860c8000000001
last-modified: Fri, 12 Mar 2021 15:56:12 GMT
server: cloudflare
etag: "7f26f74ecba615ef5d47ee77d96657a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Apr 2022 08:04:59 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63d23a4fea654e5c-FRA
x-local-cache: HIT
cf-bgj: imgq:85,h2pri

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d.adroll.com
URL: https://d.adroll.com/pixel/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&xid_ch=f&pv=53108767805.56251&cookie=&adroll_s_ref=&keyw=&adroll_external_data=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23784
x-fb-rlafr: 0
pragma: public
x-fb-debug: MZaAqJD8MyxjslHqpVWqD06fx17mmBeDjv37e+LNx3mWV4zoJivZE+1tbsIzl2r0ss1OhrMFZHxFaQlwC3dnog==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Fri, 09 Apr 2021 08:04:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 10 KB
3 KB 36ms
36ms Script
application/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/IZKONPD7LJBD3HTMRIT576/6QXKPUIFG5HKJIN3JJEOCF?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&xid_ch=f&pv=53108767805.56251&cookie=&adroll_s_ref=&keyw=&adroll_external_data=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 307c2a5d0a00ca427b1a6a340d6fd599d67cb16d778af54da036a1fb49a927de

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: S0hM2DnHLqttsmgTY3KhppHqPFjDjPfu
Content-Encoding: gzip
ETag: "e1db937a3e03e90dbb44618608c2c178"
x-amz-request-id: CQ31P3EMX644T485
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2274
x-amz-id-2: 7ehumLKuUWQ8mkxv7xO3fT/41mJ0kJgZm5Wg99qbhKm1z+KhTTPN7XbRx36KgzQCwZFQYv3Cx24=
Last-Modified: Mon, 29 Mar 2021 20:44:30 GMT
Server: AmazonS3
Date: Fri, 09 Apr 2021 08:04:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
444 B

21ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_...
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg

43 B
345 B

30ms
30ms

Image
image/gif

3.120.52.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-76.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg
date: Fri, 09 Apr 2021 08:04:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_...
https://ib.adnxs.com/setuid?entity=172&code=NTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg

43 B
1 KB

31ms
31ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Apr 2021 08:04:59 GMT
X-Proxy-Origin: 196.240.57.188; 196.240.57.188; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: 30f91a45-7fed-4116-a36c-36bb91702b41
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 09 Apr 2021 08:04:59 GMT
X-Proxy-Origin: 196.240.57.188; 196.240.57.188; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid: ca625650-0c58-4a89-ad71-fea35d2809b8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTE3YTA2ODkzYjBjYjQ1NjRjOGRmZjFmMjljZGVmMTg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 53ms
51ms Image
image/gif 3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&xid_ch=f&advertisable=IZKONPD7LJBD3HTMRIT576
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=517a06893b0cb4564c8dff1f29cdef18
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=517a06893b0cb4564c8dff1f29cdef18

43 B
180 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=517a06893b0cb4564c8dff1f29cdef18
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
via: 1.1 google
server: OXGW/16.205.50
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=517a06893b0cb4564c8dff1f29cdef18
date: Fri, 09 Apr 2021 08:04:59 GMT
via: 1.1 google
server: OXGW/16.205.50
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=af29649cbe7ab9400089ba6311ff4717-1617955499378&arrfrr=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=UXoGiTsMtFZMjf8fKc3vGA
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=UXoGiTsMtFZMjf8fKc3vGA&google_tc=
https://d.adroll.com/cm/g/in

42 B
538 B

46ms
46ms

Image
image/gif

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Fri, 09 Apr 2021 08:04:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2030119737109087 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 71ms
71ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2030119737109087?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a87efa386f3ea7a7dd4db33809d8d17d29e37b921b41d9dc78512859392c8a2f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 5FKvruzuIJk1qzEf5myta9sCsVNRWw9srHvHCykzs1y7WExX9dIxkxLIvboMjcajYdUPQZl7VUsyX0JcED95gg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 09 Apr 2021 08:04:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 9ms
9ms Image
image/gif 2a03:2880:f13f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2030119737109087&ev=PageView&dl=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&rl=&if=false&ts=1617955499914&cd[segment_eid]=U5JGCVQXHRHTLJT4I5C5BK&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=29&fbp=fb.2.1617955499912.247035939&it=1617955499733&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:04:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 09 Apr 2021 08:04:59 GMT

GET
H2 200 ajax-loader.gif
www.tcgms.net/scripts/responsive/images/ Frame 4918 6 KB
6 KB 162ms
162ms Image
image/gif 23.45.237.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcgms.net/scripts/responsive/images/ajax-loader.gif

Requested by

Host: www.tcgms.net
URL: https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.theme.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.237.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-237-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:05:01 GMT
last-modified: Mon, 23 Nov 2015 20:11:52 GMT
server: Apache
etag: "1862-5253ad5fcd200"
content-type: image/gif
cache-control: max-age=300
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6242
expires: Fri, 09 Apr 2021 08:10:01 GMT

GET
DATA 200
OK truncated
/ Frame 4918 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 collect Show response
www.clarity.ms/scus/ 7 B
220 B 129ms
129ms XHR
text/plain 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/scus/collect
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 09 Apr 2021 08:05:01 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.sandmansignature.co.uk
access-control-allow-credentials: true
x-azure-ref: 0rgpwYAAAAAC0Jo5oqd3sS4bZVDhnxWOoTE9OMjFFREdFMTUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
content-length: 11
request-context: appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f

POST
H2 200 collect Show response
www.clarity.ms/scus/ 7 B
165 B 216ms
155ms XHR
text/plain 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/scus/collect
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 09 Apr 2021 08:05:05 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.sandmansignature.co.uk
access-control-allow-credentials: true
x-azure-ref: 0sQpwYAAAAABcYwkH+aoZQqAjdYK37acuTE9OMjFFREdFMTUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
request-context: appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f

POST
H2 200 collect Show response
www.clarity.ms/scus/ 7 B
157 B 129ms
129ms XHR
text/plain 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/scus/collect
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 09 Apr 2021 08:05:08 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.sandmansignature.co.uk
access-control-allow-credentials: true
x-azure-ref: 0tApwYAAAAAAlOGWJuSQLTKX52TGLRyqiTE9OMjFFREdFMTUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
content-length: 11
request-context: appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f

POST
H2 200 collect Show response
www.clarity.ms/scus/ 7 B
165 B 130ms
129ms XHR
text/plain 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/scus/collect
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 09 Apr 2021 08:05:11 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.sandmansignature.co.uk
access-control-allow-credentials: true
x-azure-ref: 0uApwYAAAAAAqj7lzuWJcTpv2FCYUQ4RyTE9OMjFFREdFMTUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
request-context: appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f

POST
H2 200 collect Show response
www.clarity.ms/scus/ 7 B
157 B 129ms
129ms XHR
text/plain 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/scus/collect
Requested by: Host: www.sandmansignature.co.uk
URL: https://www.sandmansignature.co.uk/integration/tc-theme/public/js/bundle.js?vf776f58443e10c84781d995aedde7f87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://www.sandmansignature.co.uk/?utm_medium=email&utm_source=Welcome+Email&utm_campaign=RSVP+Set+Password+Email&pl=42fn28c30b2af28a2a32b92dt28e2fx2cf28m00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 09 Apr 2021 08:05:15 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.sandmansignature.co.uk
access-control-allow-credentials: true
x-azure-ref: 0uwpwYAAAAADL9OmXzUJlQIRgxNB/KGHETE9OMjFFREdFMTUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
request-context: appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sandmansignature.co.uk/	1970-01-19 19:35:31	Name: _fbp Value: fb.2.1617955499912.247035939
.www.sandmansignature.co.uk/	1970-01-20 02:11:31	Name: __ar_v4 Value: %7CIZKONPD7LJBD3HTMRIT576%3A20210409%3A1%7C6QXKPUIFG5HKJIN3JJEOCF%3A20210409%3A1%7CU5JGCVQXHRHTLJT4I5C5BK%3A20210409%3A1
.www.sandmansignature.co.uk/	1970-01-20 02:11:53	Name: __adroll_fpc Value: af29649cbe7ab9400089ba6311ff4717-1617955499378
.sandmansignature.co.uk/	1970-01-20 02:11:31	Name: datadome Value: 9Y9FE-9O3Ai3WX0-i12J73xa8kXKGrDs-LxvTnp1xU9siNIGZmHLSxKFd9CyoY.8aS5UL4060Ggrg4WvRwTSokk2mttpj_mTUIPrPcMg8N
tcgms.net/	1970-01-19 18:09:07	Name: 8670820235074 Value: 26a1d1097909
.sandmansignature.co.uk/	1970-01-20 02:50:24	Name: __qca Value: P0-415915465-1617955499260
.sandmansignature.co.uk/	1970-01-19 17:25:55	Name: _gat_tc_client_roll_up Value: 1
.sandmansignature.co.uk/	1970-01-19 17:25:55	Name: _gat_tc_client Value: 1
.sandmansignature.co.uk/	1970-01-19 17:25:55	Name: _gat_UA-162681275-3 Value: 1
.sandmansignature.co.uk/	1970-01-19 17:27:21	Name: _gid Value: GA1.3.1367240296.1617955499
.sandmansignature.co.uk/	1970-01-20 10:57:07	Name: _ga Value: GA1.3.1385161079.1617955499
.sandmansignature.co.uk/	1970-01-19 17:25:55	Name: _gat_tct Value: 1
.www.sandmansignature.co.uk/	1970-01-19 18:09:07	Name: __cfduid Value: d8c2d698ff89a303609fc04aeebeb793e1617955498
www.sandmansignature.co.uk/	1969-12-31 23:59:59	Name: __tcet Value: 1617955498
www.sandmansignature.co.uk/	1970-01-20 02:11:31	Name: _clck Value: 1t9siv1
.sandmansignature.co.uk/	1970-01-19 19:35:31	Name: _gcl_au Value: 1.1.105408482.1617955499
.www.sandmansignature.co.uk/	1970-01-19 17:25:57	Name: __cf_bm Value: 39537fc45b0d649d8c3965d286c1980d858f96f9-1617955499-1800-Aa6wVM6QPqiFUndKuapltlkrY6jZy17ubfnfxc6x8aiVxwdrL+GmiyKcjMLulmipr9/y9BHm6RLyNbBjrx+m0/rRpVGnnmouOA1Qmrd58vCV9r4fm+rl8FS+9wQVUkvbjSW8n7osyt7owa4t0wL9qpk=

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: URL https://dynamic.travelclick-websolutions.com/list/3775
console-api	log	(Line 1) Message: URL https://api-js.datadome.co/js/
console-api	log	(Line 1) Message: URL /cdn-cgi/bm/cv/result?req_id=63d23a48fabcdfcb
console-api	log	(Line 1) Message: URL https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=1722606026&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&ul=en-us&de=UTF-8&dt=Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%2C%20Aberdeen%20%26%20Newcastle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEALAAAAAC~&jid=2029838213&gjid=1643202814&cid=1385161079.1617955499&tid=UA-25327496-1&_gid=1367240296.1617955499&_r=1&gtm=2wg3v05HXZ8R5&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd16=no&cd19=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&z=1491382375
console-api	log	(Line 1) Message: URL https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=1722606026&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&ul=en-us&de=UTF-8&dt=Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%2C%20Aberdeen%20%26%20Newcastle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEALBAAAAC~&jid=724931435&gjid=1078642948&cid=1385161079.1617955499&tid=UA-193985224-1&_gid=1367240296.1617955499&_r=1&gtm=2wg3v05HXZ8R5&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd16=no&cd19=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&z=474793467
console-api	log	(Line 1) Message: URL https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=1722606026&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&ul=en-us&de=UTF-8&dt=Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%2C%20Aberdeen%20%26%20Newcastle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEALBAAAAC~&jid=722558897&gjid=1440948015&cid=1385161079.1617955499&tid=UA-162681275-1&_gid=1367240296.1617955499&_r=1&gtm=2wg3v0TL2MM4B&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cg1=web&cg2=not_applicable&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&cd39=not_applicable&cd40=sandmansignature.co.uk&cd41=GTM-TL2MM4B&cd42=20&z=700103715
console-api	log	(Line 1) Message: URL https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=1722606026&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&ul=en-us&de=UTF-8&dt=Sandman%20Signature%20Hotels%20UK%20%7C%20London%20Gatwick%2C%20Aberdeen%20%26%20Newcastle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=errors%20tracking&ea=datalayer%20tool%20error%3A%20TypeError%3A%20Cannot%20read%20property%20'tc_1100262'%20of%20null&el=www.sandmansignature.co.uk&_u=aGDACEALBAAAAC~&jid=336398464&gjid=906770354&cid=1385161079.1617955499&tid=UA-162681275-3&_gid=1367240296.1617955499&_r=1&gtm=2wg3v0TL2MM4B&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cg1=web&cg2=not_applicable&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.sandmansignature.co.uk%2F%3Futm_medium%3Demail%26utm_source%3DWelcome%2BEmail%26utm_campaign%3DRSVP%2BSet%2BPassword%2BEmail%26pl%3D42fn28c30b2af28a2a32b92dt28e2fx2cf28m00&cd39=not_applicable&cd40=sandmansignature.co.uk&cd41=GTM-TL2MM4B&cd42=20&z=1966800115
console-api	log	(Line 1) Message: URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-25327496-1&cid=1385161079.1617955499&jid=2029838213&gjid=1643202814&_gid=1367240296.1617955499&_u=aGBAAEAKAAAAAC~&z=783384943
console-api	log	(Line 1) Message: URL https://www.clarity.ms/scus/collect
console-api	log	(Line 1) Message: URL https://www.clarity.ms/scus/collect
console-api	log	(Line 1) Message: URL https://www.clarity.ms/scus/collect
console-api	log	(Line 1) Message: URL https://www.clarity.ms/scus/collect
console-api	log	(Line 1) Message: URL https://www.clarity.ms/scus/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
api-js.datadome.co
c.bing.com
c.clarity.ms
cdn.galaxy.tf
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
dynamic.travelclick-websolutions.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
js.datadome.co
pixel.quantserve.com
rules.quantcount.com
s.adroll.com
secure.quantserve.com
stats.g.doubleclick.net
tcgms.net
us-u.openx.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.sandmansignature.co.uk
www.tcgms.net
x.bidswitch.net
142.250.185.162
18.157.207.8
185.33.221.50
195.244.31.25
2.18.233.40
23.45.237.73
23.79.156.95
2600:9000:2093:3600:6:44e3:f8c0:93a1
2606:4700::6810:125e
2606:4700::6811:b764
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:29::19
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:400c:c1b::9a
2a03:2880:f03f:1c:face:b00c:0:3
2a03:2880:f13f:83:face:b00c:0:25de
3.120.52.76
3.248.28.111
34.98.64.218
52.142.114.2
52.222.179.72
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07a99c6a70bd3d0a07b80c73bcbd49a039b9fb1ba6cd107ff9d47c6c324405b6
0aafb8ece4b3654bb8d1e77170c748226dfe9c5b30c89b68c4b5c8d86b1795f7
0cf00b50a8f674e7a7f7ccae376f0f3fa6d623d690b3ea95c790a76f631a15d7
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13b3262bd17b82af659ff836fc4879b17ea9d597447f1eb1fd294dfcb036e110
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
235811eea35afea6661df621dcd80615b44d0abf0f4e30141bcb062c3edcecea
248ea9a5eb1327df2a59fdaa13d7164b0db3b745b8410156938a9d40bdb2c890
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
27ccb40d23832df0cfa2c30637ee81fac758128d0397367e075072889cb15206
27e66c3a895f819d8a0a45a26260a3280bd8b09a1aaf9c309fc5436c2916336e
291e4ceacea80004276a4500a661d05acd5912b405fb13a2fe5fa6fc4c676eee
2c123021b125ae37f774e395c7d38bf743fdddd14470c8d850e4dec114b0c5f6
2d5f55af6b26f54540a0b432dd6f4fbda74ac3391ce1c81c2da35b0eee52356e
2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc
307c2a5d0a00ca427b1a6a340d6fd599d67cb16d778af54da036a1fb49a927de
30d763110f2d094cfb493e86c382fa1ae28d21dc9197c6bdc18f2bc8b204b109
35703e608d556e81fcc6dce7d5a4cf45fa58fdf37644905e4fd24c4864daa06b
3d3100957260dcaf25908b89b326587909277e861bb191d80e08759a2ca3c8ec
3d5c31a7e56cfc12b784ae9f7d946c74b9f0e301032ddc6b786a83c3be2773db
4018d80284d0b380e6f0187eea93cd2006c976d7990a9a59234bbb3f7e4d48a3
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
4a100b32642d43a738a9ed093575bd7347c139ad4191d39bff7a3afcc54dbefe
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
567ae377640ad91fd6c6189602ce8fc8dbd9eae9559ac31b2714258bf3858b14
5878bb1293bbc0f432ed4bcd088535a6798639ff38ecbb8a7aa0278458dd404f
5d9351d0e6e40b7262313121fd85208a2ab0743f056ab341a68f3469032519db
601ecef6383d02e04903fdf3dd7cfdd968fb09973e39f74b583eb7b9773e8f0e
64c7b73c05a8dc3b0970bcc21e23b9c432ed51a8794de0aa1c35d7d7a4b13dac
673efe84b8988e98907bfd58af22ba16785dfb1e25112482a7eff7c0ef25234c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c661089dddb9797c4617a25a50e392b2c04d3e25911d476e1d55a28e1559fe0
77db1e92623f53f39a92474ff79429f547485f839dc0b30bc33a5f65ce880da8
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b5612d7c778080a41977a29f98f320cc045cdf88332bd62cbc31bf11011574
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
88b0ad1a3372815110b5081811bc96fe1b530f14776634d7e9e93848a2e339e2
8964e438a1f1a01489df821e32816d1651550b39b55b783ad7f5d85e43c6247b
90c6c752faaf8d96e0df6fb0962a7d5f9ea85ebdea2cdf2e0e89374c2dc8ba3b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a04de90c885ff3a5779df40287d86a056c73d0c3c1b34d9f4e36be1d3454fc6b
a06428ba01c0ceafa7d68c9c6cf720ae3543831c878ca0c66dc38ad74eb5c74b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc
a4b921b1dc45ffca0ebc8130f29b78c4f6a465952e284c5e8f4d0a65826de4bb
a7a33832989b49df2a855271593bfe8f93985927795af8ceb39dfd10a9a02178
a87efa386f3ea7a7dd4db33809d8d17d29e37b921b41d9dc78512859392c8a2f
a8bd2ffb1e86cd8ab362d0c57f12860bc2b35b243d9f9a9ed63b663ca2ae82ca
a981baa97adfe185f2ad887c5a23de05814462e4a0975e5a8b95e14521d87f31
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa2abe129656245b41b12925df9f7ee2acb094debbcc0857a0c238e87fe1fc4b
ad276a9b384daf069f7458062d26b31838d009086e6b3a5e0c69a5682063239c
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9bac9b186086d62442dc94c73c202953222836b6006e4cff8d6ae5de8643f0b
bbd81f41feacfd98a9a850e25e5f8942bd34ae8e7bb2b61e98eebdfbea96b0f4
bdba32ddd84343fd3c815649d51f768724798d2db35df5c747fe4303a9d374b2
c1f78372fef6004ba25f660c5e2a8377c7e057e1386281df289973abb4cebabf
c472ac9df5c62f8fc85276f3c9e22195e2414c9f120375224e4cdda6d57fd5f6
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c67c359df655ef58c9f2f46fc1eb52f46525670356b6e0e3b5a1cfc4f787e192
ca026e09ea3fea4eb37cb8542e915798bd8c712fd02c38c80ecae3ce7ff03061
cf055b47be3428c71d97ef86af271850bba4ef48d125ad610954f29fbeab8d79
d14a1b9791657bcd13c89ddc2d2bfcddc5491c377ebf7b4ef6a86c5b89eb18c7
d62fe4f55e0a07b095bc8c5f4a54223e3ee76bc00b3f0d40d2e438b5acd1508f
d8be313c366ab8bc751ba26c7089c9aeeb1685411f3c4ebe77e6168c4455a637
d9df7390a8de3e0efdfd8b0c0fcf93d51e5138cadae95230950084f9fb984903
da822d470ab8c265535b251210d0eab8f11fa9eff462829df942f520378368e0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff41f45bf1410d70bbaa825268ce556be0a4c1eb3c293600971e60e565a218b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e835997d8afeee9b54a3271a0c7276e4cc46e25fb0bac86da01c5a9790ea93a6
eb7f2f36f454d16ed5867900d44adc9d38c64e38a49fb40481e08f748db97abb
ecfec6edd361b81190425a403385fb537c339984464c26413437ef7dc551a0a3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36a51100566885e0ff326fb4ffb9aa44add1a5a8a38528c9b15d42889404795
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
ffc992202755637f8b6d51b4f61d30e3b47fc797403d923a9cd618a47c6ca184

www.sandmansignature.co.uk Open in urlscan Pro 2606:4700::6811:b764 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

100 %HTTPS

57 %IPv6

25 Domains

31 Subdomains

27 IPs

6 Countries

4020 kBTransfer

7430 kBSize

17 Cookies

10 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sandmansignature.co.uk Open in urlscan Pro
2606:4700::6811:b764 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

100 %
HTTPS

57 %
IPv6

25
Domains

31
Subdomains

27
IPs

6
Countries

4020 kB
Transfer

7430 kB
Size

17
Cookies

96 HTTP transactions
2 data transactions